Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":July 1, 2026, 6 p.m.

No CVSS Level
Attach Vector
Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show
Exploit
PoC
Search
257061 9.3 危険 マイクロソフト - Microsoft Windows XP および Windows Server 2003 における任意のコードを実行される脆弱性 CWE-94
コード・インジェクション
CVE-2011-3397 2011-12-16 11:16 2011-12-13 Show GitHub Exploit DB Packet Storm
257062 9.3 危険 マイクロソフト - 複数の Microsoft Office 製品における任意のコードを実行される脆弱性 CWE-399
リソース管理の問題
CVE-2011-1983 2011-12-16 11:15 2011-12-13 Show GitHub Exploit DB Packet Storm
257063 7.2 危険 マイクロソフト - 複数の Microsoft 製品の簡体字中国語版 Microsoft Office IME における権限昇格の脆弱性 CWE-264
認可・権限・アクセス制御
CVE-2011-2010 2011-12-16 11:09 2011-12-13 Show GitHub Exploit DB Packet Storm
257064 4.3 警告 Dolibarr ERP & CRM - Dolibarr におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS)
CVE-2011-4814 2011-12-16 10:52 2011-11-3 Show GitHub Exploit DB Packet Storm
257065 6.5 警告 Dolibarr ERP & CRM - Dolibarr における SQL インジェクションの脆弱性 CWE-89
SQLインジェクション
CVE-2011-4802 2011-12-16 10:50 2011-11-3 Show GitHub Exploit DB Packet Storm
257066 4.3 警告 Jextensions - Joomla! 用 HM Community コンポーネントにおけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS)
CVE-2011-4809 2011-12-16 10:44 2011-12-14 Show GitHub Exploit DB Packet Storm
257067 7.5 危険 Jextensions - Joomla! 用 HM Community コンポーネントにおける SQL インジェクションの脆弱性 CWE-89
SQLインジェクション
CVE-2011-4808 2011-12-16 10:41 2011-12-14 Show GitHub Exploit DB Packet Storm
257068 5 警告 foobla - Joomla! 用の obSuggest コンポーネントにおけるディレクトリトラバーサルの脆弱性 CWE-22
パス・トラバーサル
CVE-2011-4804 2011-12-16 10:19 2011-12-14 Show GitHub Exploit DB Packet Storm
257069 7.5 危険 BraveNewCode - WordPress 用の WPTouch プラグインにおける SQL インジェクションの脆弱性 CWE-89
SQLインジェクション
CVE-2011-4803 2011-12-16 10:18 2011-12-14 Show GitHub Exploit DB Packet Storm
257070 6.8 警告 DELL EMC (旧 EMC Corporation) - EMC RSA AAOP におけるアプリケーション制限を回避される脆弱性 CWE-264
認可・権限・アクセス制御
CVE-2011-2742 2011-12-15 16:59 2011-12-14 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:July 1, 2026, 4:27 a.m.

No CVSS Level
Attach Vector
Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
246221 9.8 CRITICAL
Network
dlink dir-822_firmware
dir-822-us_firmware
dir-850l_firmware
dir-880l_firmware
D-Link DIR-822 C1 before v3.11B01Beta, DIR-822-US C1 before v3.11B01Beta, DIR-850L A* before v1.21B08Beta, DIR-850L B* before v2.22B03Beta, and DIR-880L A* before v1.20B02Beta devices allow authentic… CWE-287
Improper Authentication
CVE-2018-20675 2024-11-21 13:01 2019-01-9 Show GitHub Exploit DB Packet Storm
246222 8.8 HIGH
Network
dlink dir-822_firmware
dir-822-us_firmware
dir-850l_firmware
dir-880l_firmware
D-Link DIR-822 C1 before v3.11B01Beta, DIR-822-US C1 before v3.11B01Beta, DIR-850L A* before v1.21B08Beta, DIR-850L B* before v2.22B03Beta, and DIR-880L A* before v1.20B02Beta devices allow authentic… NVD-CWE-noinfo
CVE-2018-20674 2024-11-21 13:01 2019-01-9 Show GitHub Exploit DB Packet Storm
246223 5.5 MEDIUM
Local
gnu binutils The demangle_template function in cplus-dem.c in GNU libiberty, as distributed in GNU Binutils 2.31.1, contains an integer overflow vulnerability (for "Create an array for saving the template argumen… CWE-787
CWE-190
 Out-of-bounds Write
 Integer Overflow or Wraparound
CVE-2018-20673 2024-11-21 13:01 2019-01-5 Show GitHub Exploit DB Packet Storm
246224 5.5 MEDIUM
Local
gnu binutils load_specific_debug_section in objdump.c in GNU Binutils through 2.31.1 contains an integer overflow vulnerability that can trigger a heap-based buffer overflow via a crafted section size. CWE-787
CWE-190
 Out-of-bounds Write
 Integer Overflow or Wraparound
CVE-2018-20671 2024-11-21 13:01 2019-01-5 Show GitHub Exploit DB Packet Storm
246225 9.8 CRITICAL
Network
zohocorp manageengine_adselfservice_plus Zoho ManageEngine ADSelfService Plus 5.x before build 5701 has XXE via an uploaded product license. CWE-611
XXE
CVE-2018-20664 2024-11-21 13:01 2019-01-4 Show GitHub Exploit DB Packet Storm
246226 5.4 MEDIUM
Network
haulmont cuba_platform
reporting
The Reporting Addon (aka Reports Addon) through 2019-01-02 for CUBA Platform through 6.10.x has Persistent XSS via the "Reports > Reports" name field. CWE-79
Cross-site Scripting
CVE-2018-20663 2024-11-21 13:01 2019-01-4 Show GitHub Exploit DB Packet Storm
246227 9.8 CRITICAL
Network
cdatatec epon_cpe-wifi_devices_firmware EPON CPE-WiFi devices 2.0.4-X000 are vulnerable to escalation of privileges by sending cooLogin=1, cooUser=admin, and timestamp=-1 cookies. CWE-565
 Reliance on Cookies without Validation and Integrity Checking
CVE-2018-20512 2024-11-21 13:01 2019-01-4 Show GitHub Exploit DB Packet Storm
246228 6.1 MEDIUM
Network
chinamobile gpn2.4p21-c-cn_firmware ChinaMobile PLC Wireless Router GPN2.4P21-C-CN devices with firmware W2001EN-00 have XSS via the cgi-bin/webproc?getpage=html/index.html var:subpage parameter. CWE-79
Cross-site Scripting
CVE-2018-20326 2024-11-21 13:01 2019-01-3 Show GitHub Exploit DB Packet Storm
246229 7.8 HIGH
Local
exiftool_project exiftool ExifTool 8.32 allows local users to gain privileges by creating a %TEMP%\par-%username%\cache-exiftool-8.32 folder with a victim's username, and then copying a Trojan horse ws32_32.dll file into this… CWE-427
 Uncontrolled Search Path Element
CVE-2018-20211 2024-11-21 13:01 2019-01-3 Show GitHub Exploit DB Packet Storm
246230 6.5 MEDIUM
Network
freedesktop
debian
fedoraproject
canonical
redhat
poppler
debian_linux
fedora
ubuntu_linux
enterprise_linux_desktop
enterprise_linux_workstation
enterprise_linux_server
enterprise_linux
enterprise_linux_eus
enterprise_linu…
In Poppler 0.72.0, PDFDoc::setup in PDFDoc.cc allows attackers to cause a denial-of-service (application crash caused by Object.h SIGABRT, because of a wrong return value from PDFDoc::setup) by craft… CWE-20
 Improper Input Validation 
CVE-2018-20662 2024-11-21 13:01 2019-01-3 Show GitHub Exploit DB Packet Storm