Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":June 20, 2026, 6 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
256241 4.3 警告 Roundcube.net - Roundcube Webmail の UI メッセージ機能におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2011-2937 2011-09-27 11:05 2011-08-9 Show GitHub Exploit DB Packet Storm
256242 6.8 警告 AmmSoft - AmmSoft ScriptFTP にバッファオーバーフローの脆弱性 - CVE-2011-3976 2011-09-27 10:58 2011-09-21 Show GitHub Exploit DB Packet Storm
256243 10 危険 Measuresoft Development Ltd. - Measuresoft ScadaPro の service.exe におけるスタックベースのバッファオーバーフローの脆弱性 CWE-119
バッファエラー 		CVE-2011-3490 2011-09-26 15:59 2011-09-16 Show GitHub Exploit DB Packet Storm
256244 4.6 警告 レッドハット - Red Hat Enterprise MRG の Cumin における認証を回避される脆弱性 CWE-287
不適切な認証 		CVE-2011-2925 2011-09-26 15:43 2011-09-7 Show GitHub Exploit DB Packet Storm
256245 5 警告 Zoho Corporation - ManageEngine ServiceDesk Plus の encryptPassword 関数における重要な情報を取得される脆弱性 CWE-310
暗号の問題 		CVE-2011-1509 2011-09-26 15:42 2011-09-20 Show GitHub Exploit DB Packet Storm
256246 4.3 警告 Zoho Corporation - ManageEngine ServiceDesk Plus の SolutionSearch.do におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2011-1510 2011-09-26 15:41 2011-09-20 Show GitHub Exploit DB Packet Storm
256247 10 危険 Measuresoft Development Ltd. - Measuresoft ScadaPro の service.exe における任意のコマンドを実行される脆弱性 CWE-20
不適切な入力確認 		CVE-2011-3496 2011-09-26 15:40 2011-09-7 Show GitHub Exploit DB Packet Storm
256248 10 危険 Measuresoft Development Ltd. - Measuresoft ScadaPro の service.exe における任意の DLL を実行される脆弱性 CWE-200
情報漏えい 		CVE-2011-3497 2011-09-26 15:40 2011-09-16 Show GitHub Exploit DB Packet Storm
256249 10 危険 Measuresoft Development Ltd. - Measuresoft ScadaPro の service.exe におけるディレクトリトラバーサルの脆弱性 CWE-22
パス・トラバーサル 		CVE-2011-3495 2011-09-26 15:39 2011-09-16 Show GitHub Exploit DB Packet Storm
256250 4.3 警告 TIBCO Software - TIBCO Managed File Transfer および Slingshot におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2011-3423 2011-09-26 15:38 2011-09-13 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:June 20, 2026, 4:01 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
246081 7.8 HIGH
Local 		advantech webaccess WebAccess Versions 8.3.2 and prior. During installation, the application installer disables user access control and does not re-enable it after the installation is complete. This could allow an attac… CWE-284
Improper Access Control 		CVE-2018-17908 2024-11-21 12:55 2018-10-30 Show GitHub Exploit DB Packet Storm
246082 6.1 MEDIUM
Network 		geovap reliance_4 Reliance 4 SCADA/HMI, Version 4.7.3 Update 3 and prior. This vulnerability could allow an unauthorized attacker to inject arbitrary code. CWE-79
Cross-site Scripting 		CVE-2018-17904 2024-11-21 12:55 2018-10-26 Show GitHub Exploit DB Packet Storm
246083 6.9 MEDIUM
Physics 		sagaradio saga1-l8b_firmware SAGA1-L8B with any firmware versions prior to A0.10 are vulnerable to an attack that an attacker with physical access to the product may able to reprogram it. CWE-287
Improper Authentication 		CVE-2018-17923 2024-11-21 12:55 2018-10-25 Show GitHub Exploit DB Packet Storm
246084 8.8 HIGH
Adjacent 		sagaradio saga1-l8b_firmware SAGA1-L8B with any firmware versions prior to A0.10 are vulnerable to an attack that may allow an attacker to force-pair the device without human interaction. NVD-CWE-Other
CVE-2018-17921 2024-11-21 12:55 2018-10-25 Show GitHub Exploit DB Packet Storm
246085 9.1 CRITICAL
Network 		sagaradio saga1-l8b_firmware SAGA1-L8B with any firmware versions prior to A0.10 are vulnerable to a replay attack and command forgery. CWE-294
Authentication Bypass by Capture-replay  		CVE-2018-17903 2024-11-21 12:55 2018-10-25 Show GitHub Exploit DB Packet Storm
246086 7.8 HIGH
Local 		citrix xenmobile_server * Lack of authentication in Citrix Xen Mobile through 10.8 allows low-privileged local users to execute system commands as root by making requests to private services listening on ports 8000, 30000 a… CWE-287
Improper Authentication 		CVE-2018-18014 2024-11-21 12:55 2018-10-25 Show GitHub Exploit DB Packet Storm
246087 7.8 HIGH
Local 		citrix xenmobile_server * Xen Mobile through 10.8.0 includes a service listening on port 5001 within its firewall that accepts unauthenticated input. If this service is supplied with raw serialised Java objects, it deserial… CWE-502
 Deserialization of Untrusted Data 		CVE-2018-18013 2024-11-21 12:55 2018-10-25 Show GitHub Exploit DB Packet Storm
246088 8.1 HIGH
Adjacent 		telecrane f25-2s_firmware
f25-2d_firmware
f25-4s_firmware
f25-4d_firmware
f25-6s_firmware
f25-6d_firmware
f25-8s_firmware
f25-8d_firmware
f25-10s_firmware
f25-10d_firmware
f25-60_… 		All versions of Telecrane F25 Series Radio Controls before 00.0A use fixed codes that are reproducible by sniffing and re-transmission. This can lead to unauthorized replay of a command, spoofing of … CWE-294
Authentication Bypass by Capture-replay  		CVE-2018-17935 2024-11-21 12:55 2018-10-24 Show GitHub Exploit DB Packet Storm
246089 9.8 CRITICAL
Network 		zohocorp manageengine_opmanager Zoho ManageEngine OpManager before 12.3 build 123214 allows Unrestricted Arbitrary File Upload. CWE-434
 Unrestricted Upload of File with Dangerous Type  		CVE-2018-18475 2024-11-21 12:55 2018-10-24 Show GitHub Exploit DB Packet Storm
246090 7.5 HIGH
Network 		conversations conversations An issue was discovered in Daniel Gultsch Conversations 2.3.4. It is possible to spoof a custom message to an existing opened conversation by sending an intent. CWE-200
Information Exposure 		CVE-2018-18467 2024-11-21 12:55 2018-10-24 Show GitHub Exploit DB Packet Storm