Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":June 15, 2026, 10 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
254691 4.3 警告 SAP - SAP Netweaver の Virus Scan Interface におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2011-4707 2011-12-13 14:50 2011-12-8 Show GitHub Exploit DB Packet Storm
254692 5 警告 Igor Sysoev - nginx におけるヒープベースのバッファオーバーフローの脆弱性 CWE-119
バッファエラー 		CVE-2011-4315 2011-12-13 14:49 2011-11-15 Show GitHub Exploit DB Packet Storm
254693 7.5 危険 Mambo Foundation - Mambo CMS の administrator/index2.php における SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2011-2917 2011-12-13 14:41 2011-12-8 Show GitHub Exploit DB Packet Storm
254694 6.8 警告 MIT Kerberos - MIT Kerberos の process_tgs_req 関数におけるサービス運用妨害 (DoS) の脆弱性 CWE-399
リソース管理の問題 		CVE-2011-1530 2011-12-13 14:40 2011-12-6 Show GitHub Exploit DB Packet Storm
254695 6.4 警告 BlackBerry - BlackBerry Administration API におけるテキストファイルを読まれる脆弱性 CWE-noinfo
情報不足 		CVE-2011-0287 2011-12-13 14:35 2011-07-12 Show GitHub Exploit DB Packet Storm
254696 6.4 警告 Widelands - Widelands におけるパストラバーサル攻撃を誘発される脆弱性 CWE-22
パス・トラバーサル 		CVE-2011-4675 2011-12-12 18:21 2011-12-5 Show GitHub Exploit DB Packet Storm
254697 5 警告 One Click Orgs - One Click Orgs のパスワードリセット機能におけるユーザアカウントを列挙される脆弱性 CWE-255
証明書・パスワード管理 		CVE-2011-4678 2011-12-12 18:19 2011-12-6 Show GitHub Exploit DB Packet Storm
254698 4 警告 One Click Orgs - One Click Orgs におけるサービス運用妨害 (ログイン障害) の脆弱性 CWE-255
証明書・パスワード管理 		CVE-2011-4555 2011-12-12 18:18 2011-12-6 Show GitHub Exploit DB Packet Storm
254699 5.5 警告 One Click Orgs - One Click Orgs における巧妙に細工された SMTP トラフィックを誘発する脆弱性 CWE-20
不適切な入力確認 		CVE-2011-4554 2011-12-12 18:15 2011-12-6 Show GitHub Exploit DB Packet Storm
254700 6.9 警告 Celery - Celery における権限を取得される脆弱性 CWE-264
認可・権限・アクセス制御 		CVE-2011-4356 2011-12-12 18:14 2011-12-5 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:June 15, 2026, 4:10 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
246351 9.8 CRITICAL
Network 		western_digital my_cloud_wdbctl0020hwt_firmware
my_cloud_pr4100
my_cloud_pr2100_firmware
my_cloud_mirror_gen_2_firmware
my_cloud_mirror_firmware
my_cloud_ex4100
my_cloud_ex4_firmware
my_cloud_ex… 		It was discovered that the Western Digital My Cloud device before 2.30.196 is affected by an authentication bypass vulnerability. An unauthenticated attacker can exploit this vulnerability to authent… CWE-287
Improper Authentication 		CVE-2018-17153 2024-11-21 12:53 2018-09-19 Show GitHub Exploit DB Packet Storm
246352 6.1 MEDIUM
Network 		oracle webcenter_interaction The login function of Oracle WebCenter Interaction Portal 10.3.3 is vulnerable to reflected cross-site scripting (XSS). The content of the in_hi_redirect parameter, when prefixed with the https:// sc… CWE-79
Cross-site Scripting 		CVE-2018-16955 2024-11-21 12:53 2018-09-18 Show GitHub Exploit DB Packet Storm
246353 6.1 MEDIUM
Network 		oracle webcenter_interaction An issue was discovered in Oracle WebCenter Interaction Portal 10.3.3. The login function of the portal is vulnerable to insecure redirection (also called an open redirect). The in_hi_redirect parame… CWE-601
Open Redirect 		CVE-2018-16954 2024-11-21 12:53 2018-09-18 Show GitHub Exploit DB Packet Storm
246354 6.1 MEDIUM
Network 		oracle webcenter_interaction The AjaxView::DisplayResponse() function of the portalpages.dll assembly in Oracle WebCenter Interaction Portal 10.3.3 is vulnerable to reflected cross-site scripting (XSS). User input from the name … CWE-79
Cross-site Scripting 		CVE-2018-16953 2024-11-21 12:53 2018-09-18 Show GitHub Exploit DB Packet Storm
246355 5.3 MEDIUM
Network 		oracle webcenter_interaction An issue was discovered in Oracle WebCenter Interaction Portal 10.3.3. The portal component is delivered with an insecure default User Profile community configuration that allows anonymous users to r… CWE-200
Information Exposure 		CVE-2018-16959 2024-11-21 12:53 2018-09-18 Show GitHub Exploit DB Packet Storm
246356 5.4 MEDIUM
Network 		oracle webcenter_interaction An issue was discovered in Oracle WebCenter Interaction Portal 10.3.3. The ASP.NET_SessionID primary session cookie, when Internet Information Services (IIS) with ASP.NET is used, is not protected wi… CWE-732
 Incorrect Permission Assignment for Critical Resource 		CVE-2018-16958 2024-11-21 12:53 2018-09-18 Show GitHub Exploit DB Packet Storm
246357 9.8 CRITICAL
Network 		oracle webcenter_interaction The Oracle WebCenter Interaction 10.3.3 search service queryd.exe binary is compiled with the i1g2s3c4 hardcoded password. Authentication to the Oracle WCI search service uses this hardcoded password… CWE-798
 Use of Hard-coded Credentials 		CVE-2018-16957 2024-11-21 12:53 2018-09-18 Show GitHub Exploit DB Packet Storm
246358 6.5 MEDIUM
Network 		oracle webcenter_interaction The AjaxControl component of Oracle WebCenter Interaction Portal 10.3.3 does not validate the names of pages when processing page rename requests. Pages can be renamed to include characters unsupport… CWE-20
 Improper Input Validation  		CVE-2018-16956 2024-11-21 12:53 2018-09-18 Show GitHub Exploit DB Packet Storm
246359 8.8 HIGH
Network 		oracle webcenter_interaction The Oracle WebCenter Interaction Portal 10.3.3 does not implement protection against Cross-site Request Forgery in its design. The impact is sensitive actions in the portal (such as changing a portal… CWE-352
 Origin Validation Error 		CVE-2018-16952 2024-11-21 12:53 2018-09-18 Show GitHub Exploit DB Packet Storm
246360 7.5 HIGH
Network 		golang
fedoraproject 		net
fedora 		The html package (aka x/net/html) through 2018-09-17 in Go mishandles <template><tBody><isindex/action=0>, leading to a "panic: runtime error" in inBodyIM in parse.go during an html.Parse call. CWE-119
Incorrect Access of Indexable Resource ('Range Error')  		CVE-2018-17143 2024-11-21 12:53 2018-09-17 Show GitHub Exploit DB Packet Storm