Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":July 1, 2026, 4:01 p.m.

No CVSS Level
Attach Vector
Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show
Exploit
PoC
Search
258901 5 警告 オラクル - Oracle Database Server の Network Foundation コンポーネントにおける脆弱性 CWE-noinfo
情報不足
CVE-2011-0806 2011-05-11 11:00 2011-04-19 Show GitHub Exploit DB Packet Storm
258902 4.3 警告 オラクル - Oracle Database Server の UIX コンポーネントにおける脆弱性 CWE-noinfo
情報不足
CVE-2011-0805 2011-05-11 10:58 2011-04-19 Show GitHub Exploit DB Packet Storm
258903 3.6 注意 オラクル - Oracle Database Server の Database Vault コンポーネントにおける脆弱性 CWE-noinfo
情報不足
CVE-2011-0804 2011-05-11 10:58 2011-04-19 Show GitHub Exploit DB Packet Storm
258904 6.5 警告 オラクル - Oracle Database Server の Oracle Warehouse Builder コンポーネントにおける脆弱性 CWE-noinfo
情報不足
CVE-2011-0799 2011-05-11 10:57 2011-04-19 Show GitHub Exploit DB Packet Storm
258905 3.6 注意 オラクル - Oracle Database Server の Database Vault コンポーネントにおける脆弱性 CWE-noinfo
情報不足
CVE-2011-0793 2011-05-11 10:55 2011-04-19 Show GitHub Exploit DB Packet Storm
258906 6.5 警告 オラクル - Oracle Database Server の Oracle Warehouse Builder コンポーネントにおける脆弱性 CWE-noinfo
情報不足
CVE-2011-0792 2011-05-11 10:54 2011-04-19 Show GitHub Exploit DB Packet Storm
258907 5.5 警告 オラクル - 複数の Oracle 製品の Application Service Level Management コンポーネントにおける脆弱性 CWE-noinfo
情報不足
CVE-2011-0787 2011-05-11 10:53 2011-04-19 Show GitHub Exploit DB Packet Storm
258908 4.3 警告 オラクル - 複数の Oracle 製品の Oracle Help コンポーネントにおける脆弱性 CWE-noinfo
情報不足
CVE-2011-0785 2011-05-11 10:52 2011-04-19 Show GitHub Exploit DB Packet Storm
258909 - - Wireshark - Wireshark に脆弱性 - - 2011-05-11 10:51 2011-04-19 Show GitHub Exploit DB Packet Storm
258910 6.8 警告 LibTIFF
レッドハット
- LibTIFF の OJPEG デコーダにおけるヒープベースのバッファオーバーフローの脆弱性 CWE-119
バッファエラー
CVE-2009-5022 2011-05-11 10:50 2011-04-18 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:July 1, 2026, 4:27 a.m.

No CVSS Level
Attach Vector
Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
246931 7.5 HIGH
Network
apache hadoop In Apache Hadoop 3.0.0-alpha1 to 3.0.0, 2.9.0, 2.8.0 to 2.8.3, and 2.5.0 to 2.7.5, HDFS exposes extended attribute key/value pairs during listXAttrs, verifying only path-level search access to the di… CWE-200
Information Exposure
CVE-2018-1296 2024-11-21 12:59 2019-02-8 Show GitHub Exploit DB Packet Storm
246932 7.5 HIGH
Network
apache
debian
f5
oracle
thrift
debian_linux
traffix_signaling_delivery_controller
global_lifecycle_management_opatch
nosql_database
Apache Thrift Java client library versions 0.5.0 through 0.11.0 can bypass SASL negotiation isComplete validation in the org.apache.thrift.transport.TSaslTransport class. An assert used to determine … CWE-295
Improper Certificate Validation 
CVE-2018-1320 2024-11-21 12:59 2019-01-8 Show GitHub Exploit DB Packet Storm
246933 9.8 CRITICAL
Network
netatalk
synology
debian
netatalk
skynas
diskstation_manager
router_manager
vs960hd_firmware
debian_linux
Netatalk before 3.1.12 is vulnerable to an out of bounds write in dsi_opensess.c. This is due to lack of bounds checking on attacker controlled data. A remote unauthenticated attacker can leverage th… CWE-787
 Out-of-bounds Write
CVE-2018-1160 2024-11-21 12:59 2018-12-21 Show GitHub Exploit DB Packet Storm
246934 4.3 MEDIUM
Network
ibm bigfix_platform IBM BigFix Platform 9.2.0 through 9.2.14 and 9.5 through 9.5.9 does not renew a session variable after a successful authentication which could lead to session fixation/hijacking vulnerability. This c… CWE-384
 Session Fixation
CVE-2018-1485 2024-11-21 12:59 2018-12-13 Show GitHub Exploit DB Packet Storm
246935 3.7 LOW
Network
ibm bigfix_platform IBM BigFix Platform 9.2.0 through 9.2.14 and 9.5 through 9.5.9 does not set the secure attribute on authorization tokens or session cookies. Attackers may be able to get the cookie values by sending … CWE-384
 Session Fixation
CVE-2018-1484 2024-11-21 12:59 2018-12-13 Show GitHub Exploit DB Packet Storm
246936 5.3 MEDIUM
Network
ibm bigfix_platform IBM BigFix Platform 9.2.0 through 9.2.14 and 9.5 through 9.5.9 stores sensitive information in URL parameters. This may lead to information disclosure if unauthorized parties have access to the URLs … CWE-200
Information Exposure
CVE-2018-1481 2024-11-21 12:59 2018-12-13 Show GitHub Exploit DB Packet Storm
246937 5.3 MEDIUM
Network
ibm bigfix_platform IBM BigFix Platform 9.2.0 through 9.2.14 and 9.5 through 9.5.9 does not set the 'HttpOnly' attribute on authorization tokens or session cookies. If a Cross-Site Scripting vulnerability also existed a… CWE-384
 Session Fixation
CVE-2018-1480 2024-11-21 12:59 2018-12-13 Show GitHub Exploit DB Packet Storm
246938 6.1 MEDIUM
Network
ibm bigfix_platform IBM BigFix Platform 9.2.0 through 9.2.14 and 9.5 through 9.5.9 could allow a remote attacker to hijack the clicking action of the victim. By persuading a victim to visit a malicious Web site, a remot… CWE-20
 Improper Input Validation 
CVE-2018-1478 2024-11-21 12:59 2018-12-13 Show GitHub Exploit DB Packet Storm
246939 7.5 HIGH
Network
ibm bigfix_platform IBM BigFix Platform 9.2.0 through 9.2.14 and 9.5 through 9.5.9 discloses sensitive information to unauthorized users. The information can be used to mount further attacks on the system. IBM X-Force I… CWE-200
Information Exposure
CVE-2018-1476 2024-11-21 12:59 2018-12-13 Show GitHub Exploit DB Packet Storm
246940 4.7 MEDIUM
Network
ibm bigfix_platform IBM BigFix Platform 9.2.0 through 9.2.14 and 9.5 through 9.5.9 is vulnerable to HTTP response splitting attacks, caused by improper validation of user-supplied input. A remote attacker could exploit … CWE-74
Injection
CVE-2018-1474 2024-11-21 12:59 2018-12-13 Show GitHub Exploit DB Packet Storm