Vulnerability Search Top

Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

Vulnerability Information Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":June 22, 2026, 6:01 p.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
256631	9.3	危険	アドビシステムズ	-	Adobe Reader および Acrobat の U3D TIFF リソースにおけるバッファオーバーフローの脆弱性	CWE-119 バッファエラー	CVE-2011-2432	2011-10-18 16:25	2011-09-13	Show	GitHub Exploit DB Packet Storm

256632	9.3	危険	アドビシステムズ	-	Adobe Reader および Acrobat における任意のコードを実行される脆弱性	CWE-264 認可・権限・アクセス制御	CVE-2011-2431	2011-10-18 16:25	2011-09-13	Show	GitHub Exploit DB Packet Storm

256633	6.9	警告	アドビシステムズ	-	Adobe Reader における権限を取得される脆弱性	CWE-noinfo 情報不足	CVE-2011-1353	2011-10-18 16:23	2011-09-13	Show	GitHub Exploit DB Packet Storm

256634	5.8	警告	Adam Kennedy	-	Perl モジュール Crypt::DSA における署名を偽装される脆弱性	CWE-310 暗号の問題	CVE-2011-3599	2011-10-14 15:50	2011-10-10	Show	GitHub Exploit DB Packet Storm

256635	5	警告	株式会社ロックオン	-	EC-CUBE における SQL インジェクションの脆弱性	CWE-89 SQLインジェクション	CVE-2011-3988	2011-10-14 14:01	2011-10-14	Show	GitHub Exploit DB Packet Storm

256636	6.8	警告	小山浩之	-	DBD::mysqlPP における SQL インジェクションの脆弱性	CWE-89 SQLインジェクション	CVE-2011-3989	2011-10-14 12:02	2011-10-14	Show	GitHub Exploit DB Packet Storm

256637	5	警告	Novell	-	Novell GroupWise の GroupWise Internet Agent (GWIA) におけるサービス運用妨害 (デーモンクラッシュ) の脆弱性	CWE-noinfo 情報不足	CVE-2011-2219	2011-10-14 10:39	2010-06-30	Show	GitHub Exploit DB Packet Storm

256638	5	警告	Novell	-	Novell GroupWise の GroupWise Internet Agent (GWIA) におけるサービス運用妨害 (デーモンクラッシュ) の脆弱性	CWE-noinfo 情報不足	CVE-2011-2218	2011-10-14 10:34	2010-06-30	Show	GitHub Exploit DB Packet Storm

256639	4.3	警告	phpPgAdmin	-	phpPgAdmin におけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2011-3598	2011-10-14 10:31	2011-10-8	Show	GitHub Exploit DB Packet Storm

256640	10	危険	Novell	-	Novell GroupWise の GroupWise Internet Agent における任意のコードを実行される脆弱性	CWE-119 バッファエラー	CVE-2011-2663	2011-10-14 10:30	2011-08-19	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:June 22, 2026, 4 a.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
245551	9.8	CRITICAL Network	open_faculty_evaluation_system_project	open_faculty_evaluation_system	Open Faculty Evaluation System 7 for PHP 7 allows submit_feedback.php SQL Injection, a different vulnerability than CVE-2018-18757.	CWE-89 SQL Injection	CVE-2018-18758	2024-11-21 12:56	2019-06-20	Show	GitHub Exploit DB Packet Storm

245552	9.8	CRITICAL Network	open_faculty_evaluation_system_project	open_faculty_evaluation_system	Open Faculty Evaluation System 5.6 for PHP 5.6 allows submit_feedback.php SQL Injection, a different vulnerability than CVE-2018-18758.	CWE-89 SQL Injection	CVE-2018-18757	2024-11-21 12:56	2019-06-20	Show	GitHub Exploit DB Packet Storm

245553	5.3	MEDIUM Network	my-netdata	netdata	An issue was discovered in Netdata 1.10.0. Full Path Disclosure (FPD) exists via api/v1/alarms. NOTE: the vendor says "is intentional.	CWE-200 Information Exposure	CVE-2018-18839	2024-11-21 12:56	2019-06-19	Show	GitHub Exploit DB Packet Storm

245554	7.5	HIGH Network	my-netdata	netdata	An issue was discovered in Netdata 1.10.0. Log Injection (or Log Forgery) exists via a %0a sequence in the url parameter to api/v1/registry.	CWE-116 Improper Encoding or Escaping of Output	CVE-2018-18838	2024-11-21 12:56	2019-06-19	Show	GitHub Exploit DB Packet Storm

245555	6.1	MEDIUM Network	my-netdata	netdata	An issue was discovered in Netdata 1.10.0. HTTP Header Injection exists via the api/v1/data filename parameter because of web_client_api_request_v1_data in web/api/web_api_v1.c.	CWE-113 HTTP Response Splitting	CVE-2018-18837	2024-11-21 12:56	2019-06-19	Show	GitHub Exploit DB Packet Storm

245556	6.5	MEDIUM Network	my-netdata	netdata	An issue was discovered in Netdata 1.10.0. JSON injection exists via the api/v1/data tqx parameter because of web_client_api_request_v1_data in web/api/web_api_v1.c.	CWE-94 Code Injection	CVE-2018-18836	2024-11-21 12:56	2019-06-19	Show	GitHub Exploit DB Packet Storm

245557	8.8	HIGH Network	tubigan	welcome_to_our_resort	The Tubigan "Welcome to our Resort" 1.0 software allows CSRF via admin/mod_users/controller.php?action=edit.	CWE-352 Origin Validation Error	CVE-2018-18802	2024-11-21 12:56	2019-06-19	Show	GitHub Exploit DB Packet Storm

245558	7.5	HIGH Network	columbiaweather	weather_microserver_firmware	In firmware version MS_2.6.9900 of Columbia Weather MicroServer, the BACnet daemon does not properly validate input, which could allow a remote attacker to send specially crafted packets causing the …	CWE-20 Improper Input Validation	CVE-2018-18878	2024-11-21 12:56	2019-06-19	Show	GitHub Exploit DB Packet Storm

245559	8.8	HIGH Network	columbiaweather	weather_microserver_firmware	In firmware version MS_2.6.9900 of Columbia Weather MicroServer, an authenticated web user can access an alternative configuration page config_main.php that allows manipulation of the device.	CWE-287 Improper Authentication	CVE-2018-18877	2024-11-21 12:56	2019-06-19	Show	GitHub Exploit DB Packet Storm

245560	5.3	MEDIUM Network	columbiaweather	weather_microserver_firmware	In firmware version MS_2.6.9900 of Columbia Weather MicroServer, a readouts_rd.php directory traversal issue makes it possible to read any file present on the underlying operating system.	CWE-22 Path Traversal	CVE-2018-18876	2024-11-21 12:56	2019-06-19	Show	GitHub Exploit DB Packet Storm