Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":June 30, 2026, 6 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
256661 1.2 注意 Celery - virtualenv の virtualenv.py における任意のファイルを上書きされる脆弱性 CWE-59
リンク解釈の問題 		CVE-2011-4617 2012-01-5 16:20 2011-12-31 Show GitHub Exploit DB Packet Storm
256662 7.5 危険 Novell - Novell XTier framework の HTTP サーバにおける整数オーバーフローの脆弱性 CWE-189
数値処理の問題 		CVE-2011-1710 2012-01-5 16:19 2011-12-31 Show GitHub Exploit DB Packet Storm
256663 4.3 警告 JJWDesign - PHP Booking Calendar の details_view.php におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2011-5045 2012-01-5 16:14 2011-12-30 Show GitHub Exploit DB Packet Storm
256664 7.2 危険 SopCast - SopCast における任意のコードを実行される脆弱性 CWE-264
認可・権限・アクセス制御 		CVE-2011-5044 2012-01-5 16:13 2011-12-30 Show GitHub Exploit DB Packet Storm
256665 4.3 警告 Tomatosoft - TomatoSoft Free Mp3 Player におけるサービス運用妨害 (アプリケーションクラッシュ) の脆弱性 CWE-20
不適切な入力確認 		CVE-2011-5043 2012-01-5 16:12 2011-12-30 Show GitHub Exploit DB Packet Storm
256666 4.3 警告 gphemsley - SASHA の inc/lib/lib.base.php におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2011-5042 2012-01-5 16:11 2011-12-30 Show GitHub Exploit DB Packet Storm
256667 4.3 警告 PulseCMS - Pulse Pro CMS におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2011-5041 2012-01-5 16:10 2011-12-30 Show GitHub Exploit DB Packet Storm
256668 4.3 警告 Infoproject - Infoproject Biznis Heroj におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2011-5040 2012-01-5 14:27 2011-12-30 Show GitHub Exploit DB Packet Storm
256669 7.5 危険 Infoproject - Infoproject Biznis Heroj における SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2011-5039 2012-01-5 14:26 2011-12-30 Show GitHub Exploit DB Packet Storm
256670 7.5 危険 hitCode - hitCode hitAppoint における SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2011-5038 2012-01-5 14:24 2011-12-30 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:June 30, 2026, 4:22 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
246221 5.5 MEDIUM
Local 		audiocoding freeware_advanced_audio_decoder_2 A NULL pointer dereference was discovered in sbr_process_channel of libfaad/sbr_dec.c in Freeware Advanced Audio Decoder 2 (FAAD2) 2.8.8. The vulnerability causes a segmentation fault and application… CWE-476
 NULL Pointer Dereference 		CVE-2018-20357 2024-11-21 13:01 2018-12-23 Show GitHub Exploit DB Packet Storm
246222 6.1 MEDIUM
Network 		evernote evernote The Markdown component in Evernote (Chinese) before 8.3.2 on macOS allows stored XSS, aka MAC-832. CWE-79
Cross-site Scripting 		CVE-2018-20351 2024-11-21 13:01 2018-12-22 Show GitHub Exploit DB Packet Storm
246223 6.5 MEDIUM
Network 		igraph igraph The igraph_i_strdiff function in igraph_trie.c in igraph through 0.7.1 has an NULL pointer dereference that allows attackers to cause a denial of service (application crash) via a crafted object. CWE-476
 NULL Pointer Dereference 		CVE-2018-20349 2024-11-21 13:01 2018-12-22 Show GitHub Exploit DB Packet Storm
246224 5.5 MEDIUM
Local 		libpff_project libpff libpff_item_tree_create_node in libpff_item_tree.c in libpff before experimental-20180714 allows attackers to cause a denial of service (infinite recursion) via a crafted file, related to libfdata_tr… CWE-835
 Loop with Unreachable Exit Condition ('Infinite Loop') 		CVE-2018-20348 2024-11-21 13:01 2018-12-22 Show GitHub Exploit DB Packet Storm
246225 9.8 CRITICAL
Network 		definitions_project definitions There is a vulnerability in load() method in definitions/parser.py in the Danijar Hafner definitions package for Python. It can execute arbitrary python commands resulting in command execution. CWE-94
Code Injection 		CVE-2018-20325 2024-11-21 13:01 2018-12-22 Show GitHub Exploit DB Packet Storm
246226 6.1 MEDIUM
Network 		limesurvey limesurvey LimeSurvey version 3.15.5 contains a Cross-site scripting (XSS) vulnerability in Survey Resource zip upload, resulting in Javascript code execution against LimeSurvey administrators. Fixed in version… CWE-79
Cross-site Scripting 		CVE-2018-20322 2024-11-21 13:01 2018-12-22 Show GitHub Exploit DB Packet Storm
246227 7.2 HIGH
Network 		thehive-project cortex An organization administrator can add a super administrator in THEHIVE PROJECT Cortex before 2.1.3 due to the lack of overriding the Role.toString method. NVD-CWE-noinfo
CVE-2018-20226 2024-11-21 13:01 2018-12-22 Show GitHub Exploit DB Packet Storm
246228 8.8 HIGH
Network 		pulsesecure secure_access_series_ssl_vpn_sa-4000 Certain Secure Access SA Series SSL VPN products (originally developed by Juniper Networks but now sold and supported by Pulse Secure, LLC) allow privilege escalation, as demonstrated by Secure Acces… CWE-269
 Improper Privilege Management 		CVE-2018-20193 2024-11-21 13:01 2018-12-22 Show GitHub Exploit DB Packet Storm
246229 8.1 HIGH
Network 		sqlite
google
redhat
debian
opensuse 		sqlite
chrome
linux
debian_linux
leap 		SQLite before 3.25.3, when the FTS3 extension is enabled, encounters an integer overflow (and resultant buffer overflow) for FTS3 queries that occur after crafted changes to FTS3 shadow tables, allow… CWE-190
 Integer Overflow or Wraparound 		CVE-2018-20346 2024-11-21 13:01 2018-12-22 Show GitHub Exploit DB Packet Storm
246230 5.3 MEDIUM
Network 		stackstorm stackstorm Incorrect access control in StackStorm API (st2api) in StackStorm before 2.9.2 and 2.10.x before 2.10.1 allows an attacker (who has a StackStorm account and is authenticated against the StackStorm AP… NVD-CWE-noinfo
CVE-2018-20345 2024-11-21 13:01 2018-12-22 Show GitHub Exploit DB Packet Storm