Vulnerability Search Top

Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

Vulnerability Information Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":May 31, 2026, 6 p.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
256281	6	警告	シトリックス・システムズ	-	Citrix XenCenterWeb の XenServer Resource Kit におけるクロスサイトリクエストフォージェリの脆弱性	CWE-352 同一生成元ポリシー違反	CVE-2009-3759	2010-09-14 15:54	2009-10-22	Show	GitHub Exploit DB Packet Storm

256282	7.5	危険	シトリックス・システムズ	-	Citrix XenCenterWeb の XenServer Resource Kit における SQL インジェクションの脆弱性	CWE-89 SQLインジェクション	CVE-2009-3758	2010-09-14 15:53	2009-10-22	Show	GitHub Exploit DB Packet Storm

256283	4.3	警告	シトリックス・システムズ	-	Citrix XenCenterWeb の XenServer Resource Kit におけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2009-3757	2010-09-14 15:53	2009-10-22	Show	GitHub Exploit DB Packet Storm

256284	7.2	危険	シトリックス・システムズ	-	Xen の xend におけるサービス運用妨害 (DoS) の脆弱性	CWE-264 認可・権限・アクセス制御	CVE-2008-5716	2010-09-14 15:53	2008-12-24	Show	GitHub Exploit DB Packet Storm

256285	6	警告	VMware	-	VMware Studio の Virtual Appliance Management Infrastructure における任意のコマンドを実行される脆弱性	CWE-noinfo 情報不足	CVE-2010-2667	2010-09-13 16:05	2010-07-13	Show	GitHub Exploit DB Packet Storm

256286	4.4	警告	VMware	-	VMware Studio における権限を取得される脆弱性	CWE-264 認可・権限・アクセス制御	CVE-2010-2427	2010-09-13 16:05	2010-07-13	Show	GitHub Exploit DB Packet Storm

256287	6.8	警告	VMware	-	VMware SpringSource tc Server Runtime における JMX インターフェイスへのアクセス権を取得される脆弱性	CWE-287 不適切な認証	CVE-2010-1454	2010-09-13 16:05	2010-05-13	Show	GitHub Exploit DB Packet Storm

256288	4.3	警告	VMware	-	VMware View におけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2010-1143	2010-09-13 16:04	2010-05-5	Show	GitHub Exploit DB Packet Storm

256289	4.9	警告	VMware	-	複数の VMware 製品の hcmon.sys におけるサービス運用妨害 (DoS) の脆弱性	CWE-20 不適切な入力確認	CVE-2008-3761	2010-09-13 16:04	2008-08-21	Show	GitHub Exploit DB Packet Storm

256290	2.1	注意	VMware	-	VMware VirtualCenter におけるパスワードを盗まれる脆弱性	CWE-200 情報漏えい	CVE-2008-4278	2010-09-13 16:04	2008-10-3	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:June 1, 2026, 4:12 a.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
246611	4.6	MEDIUM Network	otrs debian	otrs debian_linux	An issue was discovered in Open Ticket Request System (OTRS) 6.0.x through 6.0.7. A carefully constructed email could be used to inject and execute arbitrary stylesheet or JavaScript code in a logged…	NVD-CWE-noinfo	CVE-2018-11563	2024-11-21 12:43	2019-07-8	Show	GitHub Exploit DB Packet Storm

246612	9.8	CRITICAL Network	flowpaper	flexpaper	The Publish Service in FlexPaper (later renamed FlowPaper) 2.3.6 allows remote code execution via setup.php and change_config.php.	CWE-20 Improper Input Validation	CVE-2018-11686	2024-11-21 12:43	2019-07-4	Show	GitHub Exploit DB Packet Storm

246613	9.8	CRITICAL Network	moxa	oncell_g3470a-lte-us_firmware oncell_g3470a-lte-us-t_firmware oncell_g3470a-lte-eu_firmware oncell_g3470a-lte-eu-t_firmware	Memory corruption issue was discovered in Moxa OnCell G3470A-LTE Series version 1.6 Build 18021314 and prior, a different vulnerability than CVE-2018-11424.	CWE-119 Incorrect Access of Indexable Resource ('Range Error')	CVE-2018-11425	2024-11-21 12:43	2019-07-4	Show	GitHub Exploit DB Packet Storm

246614	7.5	HIGH Network	moxa	oncell_g3470a-lte-us_firmware oncell_g3470a-lte-us-t_firmware oncell_g3470a-lte-eu_firmware oncell_g3470a-lte-eu-t_firmware	There is Memory corruption in the web interface of Moxa OnCell G3470A-LTE Series version 1.6 Build 18021314 and prior, a different vulnerability than CVE-2018-11425.	CWE-787 Out-of-bounds Write	CVE-2018-11424	2024-11-21 12:43	2019-07-4	Show	GitHub Exploit DB Packet Storm

246615	7.5	HIGH Network	moxa	oncell_g3150-hspa_firmware oncell_g3150-hspa-t_firmware	There is Memory corruption in the web interface Moxa OnCell G3100-HSPA Series version 1.6 Build 17100315 and prior, different vulnerability than CVE-2018-11420.	CWE-119 Incorrect Access of Indexable Resource ('Range Error')	CVE-2018-11423	2024-11-21 12:43	2019-07-4	Show	GitHub Exploit DB Packet Storm

246616	9.8	CRITICAL Network	moxa	oncell_g3150-hspa_firmware oncell_g3150-hspa-t_firmware	Moxa OnCell G3100-HSPA Series version 1.6 Build 17100315 and prior use a proprietary configuration protocol that does not provide confidentiality, integrity, and authenticity security controls. All i…	CWE-319 Cleartext Transmission of Sensitive Information	CVE-2018-11422	2024-11-21 12:43	2019-07-4	Show	GitHub Exploit DB Packet Storm

246617	9.8	CRITICAL Network	moxa	oncell_g3150-hspa_firmware oncell_g3150-hspa-t_firmware	Moxa OnCell G3100-HSPA Series version 1.6 Build 17100315 and prior use a proprietary monitoring protocol that does not provide confidentiality, integrity, and authenticity security controls. All info…	CWE-319 Cleartext Transmission of Sensitive Information	CVE-2018-11421	2024-11-21 12:43	2019-07-4	Show	GitHub Exploit DB Packet Storm

246618	9.8	CRITICAL Network	moxa	oncell_g3150-hspa_firmware oncell_g3150-hspa-t_firmware	There is Memory corruption in the web interface of Moxa OnCell G3100-HSPA Series version 1.5 Build 17042015 and prio,r a different vulnerability than CVE-2018-11423.	CWE-787 Out-of-bounds Write	CVE-2018-11420	2024-11-21 12:43	2019-07-4	Show	GitHub Exploit DB Packet Storm

246619	6.1	MEDIUM Network	intelliants	subrion	Subrion CMS before 4.1.4 has XSS.	CWE-79 Cross-site Scripting	CVE-2018-11317	2024-11-21 12:43	2019-07-4	Show	GitHub Exploit DB Packet Storm

246620	8.8	HIGH Network	moxa	oncell_g3150-hspa_firmware oncell_g3150-hspa-t_firmware	CSRF tokens are not used in the web application of Moxa OnCell G3100-HSPA Series version 1.4 Build 16062919 and prior, which makes it possible to perform CSRF attacks on the device administrator.	CWE-352 Origin Validation Error	CVE-2018-11427	2024-11-21 12:43	2019-07-4	Show	GitHub Exploit DB Packet Storm