Vulnerability Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":June 26, 2026, 10:01 a.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
257111	6.8	警告	AmmSoft	-	AmmSoft ScriptFTP にバッファオーバーフローの脆弱性	-	CVE-2011-3976	2011-09-27 10:58	2011-09-21	Show	GitHub Exploit DB Packet Storm

257112	10	危険	Measuresoft Development Ltd.	-	Measuresoft ScadaPro の service.exe におけるスタックベースのバッファオーバーフローの脆弱性	CWE-119 バッファエラー	CVE-2011-3490	2011-09-26 15:59	2011-09-16	Show	GitHub Exploit DB Packet Storm

257113	4.6	警告	レッドハット	-	Red Hat Enterprise MRG の Cumin における認証を回避される脆弱性	CWE-287 不適切な認証	CVE-2011-2925	2011-09-26 15:43	2011-09-7	Show	GitHub Exploit DB Packet Storm

257114	5	警告	Zoho Corporation	-	ManageEngine ServiceDesk Plus の encryptPassword 関数における重要な情報を取得される脆弱性	CWE-310 暗号の問題	CVE-2011-1509	2011-09-26 15:42	2011-09-20	Show	GitHub Exploit DB Packet Storm

257115	4.3	警告	Zoho Corporation	-	ManageEngine ServiceDesk Plus の SolutionSearch.do におけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2011-1510	2011-09-26 15:41	2011-09-20	Show	GitHub Exploit DB Packet Storm

257116	10	危険	Measuresoft Development Ltd.	-	Measuresoft ScadaPro の service.exe における任意のコマンドを実行される脆弱性	CWE-20 不適切な入力確認	CVE-2011-3496	2011-09-26 15:40	2011-09-7	Show	GitHub Exploit DB Packet Storm

257117	10	危険	Measuresoft Development Ltd.	-	Measuresoft ScadaPro の service.exe における任意の DLL を実行される脆弱性	CWE-200 情報漏えい	CVE-2011-3497	2011-09-26 15:40	2011-09-16	Show	GitHub Exploit DB Packet Storm

257118	10	危険	Measuresoft Development Ltd.	-	Measuresoft ScadaPro の service.exe におけるディレクトリトラバーサルの脆弱性	CWE-22 パス・トラバーサル	CVE-2011-3495	2011-09-26 15:39	2011-09-16	Show	GitHub Exploit DB Packet Storm

257119	4.3	警告	TIBCO Software	-	TIBCO Managed File Transfer および Slingshot におけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2011-3423	2011-09-26 15:38	2011-09-13	Show	GitHub Exploit DB Packet Storm

257120	4.3	警告	TIBCO Software	-	TIBCO Managed File Transfer および Slingshot における Web セッションをハイジャックされる脆弱性	CWE-Other その他	CVE-2011-3424	2011-09-26 15:37	2011-09-13	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:June 26, 2026, 4 a.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
246011	6.1	MEDIUM Network	icinga	icinga_web_2	Icinga Web 2 has XSS via the /icingaweb2/monitoring/list/services dir parameter, the /icingaweb2/user/list query string, the /icingaweb2/monitoring/timeline query string, or the /icingaweb2/setup que…	CWE-79 Cross-site Scripting	CVE-2018-18248	2024-11-21 12:55	2018-12-18	Show	GitHub Exploit DB Packet Storm

246012	5.4	MEDIUM Network	icinga	icinga_web_2	Icinga Web 2 before 2.6.2 has XSS via the /icingaweb2/navigation/add icon parameter.	CWE-79 Cross-site Scripting	CVE-2018-18247	2024-11-21 12:55	2018-12-18	Show	GitHub Exploit DB Packet Storm

246013	6.5	MEDIUM Network	icinga	icinga_web_2	Icinga Web 2 before 2.6.2 has CSRF via /icingaweb2/config/moduledisable?name=monitoring to disable the monitoring module, or via /icingaweb2/config/moduleenable?name=setup to enable the setup module.	CWE-352 Origin Validation Error	CVE-2018-18246	2024-11-21 12:55	2018-12-18	Show	GitHub Exploit DB Packet Storm

246014	5.4	MEDIUM Network	nagios debian	nagios_core debian_linux	Nagios Core 4.4.2 has XSS via the alert summary reports of plugin results, as demonstrated by a SCRIPT element delivered by a modified check_load plugin to NRPE.	CWE-79 Cross-site Scripting	CVE-2018-18245	2024-11-21 12:55	2018-12-18	Show	GitHub Exploit DB Packet Storm

246015	9.8	CRITICAL Network	ricoh	myprint	Hardcoded credentials in the Ricoh myPrint application 2.9.2.4 for Windows and 2.2.7 for Android give access to any externally disclosed myPrint WSDL API, as demonstrated by discovering API secrets o…	CWE-798 Use of Hard-coded Credentials	CVE-2018-18006	2024-11-21 12:55	2018-12-15	Show	GitHub Exploit DB Packet Storm

246016	7.8	HIGH Local	intel	solid_state_drive_toolbox	Improper directory permissions in Intel Solid State Drive Toolbox before 3.5.7 may allow an authenticated user to potentially enable escalation of privilege via local access.	CWE-732 Incorrect Permission Assignment for Critical Resource	CVE-2018-18097	2024-11-21 12:55	2018-12-14	Show	GitHub Exploit DB Packet Storm

246017	5.5	MEDIUM Local	intel	quickassist_technology_for_linux	Improper memory handling in Intel QuickAssist Technology for Linux (all versions) may allow an authenticated user to potentially enable a denial of service via local access.	CWE-119 Incorrect Access of Indexable Resource ('Range Error')	CVE-2018-18096	2024-11-21 12:55	2018-12-14	Show	GitHub Exploit DB Packet Storm

246018	7.8	HIGH Local	intel	vtune_amplifier	Improper file permissions in the installer for Intel VTune Amplifier 2018 Update 3 and before may allow unprivileged user to potentially gain privileged access via local access.	CWE-732 Incorrect Permission Assignment for Critical Resource	CVE-2018-18093	2024-11-21 12:55	2018-12-14	Show	GitHub Exploit DB Packet Storm

246019	6.1	MEDIUM Network	microfocus	edirectory	Cross site scripting vulnerability in eDirectory prior to 9.1 SP2	CWE-79 Cross-site Scripting	CVE-2018-17952	2024-11-21 12:55	2018-12-12	Show	GitHub Exploit DB Packet Storm

246020	7.5	HIGH Network	microfocus	edirectory	Incorrect enforcement of authorization checks in eDirectory prior to 9.1 SP2	CWE-863 Incorrect Authorization	CVE-2018-17950	2024-11-21 12:55	2018-12-12	Show	GitHub Exploit DB Packet Storm

Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed