Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":July 1, 2026, 6 p.m.

No CVSS Level
Attach Vector
Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show
Exploit
PoC
Search
257261 5 警告 シスコシステムズ - Cisco SA 500 series security appliances における SQL インジェクションの脆弱性 CWE-89
SQLインジェクション
CVE-2011-2546 2011-12-1 11:14 2011-07-20 Show GitHub Exploit DB Packet Storm
257262 6.8 警告 マイクロソフト
シスコシステムズ
- Cisco VPN Client における権限を取得される脆弱性 CWE-DesignError
CVE-2011-2678 2011-12-1 11:14 2011-07-7 Show GitHub Exploit DB Packet Storm
257263 7.8 危険 シスコシステムズ - Cisco IOS におけるサービス運用妨害 (デバイスリロード) の脆弱性 CWE-399
リソース管理の問題
CVE-2011-2064 2011-12-1 11:12 2011-07-6 Show GitHub Exploit DB Packet Storm
257264 5 警告 シスコシステムズ - Cisco IOS における Router Advertisement Guarding 機能が回避される脆弱性 CWE-16
環境設定
CVE-2011-2395 2011-12-1 11:12 2011-06-9 Show GitHub Exploit DB Packet Storm
257265 7.2 危険 マイクロソフト
シスコシステムズ
- Cisco AnyConnect Secure Mobility Client における権限を取得される脆弱性 CWE-264
認可・権限・アクセス制御
CVE-2011-2041 2011-12-1 11:11 2011-06-1 Show GitHub Exploit DB Packet Storm
257266 10 危険 シスコシステムズ - Cisco Network Registrar におけるアクセス権を取得される脆弱性 CWE-255
証明書・パスワード管理
CVE-2011-2024 2011-12-1 11:11 2011-06-1 Show GitHub Exploit DB Packet Storm
257267 1.5 注意 シスコシステムズ - Cisco Unified IP Phones 7900 デバイスにおける権限を取得される脆弱性 CWE-264
認可・権限・アクセス制御
CVE-2011-1637 2011-12-1 11:10 2011-06-1 Show GitHub Exploit DB Packet Storm
257268 10 危険 シスコシステムズ - Cisco Media Processing Software におけるアクセス権を取得される脆弱性 CWE-255
証明書・パスワード管理
CVE-2011-1623 2011-12-1 11:08 2011-06-1 Show GitHub Exploit DB Packet Storm
257269 6.6 警告 シスコシステムズ - Cisco Unified IP Phones 7900 における権限を取得される脆弱性 CWE-264
認可・権限・アクセス制御
CVE-2011-1603 2011-12-1 11:03 2011-06-1 Show GitHub Exploit DB Packet Storm
257270 6.6 警告 シスコシステムズ - Cisco Unified IP Phone 7900 の su ユーティリティにおける権限を取得される脆弱性 CWE-264
認可・権限・アクセス制御
CVE-2011-1602 2011-12-1 11:03 2011-06-1 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:July 1, 2026, 4:27 a.m.

No CVSS Level
Attach Vector
Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
246921 5.3 MEDIUM
Network
is-my-json-valid_project is-my-json-valid It was discovered that the is-my-json-valid JavaScript library used an inefficient regular expression to validate JSON fields defined to have email format. A specially crafted JSON file could cause i… - CVE-2018-1107 2024-11-21 12:59 2021-03-30 Show GitHub Exploit DB Packet Storm
246922 7.5 HIGH
Network
ibm security_guardium IBM Security Guardium 10.5, 10.6, and 11.0 could allow an unauthorized user to obtain sensitive information due to missing security controls. IBM X-Force ID: 141226. CWE-306
Missing Authentication for Critical Function
CVE-2018-1501 2024-11-21 12:59 2020-08-27 Show GitHub Exploit DB Packet Storm
246923 9.8 CRITICAL
Network
apache
fedoraproject
oracle
netapp
log4net
fedora
application_testing_suite
hospitality_simphony
hospitality_opera_5
snapcenter
manageability_software_development_kit
Apache log4net versions before 2.0.10 do not disable XML external entities when parsing log4net configuration files. This allows for XXE-based attacks in applications that accept attacker-controlled … CWE-611
XXE
CVE-2018-1285 2024-11-21 12:59 2020-05-12 Show GitHub Exploit DB Packet Storm
246924 8.1 HIGH
Network
apache
redhat
debian
oracle
fedoraproject
xerces-c\+\+
enterprise_linux_desktop
enterprise_linux_workstation
enterprise_linux_server
enterprise_linux_server_aus
enterprise_linux_server_tus
enterprise_linux_eus
debian_lin…
The Apache Xerces-C 3.0.0 to 3.2.3 XML parser contains a use-after-free error triggered during the scanning of external DTDs. This flaw has not been addressed in the maintained version of the library… CWE-416
 Use After Free
CVE-2018-1311 2024-11-21 12:59 2019-12-19 Show GitHub Exploit DB Packet Storm
246925 8.1 HIGH
Network
fortinet fortimanager A cleartext transmission of sensitive information vulnerability in Fortinet FortiManager 5.2.0 through 5.2.7, 5.4.0 and 5.4.1 may allow an unauthenticated attacker in a man in the middle position to … CWE-319
Cleartext Transmission of Sensitive Information
CVE-2018-1360 2024-11-21 12:59 2019-04-26 Show GitHub Exploit DB Packet Storm
246926 6.1 MEDIUM
Network
apache zeppelin Apache Zeppelin prior to 0.8.0 had a stored XSS issue via Note permissions. Issue reported by "Josna Joseph". CWE-79
Cross-site Scripting
CVE-2018-1328 2024-11-21 12:59 2019-04-24 Show GitHub Exploit DB Packet Storm
246927 8.8 HIGH
Network
apache zeppelin In Apache Zeppelin prior to 0.8.0 the cron scheduler was enabled by default and could allow users to run paragraphs as other users without authentication. CWE-287
Improper Authentication
CVE-2018-1317 2024-11-21 12:59 2019-04-24 Show GitHub Exploit DB Packet Storm
246928 6.1 MEDIUM
Network
fortinet fortisandbox A reflected Cross-Site-Scripting (XSS) vulnerability in Fortinet FortiSandbox before 3.0 may allow an attacker to execute unauthorized code or commands via the back_url parameter in the file scan com… CWE-79
Cross-site Scripting
CVE-2018-1356 2024-11-21 12:59 2019-04-10 Show GitHub Exploit DB Packet Storm
246929 9.8 CRITICAL
Network
fortinet fortios A format string vulnerability in Fortinet FortiOS 5.6.0 allows attacker to execute unauthorized code or commands via the SSH username variable. CWE-134
Use of Externally-Controlled Format String
CVE-2018-1352 2024-11-21 12:59 2019-02-9 Show GitHub Exploit DB Packet Storm
246930 7.5 HIGH
Network
apache guacamole Prior to 1.0.0, Apache Guacamole used a cookie for client-side storage of the user's session token. This cookie lacked the "secure" flag, which could allow an attacker eavesdropping on the network to… CWE-311
Missing Encryption of Sensitive Data
CVE-2018-1340 2024-11-21 12:59 2019-02-8 Show GitHub Exploit DB Packet Storm