Vulnerability Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":June 7, 2026, 4 p.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
255001	7.8	危険	Imperva Inc.	-	Imperva SecureSphere の Web Application Firewall および Database Firewall における intrusion-prevention 機能を回避される脆弱性	CWE-noinfo 情報不足	CVE-2010-1329	2011-06-6 14:29	2010-04-5	Show	GitHub Exploit DB Packet Storm

255002	4.3	警告	Imperva Inc.	-	Imperva SecureSphere MX Management Server の management GUI におけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2008-1463	2011-06-6 14:27	2008-03-18	Show	GitHub Exploit DB Packet Storm

255003	6.5	警告	バラクーダネットワークス	-	Barracuda Spam Firewall の Account View ページ内にある index.cgi における SQL インジェクションの脆弱性	CWE-89 SQLインジェクション	CVE-2008-1094	2011-06-6 14:23	2008-12-15	Show	GitHub Exploit DB Packet Storm

255004	3.5	注意	バラクーダネットワークス	-	複数の Barracuda 製品の index.cgi におけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2008-0971	2011-06-6 14:21	2008-12-15	Show	GitHub Exploit DB Packet Storm

255005	4.3	警告	バラクーダネットワークス	-	Barracuda Spam Firewall の ldap_test.cgi におけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2008-2333	2011-06-6 14:20	2008-05-22	Show	GitHub Exploit DB Packet Storm

255006	10	危険	7-Technologies	-	7-Technologies Interactive Graphical SCADA System の logText 関数における任意のコードを実行される脆弱性	CWE-134 書式文字列の問題	CVE-2011-1568	2011-06-6 14:19	2011-04-5	Show	GitHub Exploit DB Packet Storm

255007	10	危険	サイバートラスト株式会社 Mozilla Foundation レッドハット	-	複数の Mozilla 製品のブラウザエンジンにおける任意のコードを実行される脆弱性	CWE-noinfo 情報不足	CVE-2011-0075	2011-06-6 13:56	2011-04-28	Show	GitHub Exploit DB Packet Storm

255008	5	警告	サイバートラスト株式会社 Mozilla Foundation レッドハット	-	Windows 上で稼働する複数の Mozilla 製品におけるディレクトリトラバーサルの脆弱性	CWE-22 パス・トラバーサル	CVE-2011-0071	2011-06-6 10:36	2011-04-28	Show	GitHub Exploit DB Packet Storm

255009	5	警告	サイバートラスト株式会社 Mozilla Foundation	-	Mozilla Firefox および SeaMonkey におけるフォームの入力履歴を読まれる脆弱性	CWE-20 不適切な入力確認	CVE-2011-0067	2011-06-6 10:35	2011-04-28	Show	GitHub Exploit DB Packet Storm

255010	10	危険	サイバートラスト株式会社 Mozilla Foundation レッドハット	-	Mozilla Firefox および SeaMonkey における任意のコードを実行される脆弱性	CWE-20 不適切な入力確認	CVE-2011-0073	2011-06-6 10:34	2011-04-28	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:June 7, 2026, 4:13 a.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
264301	9.8	CRITICAL Network	rocket.chat	rocket.chat	Rocket.Chat Server version 0.59 and prior is vulnerable to a NoSQL injection leading to administrator account takeover	CWE-74 Injection	CVE-2017-1000493	2024-11-21 12:04	2018-01-3	Show	GitHub Exploit DB Packet Storm

264302	6.1	MEDIUM Network	leanote	desktop	Leanote-desktop version v2.5 is vulnerable to a XSS which leads to code execution due to enabled node integration	CWE-79 Cross-site Scripting	CVE-2017-1000492	2024-11-21 12:04	2018-01-3	Show	GitHub Exploit DB Packet Storm

264303	6.1	MEDIUM Network	shiba_project	shiba	Shiba markdown live preview app version 1.1.0 is vulnerable to XSS which leads to code execution due to enabled node integration.	CWE-79 Cross-site Scripting	CVE-2017-1000491	2024-11-21 12:04	2018-01-3	Show	GitHub Exploit DB Packet Storm

264304	5.4	MEDIUM Network	invoiceninja	invoice_ninja	Invoice Ninja version 3.8.1 is vulnerable to stored cross-site scripting vulnerability, within the invoice creation page, which can result in disruption of service and execution of javascript code.	CWE-79 Cross-site Scripting	CVE-2017-1000466	2024-11-21 12:04	2018-01-3	Show	GitHub Exploit DB Packet Storm

264305	5.4	MEDIUM Network	leafpub	leafpub	Leafpub version 1.2.0-beta6 is vulnerable to stored cross-site scripting vulnerability, within the edit blog post page, which can result in disruption of service and execution of javascript code.	CWE-79 Cross-site Scripting	CVE-2017-1000463	2024-11-21 12:04	2018-01-3	Show	GitHub Exploit DB Packet Storm

264306	6.1	MEDIUM Network	leanote	leanote	Leanote version <= 2.5 is vulnerable to XSS due to not sanitized input in markdown notes	CWE-79 Cross-site Scripting	CVE-2017-1000459	2024-11-21 12:04	2018-01-3	Show	GitHub Exploit DB Packet Storm

264307	8.3	HIGH Network	openmicroscopy	omero	In OMERO 5.3.3 or earlier a user could create an OriginalFile and adjust its path such that it now points to another user's file on the underlying filesystem, then manipulate the user's data.	NVD-CWE-noinfo	CVE-2017-1000438	2024-11-21 12:04	2018-01-3	Show	GitHub Exploit DB Packet Storm

264308	9.8	CRITICAL Network	creolabs	gravity	Creolabs Gravity 1.0 contains a stack based buffer overflow in the operator_string_add function, resulting in remote code execution.	CWE-119 Incorrect Access of Indexable Resource ('Range Error')	CVE-2017-1000437	2024-11-21 12:04	2018-01-3	Show	GitHub Exploit DB Packet Storm

264309	6.1	MEDIUM Network	furikake_project	furikake	Wordpress plugin Furikake version 0.1.0 is vulnerable to an Open Redirect The furikake-redirect parameter on a page allows for a redirect to an attacker controlled page classes/Furigana.php: header('…	CWE-601 Open Redirect	CVE-2017-1000434	2024-11-21 12:04	2018-01-3	Show	GitHub Exploit DB Packet Storm

264310	8.1	HIGH Network	pysaml2_project debian	pysaml2 debian_linux	pysaml2 version 4.4.0 and older accept any password when run with python optimizations enabled. This allows attackers to log in as any user without knowing their password.	CWE-287 Improper Authentication	CVE-2017-1000433	2024-11-21 12:04	2018-01-3	Show	GitHub Exploit DB Packet Storm

Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed