Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":June 30, 2026, 6 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
258271 4.3 警告 Nagios Enterprises, LLC - Nagios の statusmap.c におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2011-1523 2011-07-27 10:24 2011-03-9 Show GitHub Exploit DB Packet Storm
258272 2.1 注意 IBM - IBM WebSphere Application Server における重要なスタックトレース情報を取得される脆弱性 CWE-200
情報漏えい 		CVE-2011-1356 2011-07-27 10:24 2011-07-12 Show GitHub Exploit DB Packet Storm
258273 5.8 警告 IBM - IBM WebSphere Application Server におけるオープンリダイレクトの脆弱性 CWE-20
不適切な入力確認 		CVE-2011-1355 2011-07-27 10:23 2011-07-12 Show GitHub Exploit DB Packet Storm
258274 6.8 警告 アップル
サイバートラスト株式会社
FreeType Project
レッドハット		 - FreeType の truetype/ttgxvar.c 内にある ft_var_readpackedpoints 関数におけるバッファオーバーフローの脆弱性 CWE-119
バッファエラー 		CVE-2010-3855 2011-07-27 09:58 2010-11-16 Show GitHub Exploit DB Packet Storm
258275 6.4 警告 ISC, Inc.
IBM
サイバートラスト株式会社
オラクル
VMware
レッドハット		 - ISC BIND named validator に脆弱性 CWE-Other
その他 		CVE-2010-3614 2011-07-27 09:47 2010-12-2 Show GitHub Exploit DB Packet Storm
258276 4 警告 ISC, Inc.
IBM
サイバートラスト株式会社
ヒューレット・パッカード
オラクル
VMware
レッドハット		 - ISC BIND におけるサービス運用妨害 (DoS) の脆弱性 CWE-264
認可・権限・アクセス制御 		CVE-2010-3613 2011-07-27 09:46 2010-12-2 Show GitHub Exploit DB Packet Storm
258277 5 警告 ISC, Inc.
ターボリナックス
レッドハット
オラクル		 - ISC BIND にサービス運用妨害 (DoS) の脆弱性 CWE-189
数値処理の問題 		CVE-2011-1910 2011-07-27 09:43 2011-05-30 Show GitHub Exploit DB Packet Storm
258278 5 警告 Opera Software ASA - Opera におけるサービス運用妨害 (アプリケーションクラッシュ) の脆弱性 CWE-noinfo
情報不足 		CVE-2011-2621 2011-07-26 12:03 2011-06-28 Show GitHub Exploit DB Packet Storm
258279 5 警告 Opera Software ASA - Opera におけるサービス運用妨害 (アプリケーションクラッシュ) の脆弱性 CWE-noinfo
情報不足 		CVE-2011-2620 2011-07-26 12:02 2011-06-28 Show GitHub Exploit DB Packet Storm
258280 5 警告 Opera Software ASA - Opera におけるサービス運用妨害 (アプリケーションクラッシュ) の脆弱性 CWE-399
リソース管理の問題 		CVE-2011-2619 2011-07-26 12:02 2011-06-28 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:June 30, 2026, 4:22 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
288361 - mulesoft mule_enterprise_management_console Mule Enterprise Management Console (MMC) does not properly restrict access to handler/securityService.rpc, which allows remote authenticated users to gain administrator privileges and execute arbitra… CWE-264
Permissions, Privileges, and Access Controls 		CVE-2014-9000 2024-11-21 11:20 2014-11-20 Show GitHub Exploit DB Packet Storm
288362 - xoops xoops SQL injection vulnerability in htdocs/modules/system/admin.php in XOOPS before 2.5.7 Final allows remote authenticated users to execute arbitrary SQL commands via the selgroups parameter. CWE-89
SQL Injection 		CVE-2014-8999 2024-11-21 11:20 2014-11-20 Show GitHub Exploit DB Packet Storm
288363 - x7chat x7_chat lib/message.php in X7 Chat 2.0.0 through 2.0.5.1 allows remote authenticated users to execute arbitrary PHP code via a crafted HTTP header to index.php, which is processed by the preg_replace functio… CWE-94
Code Injection 		CVE-2014-8998 2024-11-21 11:20 2014-11-20 Show GitHub Exploit DB Packet Storm
288364 - digitalvidhya digi_online_examination_system Unrestricted file upload vulnerability in the Photo functionality in DigitalVidhya Digi Online Examination System 2.0 allows remote attackers to execute arbitrary code by uploading a file with an exe… CWE-94
Code Injection 		CVE-2014-8997 2024-11-21 11:20 2014-11-20 Show GitHub Exploit DB Packet Storm
288365 - nibbleblog nibbleblog Multiple cross-site scripting (XSS) vulnerabilities in Nibbleblog before 4.0.2 allow remote attackers to inject arbitrary web script or HTML via the (1) author_name or (2) content parameter to index.… CWE-79
Cross-site Scripting 		CVE-2014-8996 2024-11-21 11:20 2014-11-20 Show GitHub Exploit DB Packet Storm
288366 - maarch letterbox SQL injection vulnerability in Maarch LetterBox 2.8 allows remote attackers to execute arbitrary SQL commands via the UserId cookie. CWE-89
SQL Injection 		CVE-2014-8995 2024-11-21 11:20 2014-11-20 Show GitHub Exploit DB Packet Storm
288367 - megnicholas clean_and_simple_contact_form Cross-site scripting (XSS) vulnerability in the Contact Form Clean and Simple (clean-and-simple-contact-form-by-meg-nicholas) plugin 4.4.0 and earlier for WordPress allows remote attackers to inject … CWE-79
Cross-site Scripting 		CVE-2014-8955 2024-11-21 11:20 2014-11-18 Show GitHub Exploit DB Packet Storm
288368 6.1 MEDIUM
Network 		php-fusion phpfusion A reflected cross-site scripting (XSS) vulnerability in PHP-Fusion 7.02.07 allows remote attackers to inject arbitrary web script or HTML via the status parameter in the CMS admin panel. CWE-79
Cross-site Scripting 		CVE-2014-8597 2024-11-21 11:19 2022-02-18 Show GitHub Exploit DB Packet Storm
288369 9.8 CRITICAL
Network 		piwigo lexiglot admin.php?page=projects in Lexiglot through 2014-11-20 allows command injection via username and password fields. CWE-78
OS Command  		CVE-2014-8945 2024-11-21 11:19 2020-06-2 Show GitHub Exploit DB Packet Storm
288370 5.4 MEDIUM
Network 		piwigo lexiglot Lexiglot through 2014-11-20 allows XSS (Reflected) via the username, or XSS (Stored) via the admin.php?page=config install_name, intro_message, or new_file_content parameter. CWE-79
Cross-site Scripting 		CVE-2014-8944 2024-11-21 11:19 2020-06-2 Show GitHub Exploit DB Packet Storm