Vulnerability Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":June 16, 2026, 6 p.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
255231	4.3	警告	Ruby on Rails project	-	Ruby on Rails におけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2011-4319	2011-11-29 16:26	2011-11-28	Show	GitHub Exploit DB Packet Storm

255232	4.3	警告	Combodo	-	Combodo iTop におけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2011-4275	2011-11-29 16:23	2011-11-26	Show	GitHub Exploit DB Packet Storm

255233	9.3	危険	SunPlus Electronics	-	DVR Remote ActiveX コントロールの DVRemoteAx.ax における任意のコードを実行される脆弱性	CWE-94 コード・インジェクション	CVE-2011-3828	2011-11-29 16:22	2011-11-26	Show	GitHub Exploit DB Packet Storm

255234	6.8	警告	IBM	-	IBM TS3100 および TS3200 テープ・ライブラリにおける認証を回避される脆弱性	CWE-287 不適切な認証	CVE-2011-1372	2011-11-29 16:15	2011-11-23	Show	GitHub Exploit DB Packet Storm

255235	1.9	注意	ヒューレット・パッカード IBM	-	IBM WebSphere MQ における listener プロセス強制終了の脆弱性	CWE-264 認可・権限・アクセス制御	CVE-2011-1378	2011-11-29 16:14	2011-11-26	Show	GitHub Exploit DB Packet Storm

255236	5	警告	シスコシステムズ	-	Cisco Secure Access Control System における任意のユーザのパスワードを変更される脆弱性	CWE-255 証明書・パスワード管理	CVE-2011-0951	2011-11-29 10:38	2011-03-30	Show	GitHub Exploit DB Packet Storm

255237	5	警告	シスコシステムズ	-	Cisco Network Access Control Guest Server におけるアクセス制限を回避される脆弱性	CWE-264 認可・権限・アクセス制御	CVE-2011-0963	2011-11-29 10:37	2011-03-30	Show	GitHub Exploit DB Packet Storm

255238	9.3	危険	シスコシステムズ	-	Cisco Secure Desktop における意図しないプログラムをダウンロードされる脆弱性	CWE-20 不適切な入力確認	CVE-2011-0925	2011-11-29 10:37	2011-02-28	Show	GitHub Exploit DB Packet Storm

255239	9.3	危険	シスコシステムズ	-	Cisco Secure Desktop における意図しないプログラムをダウンロードされる脆弱性	CWE-20 不適切な入力確認	CVE-2011-0926	2011-11-29 10:35	2011-02-25	Show	GitHub Exploit DB Packet Storm

255240	7.5	危険	シスコシステムズ	-	Cisco TelePresence Recording サーバにおける不特定な操作を実行される脆弱性	CWE-287 不適切な認証	CVE-2011-0392	2011-11-29 10:35	2011-02-23	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:June 16, 2026, 4:13 a.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
246201	7.5	HIGH Network	seacms	seacms	SeaCMS 6.64 and 7.2 allows remote attackers to delete arbitrary files via the filedir parameter.	CWE-22 Path Traversal	CVE-2018-17365	2024-11-21 12:54	2018-09-27	Show	GitHub Exploit DB Packet Storm

246202	8.1	HIGH Network	postman	postman	An information-disclosure issue was discovered in Postman through 6.3.0. It validates a server's X.509 certificate and presents an error if the certificate is not valid. Unfortunately, the associated…	CWE-295 Improper Certificate Validation	CVE-2018-17215	2024-11-21 12:54	2018-09-27	Show	GitHub Exploit DB Packet Storm

246203	5.4	MEDIUM Network	modx	modx_revolution	MODX Revolution v2.6.5-pl allows stored XSS via a Create New Media Source action.	CWE-79 Cross-site Scripting	CVE-2018-17556	2024-11-21 12:54	2018-09-27	Show	GitHub Exploit DB Packet Storm

246204	7.5	HIGH Network	commscope	arris_tg2492lg-na_firmware	The web component on ARRIS TG2492LG-NA 061213 devices allows remote attackers to obtain sensitive information via the /snmpGet oids parameter.	CWE-200 Information Exposure	CVE-2018-17555	2024-11-21 12:54	2018-09-27	Show	GitHub Exploit DB Packet Storm

246205	9.8	CRITICAL Network	axon	evidence_sync	Axon (formerly TASER International) Evidence Sync 3.15.89 is vulnerable to process injection. NOTE: the vendor's position is that this CVE is not associated with information that supports any finding…	NVD-CWE-noinfo	CVE-2018-17538	2024-11-21 12:54	2018-09-26	Show	GitHub Exploit DB Packet Storm

246206	7.5	HIGH Network	digium debian	asterisk certified_asterisk debian_linux	There is a stack consumption vulnerability in the res_http_websocket.so module of Asterisk through 13.23.0, 14.7.x through 14.7.7, and 15.x through 15.6.0 and Certified Asterisk through 13.21-cert2. …	CWE-400 Uncontrolled Resource Consumption	CVE-2018-17281	2024-11-21 12:54	2018-09-25	Show	GitHub Exploit DB Packet Storm

246207	6.5	MEDIUM Network	hdfgroup	hdf5	An issue was discovered in the HDF HDF5 1.10.3 library. There is a stack-based buffer overflow in the function H5S_extent_get_dims() in H5S.c. Specifically, this issue occurs while converting an HDF5…	CWE-787 Out-of-bounds Write	CVE-2018-17439	2024-11-21 12:54	2018-09-24	Show	GitHub Exploit DB Packet Storm

246208	6.5	MEDIUM Network	hdfgroup	hdf5	A SIGFPE signal is raised in the function H5D__select_io() of H5Dselect.c in the HDF HDF5 through 1.10.3 library during an attempted parse of a crafted HDF file, because of incorrect protection again…	CWE-369 Divide By Zero	CVE-2018-17438	2024-11-21 12:54	2018-09-24	Show	GitHub Exploit DB Packet Storm

246209	6.5	MEDIUM Network	hdfgroup	hdf5	Memory leak in the H5O_dtype_decode_helper() function in H5Odtype.c in the HDF HDF5 through 1.10.3 library allows attackers to cause a denial of service (memory consumption) via a crafted HDF5 file.	CWE-772 Missing Release of Resource after Effective Lifetime	CVE-2018-17437	2024-11-21 12:54	2018-09-24	Show	GitHub Exploit DB Packet Storm

246210	6.5	MEDIUM Network	hdfgroup	hdf5	ReadCode() in decompress.c in the HDF HDF5 through 1.10.3 library allows attackers to cause a denial of service (invalid write access) via a crafted HDF5 file. This issue was triggered while converti…	CWE-787 Out-of-bounds Write	CVE-2018-17436	2024-11-21 12:54	2018-09-24	Show	GitHub Exploit DB Packet Storm

Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed