Vulnerability Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":June 15, 2026, 4:01 p.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
255101	6.8	警告	Zenprise Inc.	-	Zenprise Device Manager にクロスサイトリクエストフォージェリの脆弱性	CWE-352 同一生成元ポリシー違反	CVE-2011-4498	2011-11-28 14:56	2011-11-21	Show	GitHub Exploit DB Packet Storm

255102	7.5	危険	アップル	-	Apple iTunes における脆弱性に対するアップデート	CWE-94 コード・インジェクション	CVE-2008-3434	2011-11-28 14:56	2011-11-15	Show	GitHub Exploit DB Packet Storm

255103	7.5	危険	アップル	-	Apple Time Capsule および AirPort Base Station (802.11n) における複数の脆弱性に対するアップデート	CWE-20 不適切な入力確認	CVE-2011-0997	2011-11-28 14:52	2011-11-11	Show	GitHub Exploit DB Packet Storm

255104	9.3	危険	Aviosoft	-	Aviosoft DTV Player にバッファオーバーフローの脆弱性	CWE-119 バッファエラー	CVE-2011-4496	2011-11-28 14:49	2011-10-11	Show	GitHub Exploit DB Packet Storm

255105	5	警告	デル	-	Dell KACE K2000 System Deployment Appliance に不正ログイン可能な脆弱性	CWE-310 暗号の問題	CVE-2011-4046	2011-11-28 14:49	2011-11-9	Show	GitHub Exploit DB Packet Storm

255106	4.3	警告	デル	-	Dell KACE K2000 System Deployment Appliance に情報漏えいの脆弱性	CWE-255 証明書・パスワード管理	CVE-2011-4048	2011-11-28 14:48	2011-11-9	Show	GitHub Exploit DB Packet Storm

255107	3.5	注意	デル	-	Dell KACE K2000 System Deployment Appliance にクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2011-4436	2011-11-28 14:47	2011-11-9	Show	GitHub Exploit DB Packet Storm

255108	9.3	危険	デル	-	Dell KACE K2000 System Deployment Appliance にコマンドインジェクションの脆弱性	CWE-94 コード・インジェクション	CVE-2011-4047	2011-11-28 14:46	2011-11-9	Show	GitHub Exploit DB Packet Storm

255109	10	危険	Google サムスン日本エイサー	-	Chromebook プラットフォームで稼働する Google Chrome における詳細不明な脆弱性	CWE-noinfo 情報不足	CVE-2011-4548	2011-11-28 10:32	2011-11-22	Show	GitHub Exploit DB Packet Storm

255110	9.3	危険	リアルネットワークス	-	RealNetworks RealPlayer における任意のコードを実行される脆弱性	CWE-noinfo 情報不足	CVE-2011-4262	2011-11-28 10:30	2011-11-18	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:June 15, 2026, 4:10 a.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
246341	7.5	HIGH Network	bitcoinknots bitcoin	bitcoin_knots bitcoin_core	Bitcoin Core 0.14.x before 0.14.3, 0.15.x before 0.15.2, and 0.16.x before 0.16.3 and Bitcoin Knots 0.14.x through 0.16.x before 0.16.3 allow a remote denial of service (application crash) exploitabl…	NVD-CWE-noinfo	CVE-2018-17144	2024-11-21 12:53	2018-09-19	Show	GitHub Exploit DB Packet Storm

246342	9.8	CRITICAL Network	coinlancer	coinlancer	The onlyOwner modifier of a smart contract implementation for Coinlancer (CL), an Ethereum ERC20 token, has a potential access control vulnerability. All contract users can access functions that use …	NVD-CWE-noinfo	CVE-2018-17111	2024-11-21 12:53	2018-09-19	Show	GitHub Exploit DB Packet Storm

246343	7.5	HIGH Network	lucky9	lucky9io	The fallback function of a simple lottery smart contract implementation for Lucky9io, an Ethereum gambling game, generates a random value with the publicly readable variable entry_number. This variab…	CWE-338 Use of Cryptographically Weak Pseudo-Random Number Generator (PRNG)	CVE-2018-17071	2024-11-21 12:53	2018-09-19	Show	GitHub Exploit DB Packet Storm

246344	7.5	HIGH Network	monstra	monstra	admin/index.php in Monstra CMS 3.0.4 allows arbitrary directory listing via id=filesmanager&path=uploads/.......//./.......//./ requests.	CWE-22 Path Traversal	CVE-2018-16820	2024-11-21 12:53	2018-09-19	Show	GitHub Exploit DB Packet Storm

246345	4.9	MEDIUM Network	monstra	monstra	admin/index.php in Monstra CMS 3.0.4 allows arbitrary file deletion via id=filesmanager&path=uploads/.......//./.......//./&delete_file= requests.	CWE-22 Path Traversal	CVE-2018-16819	2024-11-21 12:53	2018-09-19	Show	GitHub Exploit DB Packet Storm

246346	8.6	HIGH Network	microsoft	active_directory_federation_services	Microsoft ADFS 4.0 Windows Server 2016 and previous (Active Directory Federation Services) has an SSRF vulnerability via the txtBoxEmail parameter in /adfs/ls.	CWE-918 Server-Side Request Forgery (SSRF)	CVE-2018-16794	2024-11-21 12:53	2018-09-19	Show	GitHub Exploit DB Packet Storm

246347	5.3	MEDIUM Network	circontrol	circarlife_scada	An issue was discovered in CIRCONTROL CirCarLife before 4.3. There is system software information disclosure due to lack of authentication for /html/device-id.	CWE-200 Information Exposure	CVE-2018-16671	2024-11-21 12:53	2018-09-19	Show	GitHub Exploit DB Packet Storm

246348	5.3	MEDIUM Network	circontrol	circarlife_scada	An issue was discovered in CIRCONTROL CirCarLife before 4.3. There is PLC status disclosure due to lack of authentication for /html/devstat.html.	CWE-287 Improper Authentication	CVE-2018-16670	2024-11-21 12:53	2018-09-19	Show	GitHub Exploit DB Packet Storm

246349	9.8	CRITICAL Network	circontrol	open_charge_point_protocol	An issue was discovered in CIRCONTROL Open Charge Point Protocol (OCPP) before 1.5.0, as used in CirCarLife, PowerStudio, and other products. Due to storage of credentials in XML files, an unprivileg…	CWE-522 Insufficiently Protected Credentials	CVE-2018-16669	2024-11-21 12:53	2018-09-19	Show	GitHub Exploit DB Packet Storm

246350	5.3	MEDIUM Network	circontrol	circarlife_scada	An issue was discovered in CIRCONTROL CirCarLife before 4.3. There is internal installation path disclosure due to the lack of authentication for /html/repository.	CWE-287 Improper Authentication	CVE-2018-16668	2024-11-21 12:53	2018-09-19	Show	GitHub Exploit DB Packet Storm

Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed