Vulnerability Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":June 21, 2026, noon

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
256171	6.4	警告	IceWarp, Inc.	-	IceWarp Mail Server の server/webmail.php における任意のファイルを読まれる脆弱性	CWE-399 リソース管理の問題	CVE-2011-3579	2011-10-11 10:10	2011-09-30	Show	GitHub Exploit DB Packet Storm

256172	7.5	危険	シマンテック	-	Symantec IM Manager の管理コンソールにおける任意のコードを実行される脆弱性	CWE-94 コード・インジェクション	CVE-2011-0554	2011-10-11 10:10	2011-09-29	Show	GitHub Exploit DB Packet Storm

256173	7.5	危険	シマンテック	-	Symantec IM Manager の管理コンソールにおける SQL インジェクションの脆弱性	CWE-89 SQLインジェクション	CVE-2011-0553	2011-10-11 10:09	2011-09-29	Show	GitHub Exploit DB Packet Storm

256174	4.3	警告	シマンテック	-	Symantec IM Manager の管理コンソールにおけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2011-0552	2011-10-11 10:09	2011-09-29	Show	GitHub Exploit DB Packet Storm

256175	4	警告	株式会社アークウェブ	-	A-Form におけるアクセス制限不備の脆弱性	CWE-264 認可・権限・アクセス制御	CVE-2011-2676	2011-10-7 12:04	2011-10-7	Show	GitHub Exploit DB Packet Storm

256176	5	警告	utage.org	-	宴会くんにおけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2011-2675	2011-10-7 12:03	2011-10-7	Show	GitHub Exploit DB Packet Storm

256177	2.6	注意	HTC Corporation	-	複数の Android 用 HTC 製品における電話番号およびその他の重要な情報を取得される脆弱性	CWE-200 情報漏えい	CVE-2011-3975	2011-10-7 11:46	2011-10-3	Show	GitHub Exploit DB Packet Storm

256178	5	警告	FFmpeg	-	FFmpeg の decode_residual_inter 関数における整数符号エラーの脆弱性	CWE-189 数値処理の問題	CVE-2011-3974	2011-10-7 11:33	2011-10-2	Show	GitHub Exploit DB Packet Storm

256179	4.3	警告	PunBB	-	PunBB の include/functions.php におけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2011-3371	2011-10-7 11:29	2011-10-2	Show	GitHub Exploit DB Packet Storm

256180	9	危険	ヒューレット・パッカード	-	HP NonStop Servers における任意のコードを実行される脆弱性	CWE-noinfo 情報不足	CVE-2011-2411	2011-10-7 11:26	2011-09-19	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:June 21, 2026, 4:01 a.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
246071	9.8	CRITICAL Network	circontrol	circarlife_firmware	Circontrol CirCarLife all versions prior to 4.3.1, the PAP credentials of the device are stored in clear text in a log file that is accessible without authentication.	CWE-532 Inclusion of Sensitive Information in Log Files	CVE-2018-17922	2024-11-21 12:55	2018-11-3	Show	GitHub Exploit DB Packet Storm

246072	9.8	CRITICAL Network	circontrol	circarlife_firmware	Circontrol CirCarLife all versions prior to 4.3.1, authentication to the device can be bypassed by entering the URL of a specific page.	CWE-287 Improper Authentication	CVE-2018-17918	2024-11-21 12:55	2018-11-3	Show	GitHub Exploit DB Packet Storm

246073	7.5	HIGH Network	sauter-controls	case_suite	An XXE vulnerability exists in CASE Suite Versions 3.10 and prior when processing parameter entities, which may allow remote file disclosure.	CWE-611 XXE	CVE-2018-17912	2024-11-21 12:55	2018-11-2	Show	GitHub Exploit DB Packet Storm

246074	9.8	CRITICAL Network	aveva	indusoft_web_studio intouch_machine_edition_2014 edge	InduSoft Web Studio versions prior to 8.1 SP2, and InTouch Edge HMI (formerly InTouch Machine Edition) versions prior to 2017 SP2. A remote attacker could send a carefully crafted packet to exploit a…	CWE-787 Out-of-bounds Write	CVE-2018-17916	2024-11-21 12:55	2018-11-2	Show	GitHub Exploit DB Packet Storm

246075	9.8	CRITICAL Network	aveva	indusoft_web_studio intouch_machine_edition_2014 edge	InduSoft Web Studio versions prior to 8.1 SP2, and InTouch Edge HMI (formerly InTouch Machine Edition) versions prior to 2017 SP2. This vulnerability could allow an unauthenticated user to remotely e…	NVD-CWE-noinfo	CVE-2018-17914	2024-11-21 12:55	2018-11-2	Show	GitHub Exploit DB Packet Storm

246076	8.8	HIGH Network	vecna	vgo_firmware	VGo Robot (Versions 3.0.3.52164 and 3.0.3.53662. Prior versions may also be affected) connected to the VGo XAMPP. User accounts may be able to execute commands that are outside the scope of their pri…	NVD-CWE-noinfo	CVE-2018-17933	2024-11-21 12:55	2018-10-31	Show	GitHub Exploit DB Packet Storm

246077	6.8	MEDIUM Physics	vecna	vgo_firmware	If an attacker has physical access to the VGo Robot (Versions 3.0.3.52164 and 3.0.3.53662. Prior versions may also be affected) they may be able to alter scripts, which may allow code execution with …	CWE-284 Improper Access Control	CVE-2018-17931	2024-11-21 12:55	2018-10-31	Show	GitHub Exploit DB Packet Storm

246078	7.8	HIGH Local	linux canonical debian	linux_kernel ubuntu_linux debian_linux	Since Linux kernel version 3.2, the mremap() syscall performs TLB flushes after dropping pagetable locks. If a syscall such as ftruncate() removes entries from the pagetables of a task that is in the…	CWE-459 Incomplete Cleanup	CVE-2018-18281	2024-11-21 12:55	2018-10-31	Show	GitHub Exploit DB Packet Storm

246079	8.8	HIGH Network	playsms_project	playsms	playSMS through 1.4.2 allows Privilege Escalation through Daemon abuse.	CWE-829 Inclusion of Functionality from Untrusted Control Sphere	CVE-2018-18387	2024-11-21 12:55	2018-10-30	Show	GitHub Exploit DB Packet Storm

246080	7.8	HIGH Local	advantech	webaccess	WebAccess Versions 8.3.2 and prior. The application fails to properly validate the length of user-supplied data, causing a buffer overflow condition that allows for arbitrary remote code execution.	CWE-119 Incorrect Access of Indexable Resource ('Range Error')	CVE-2018-17910	2024-11-21 12:55	2018-10-30	Show	GitHub Exploit DB Packet Storm

Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed