Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":June 23, 2026, 10:01 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
257481 7.5 危険 RADVISION - RADVISION iVIEW Suite における SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2011-1328 2011-05-19 12:01 2011-05-19 Show GitHub Exploit DB Packet Storm
257482 10 危険 シスコシステムズ - Cisco IOS の PKI 機能における認証を回避される脆弱性 CWE-310
暗号の問題 		CVE-2011-0935 2011-05-19 11:10 2011-04-14 Show GitHub Exploit DB Packet Storm
257483 7.2 危険 IBM - IBM Lotus Domino のサーバコンソールにおける重要な情報を取得される脆弱性 CWE-287
不適切な認証 		CVE-2011-1520 2011-05-19 11:08 2011-03-25 Show GitHub Exploit DB Packet Storm
257484 10 危険 IBM - IBM Lotus Domino の リモートコンソールにおける認証を回避される脆弱性 CWE-287
不適切な認証 		CVE-2011-1519 2011-05-19 11:06 2011-03-25 Show GitHub Exploit DB Packet Storm
257485 4.3 警告 Apache Software Foundation
Steinar H. Gunderson		 - Steinar H. Gunderson mpm-itk Multi-Processing Module における権限を取得される脆弱性 CWE-16
環境設定 		CVE-2011-1176 2011-05-19 11:04 2011-03-29 Show GitHub Exploit DB Packet Storm
257486 4.9 警告 IBM
Apache Software Foundation
アップル
サイバートラスト株式会社
ヒューレット・パッカード
ターボリナックス
オラクル
レッドハット		 - Apache HTTP Server における AllowOverride ディレクティブの処理に関する権限昇格の脆弱性 CWE-16
環境設定 		CVE-2009-1195 2011-05-19 09:46 2009-05-28 Show GitHub Exploit DB Packet Storm
257487 4.3 警告 KDE project
レッドハット		 - KDE SC の Konqueror 内にある KHTMLPart::htmlError 関数におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2011-1168 2011-05-18 18:30 2011-04-21 Show GitHub Exploit DB Packet Storm
257488 4.3 警告 KDE project
レッドハット		 - kdelibs の kio/kio/tcpslavebase.cpp における任意の SSL サーバになりすまされる脆弱性 CWE-20
不適切な入力確認 		CVE-2011-1094 2011-05-18 18:26 2011-04-21 Show GitHub Exploit DB Packet Storm
257489 5.8 警告 KDE project
レッドハット		 - KDE SC の KGet 内にある KGetMetalink::File::isValidNameAttr 関数におけるディレクトリトラバーサルの脆弱性 CWE-22
パス・トラバーサル 		CVE-2011-1586 2011-05-18 18:25 2011-04-21 Show GitHub Exploit DB Packet Storm
257490 9.3 危険 アドビシステムズ - 複数の Adobe 製品の CoolType ライブラリにおける任意のコードを実行される脆弱性 CWE-119
バッファエラー 		CVE-2011-0610 2011-05-18 18:24 2011-04-21 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:June 23, 2026, 4 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
290431 - owncloud owncloud Multiple cross-site scripting (XSS) vulnerabilities in the (1) Gallery and (2) core components in ownCloud Server before 5.016 and 6.0.x before 6.0.3 allow remote attackers to inject arbitrary web sc… CWE-79
Cross-site Scripting 		CVE-2014-3833 2024-11-21 11:08 2014-06-4 Show GitHub Exploit DB Packet Storm
290432 - owncloud owncloud Cross-site scripting (XSS) vulnerability in the Documents component in ownCloud Server 6.0.x before 6.0.3 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors, possi… CWE-79
Cross-site Scripting 		CVE-2014-3832 2024-11-21 11:08 2014-06-4 Show GitHub Exploit DB Packet Storm
290433 - lucidcrew pixie Multiple cross-site scripting (XSS) vulnerabilities in the contact module (admin/modules/contact.php) in Pixie CMS 1.04 allow remote attackers to inject arbitrary web script or HTML via the (1) uemai… CWE-79
Cross-site Scripting 		CVE-2014-3786 2024-11-21 11:08 2014-06-4 Show GitHub Exploit DB Packet Storm
290434 - gnu gnutls Buffer overflow in the read_server_hello function in lib/gnutls_handshake.c in GnuTLS before 3.1.25, 3.2.x before 3.2.15, and 3.3.x before 3.3.4 allows remote servers to cause a denial of service (me… CWE-119
Incorrect Access of Indexable Resource ('Range Error')  		CVE-2014-3466 2024-11-21 11:08 2014-06-3 Show GitHub Exploit DB Packet Storm
290435 - vmware vcenter_server_appliance Ruby vSphere Console (RVC) in VMware vCenter Server Appliance allows remote authenticated users to execute arbitrary commands as root by escaping from a chroot jail. CWE-264
Permissions, Privileges, and Access Controls 		CVE-2014-3790 2024-11-21 11:08 2014-06-1 Show GitHub Exploit DB Packet Storm
290436 - vmware player
esxi
fusion
workstation 		VMware Tools in VMware Workstation 10.x before 10.0.2, VMware Player 6.x before 6.0.2, VMware Fusion 6.x before 6.0.3, and VMware ESXi 5.0 through 5.5, when a Windows 8.1 guest OS is used, allows gue… NVD-CWE-Other
CVE-2014-3793 2024-11-21 11:08 2014-05-31 Show GitHub Exploit DB Packet Storm
290437 - citrix vdi-in-a-box Unspecified vulnerability in Citrix VDI-In-A-Box 5.3.x before 5.3.8 and 5.4.x before 5.4.4 allows remote attackers to bypass authentication via unspecified vectors, related to a Java servlet. CWE-287
Improper Authentication 		CVE-2014-3780 2024-11-21 11:08 2014-05-30 Show GitHub Exploit DB Packet Storm
290438 - jasig uportal uPortal before 4.0.13.1 does not properly check the CONFIG permission, which allows remote authenticated users to configure portlets by leveraging the SUBSCRIBE permission for a portlet. CWE-264
Permissions, Privileges, and Access Controls 		CVE-2014-3417 2024-11-21 11:08 2014-05-29 Show GitHub Exploit DB Packet Storm
290439 - jasig uportal uPortal before 4.0.13.1 does not properly check the MANAGE permissions, which allows remote authenticated users to manage arbitrary portlets by leveraging the SUBSCRIBE permission for the portlet-adm… CWE-264
Permissions, Privileges, and Access Controls 		CVE-2014-3416 2024-11-21 11:08 2014-05-29 Show GitHub Exploit DB Packet Storm
290440 - sharetronix sharetronix SQL injection vulnerability in Sharetronix before 3.4 allows remote authenticated users to execute arbitrary SQL commands via the invite_users[] parameter to the /invite page for a group. CWE-89
SQL Injection 		CVE-2014-3415 2024-11-21 11:08 2014-05-29 Show GitHub Exploit DB Packet Storm