Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":July 1, 2026, 6 p.m.

No CVSS Level
Attach Vector
Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show
Exploit
PoC
Search
258091 10 危険 Measuresoft Development Ltd. - Measuresoft ScadaPro の service.exe におけるディレクトリトラバーサルの脆弱性 CWE-22
パス・トラバーサル
CVE-2011-3495 2011-09-26 15:39 2011-09-16 Show GitHub Exploit DB Packet Storm
258092 4.3 警告 TIBCO Software - TIBCO Managed File Transfer および Slingshot におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS)
CVE-2011-3423 2011-09-26 15:38 2011-09-13 Show GitHub Exploit DB Packet Storm
258093 4.3 警告 TIBCO Software - TIBCO Managed File Transfer および Slingshot における Web セッションをハイジャックされる脆弱性 CWE-Other
その他
CVE-2011-3424 2011-09-26 15:37 2011-09-13 Show GitHub Exploit DB Packet Storm
258094 10 危険 シスコシステムズ - Cisco Unified Service Monitor における任意のコードを実行される脆弱性 CWE-noinfo
情報不足
CVE-2011-2738 2011-09-22 15:55 2011-09-14 Show GitHub Exploit DB Packet Storm
258095 6.8 警告 Jaspersoft - JasperServer にクロスサイトリクエストフォージェリの脆弱性 CWE-352
同一生成元ポリシー違反
CVE-2011-1911 2011-09-22 15:54 2011-09-16 Show GitHub Exploit DB Packet Storm
258096 7.5 危険 LifeSize Communications - LifeSize Room appliance の Web インターフェイスにおける任意のコマンドを実行される脆弱性 CWE-20
不適切な入力確認
CVE-2011-2763 2011-09-22 15:50 2011-09-2 Show GitHub Exploit DB Packet Storm
258097 5 警告 LifeSize Communications - LifeSize Room appliance の Web インターフェイスにおける認証を回避される脆弱性 CWE-287
不適切な認証
CVE-2011-2762 2011-09-22 15:49 2011-09-2 Show GitHub Exploit DB Packet Storm
258098 7.5 危険 Myrephp Programming - MYRE Real Estate Software の findagent.php における SQL インジェクションの脆弱性 CWE-89
SQLインジェクション
CVE-2011-3394 2011-09-21 15:52 2011-09-15 Show GitHub Exploit DB Packet Storm
258099 4.3 警告 Myrephp Programming - MYRE Real Estate Software の findagent.php におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS)
CVE-2011-3393 2011-09-21 15:51 2011-09-15 Show GitHub Exploit DB Packet Storm
258100 10 危険 Scadatec Limited - Scadatec Limited Procyon SCADA におけるスタックベースのバッファオーバーフローの脆弱性 CWE-119
バッファエラー
CVE-2011-3322 2011-09-21 15:51 2011-09-15 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:July 1, 2026, 4:27 a.m.

No CVSS Level
Attach Vector
Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
253141 5.3 MEDIUM
Network
digium
debian
asterisk
certified_asterisk
debian_linux
An issue was discovered in Asterisk Open Source 13.x before 13.21.1, 14.x before 14.7.7, and 15.x before 15.4.1 and Certified Asterisk 13.18-cert before 13.18-cert4 and 13.21-cert before 13.21-cert2.… CWE-200
Information Exposure
CVE-2018-12227 2024-11-21 12:44 2018-06-12 Show GitHub Exploit DB Packet Storm
253142 7.8 HIGH
Local
md4c_project md4c md_build_attribute in md4c.c in md4c 0.2.6 allows remote attackers to cause a denial of service (Segmentation fault and application crash) or possibly have unspecified other impact via a crafted file. CWE-119
Incorrect Access of Indexable Resource ('Range Error') 
CVE-2018-12112 2024-11-21 12:44 2018-06-11 Show GitHub Exploit DB Packet Storm
253143 6.1 MEDIUM
Network
canon efi_printme Cross-site scripting (XSS) vulnerability in the Canon PrintMe EFI webinterface allows remote attackers to inject arbitrary web script or HTML via the PATH_INFO to the /wt3/mydocs.php URI. CWE-79
Cross-site Scripting
CVE-2018-12111 2024-11-21 12:44 2018-06-11 Show GitHub Exploit DB Packet Storm
253144 7.2 HIGH
Network
portfoliocms_project portfoliocms portfolioCMS 1.0.5 has SQL Injection via the admin/portfolio.php preview parameter. CWE-89
SQL Injection
CVE-2018-12110 2024-11-21 12:44 2018-06-11 Show GitHub Exploit DB Packet Storm
253145 7.8 HIGH
Local
flif flif An issue was discovered in Free Lossless Image Format (FLIF) 0.3. The TransformPaletteC<FileIO>::process function in transform/palette_C.hpp allows remote attackers to cause a denial of service (heap… CWE-787
 Out-of-bounds Write
CVE-2018-12109 2024-11-21 12:44 2018-06-11 Show GitHub Exploit DB Packet Storm
253146 5.5 MEDIUM
Local
dropbox lepton An issue was discovered in Dropbox Lepton 1.2.1. The validateAndCompress function in validation.cc allows remote attackers to cause a denial of service (SIGFPE and application crash) via a malformed … CWE-20
 Improper Input Validation 
CVE-2018-12108 2024-11-21 12:44 2018-06-11 Show GitHub Exploit DB Packet Storm
253147 5.5 MEDIUM
Local
md4c_project md4c md4c 0.2.6 has a NULL pointer dereference in the function md_process_line in md4c.c, related to ctx->current_block. CWE-476
 NULL Pointer Dereference
CVE-2018-12102 2024-11-21 12:44 2018-06-11 Show GitHub Exploit DB Packet Storm
253148 4.8 MEDIUM
Network
sonatype nexus_repository_manager Sonatype Nexus Repository Manager versions 3.x before 3.12.0 has XSS in multiple areas in the Administration UI. CWE-79
Cross-site Scripting
CVE-2018-12100 2024-11-21 12:44 2018-06-11 Show GitHub Exploit DB Packet Storm
253149 6.1 MEDIUM
Network
grafana
netapp
grafana
active_iq_performance_analytics_services
storagegrid_webscale_nas_bridge
Grafana before 5.2.0-beta1 has XSS vulnerabilities in dashboard links. CWE-79
Cross-site Scripting
CVE-2018-12099 2024-11-21 12:44 2018-06-11 Show GitHub Exploit DB Packet Storm
253150 5.4 MEDIUM
Network
oecms_project oecms A Reflected Cross-Site Scripting web vulnerability has been discovered in the OEcms v3.1 web-application. The vulnerability is located in the mod parameter of info.php. CWE-79
Cross-site Scripting
CVE-2018-12095 2024-11-21 12:44 2018-06-11 Show GitHub Exploit DB Packet Storm