Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":July 1, 2026, 2:01 p.m.

No CVSS Level
Attach Vector
Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show
Exploit
PoC
Search
257841 6.8 警告 アップル - Apple Mac OS X の QuickTime における任意のコードを実行される脆弱性 CWE-94
コード・インジェクション
CVE-2011-3221 2011-10-26 09:41 2011-10-14 Show GitHub Exploit DB Packet Storm
257842 6.8 警告 Django Software Foundation - Django の CSRF 保護メカニズムにおける認証されずに偽造されたリクエストを誘発される脆弱性 CWE-352
同一生成元ポリシー違反
CVE-2011-4140 2011-10-25 16:54 2011-09-9 Show GitHub Exploit DB Packet Storm
257843 5 警告 Django Software Foundation - Django におけるキャッシュポイズニング攻撃を誘発される脆弱性 CWE-20
不適切な入力確認
CVE-2011-4139 2011-10-25 16:54 2011-09-9 Show GitHub Exploit DB Packet Storm
257844 5 警告 Django Software Foundation - Django の URLField 実装内にある verify_exists 機能における任意の GET リクエストを誘発される脆弱性 CWE-20
不適切な入力確認
CVE-2011-4138 2011-10-25 16:53 2011-09-9 Show GitHub Exploit DB Packet Storm
257845 5 警告 Django Software Foundation - Django の URLField 実装内にある verify_exists 機能におけるサービス運用妨害 (リソース消費) の脆弱性 CWE-399
リソース管理の問題
CVE-2011-4137 2011-10-25 16:53 2011-09-9 Show GitHub Exploit DB Packet Storm
257846 5.8 警告 Django Software Foundation - Django の django.contrib.sessions におけるセッションを変更される脆弱性 CWE-20
不適切な入力確認
CVE-2011-4136 2011-10-25 16:52 2011-09-9 Show GitHub Exploit DB Packet Storm
257847 4.3 警告 シスコシステムズ - Cisco TelePresence Video Communication Servers の管理インターフェイスにおけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS)
CVE-2011-3294 2011-10-25 16:50 2011-10-12 Show GitHub Exploit DB Packet Storm
257848 10 危険 ヒューレット・パッカード - HP Data Protector における任意のコードを実行される脆弱性 CWE-noinfo
情報不足
CVE-2011-3162 2011-10-25 16:50 2011-10-18 Show GitHub Exploit DB Packet Storm
257849 10 危険 ヒューレット・パッカード - HP Data Protector における任意のコードを実行される脆弱性 CWE-noinfo
情報不足
CVE-2011-3161 2011-10-25 16:49 2011-10-18 Show GitHub Exploit DB Packet Storm
257850 10 危険 ヒューレット・パッカード - HP Data Protector における任意のコードを実行される脆弱性 CWE-noinfo
情報不足
CVE-2011-3160 2011-10-25 16:48 2011-10-18 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:July 1, 2026, 4:27 a.m.

No CVSS Level
Attach Vector
Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
251461 6.5 MEDIUM
Network
h2database h2 An issue was discovered in H2 1.4.197. Insecure handling of permissions in the backup function allows attackers to read sensitive files (outside of their permissions) via a symlink to a fake database… CWE-59
Link Following
CVE-2018-14335 2024-11-21 12:48 2018-07-24 Show GitHub Exploit DB Packet Storm
251462 9.8 CRITICAL
Network
brynamics online_trade Brynamics "Online Trade - Online trading and cryptocurrency investment system" allows remote attackers to obtain sensitive information via a direct request for /dashboard/addplan, /dashboard/paywithc… CWE-200
Information Exposure
CVE-2018-14328 2024-11-21 12:48 2018-07-24 Show GitHub Exploit DB Packet Storm
251463 7.5 HIGH
Network
tp-link wr840n TP-Link WR840N devices allow remote attackers to cause a denial of service (connectivity loss) via a series of packets with random MAC addresses. CWE-20
 Improper Input Validation 
CVE-2018-14336 2024-11-21 12:48 2018-07-20 Show GitHub Exploit DB Packet Storm
251464 5.5 MEDIUM
Local
clementine-player clementine An issue was discovered in Clementine Music Player 1.3.1. Clementine.exe is vulnerable to a user mode write access violation due to a NULL pointer dereference in the Init call in the MoodbarPipeline:… CWE-476
 NULL Pointer Dereference
CVE-2018-14332 2024-11-21 12:48 2018-07-20 Show GitHub Exploit DB Packet Storm
251465 7.5 HIGH
Network
axmldec_project axmldec axmldec 1.2.0 has an out-of-bounds write in the jitana::axml_parser::parse_start_namespace function in lib/jitana/util/axml_parser.cpp. CWE-787
 Out-of-bounds Write
CVE-2018-14402 2024-11-21 12:48 2018-07-19 Show GitHub Exploit DB Packet Storm
251466 7.5 HIGH
Network
axml_parser_project axml_parser CopyData in AxmlParser.c in AXML Parser through 2018-01-04 has an out-of-bounds read. CWE-125
Out-of-bounds Read
CVE-2018-14401 2024-11-21 12:48 2018-07-19 Show GitHub Exploit DB Packet Storm
251467 9.8 CRITICAL
Network
phpcms_project phpcms libs\classes\attachment.class.php in PHPCMS 9.6.0 allows remote attackers to upload and execute arbitrary PHP code via a .txt?.php#.jpg URI in the SRC attribute of an IMG element within info[content]… CWE-94
Code Injection
CVE-2018-14399 2024-11-21 12:48 2018-07-19 Show GitHub Exploit DB Packet Storm
251468 6.5 MEDIUM
Network
debian
ffmpeg
debian_linux
ffmpeg
libavformat/movenc.c in FFmpeg 3.2 and 4.0.2 allows attackers to cause a denial of service (application crash caused by a divide-by-zero error) with a user crafted audio file when converting to the M… CWE-369
 Divide By Zero
CVE-2018-14395 2024-11-21 12:48 2018-07-19 Show GitHub Exploit DB Packet Storm
251469 6.5 MEDIUM
Network
ffmpeg ffmpeg libavformat/movenc.c in FFmpeg before 4.0.2 allows attackers to cause a denial of service (application crash caused by a divide-by-zero error) with a user crafted Waveform audio file. CWE-369
 Divide By Zero
CVE-2018-14394 2024-11-21 12:48 2018-07-19 Show GitHub Exploit DB Packet Storm
251470 6.1 MEDIUM
Network
mybb new_threads The New Threads plugin before 1.2 for MyBB has XSS. CWE-79
Cross-site Scripting
CVE-2018-14392 2024-11-21 12:48 2018-07-19 Show GitHub Exploit DB Packet Storm