Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":July 1, 2026, 6 p.m.

No CVSS Level
Attach Vector
Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show
Exploit
PoC
Search
258981 9.3 危険 マイクロソフト - 複数の Microsoft Office 製品におけるスタックベースのバッファオーバーフローの脆弱性 CWE-119
バッファエラー
CVE-2011-0978 2011-05-2 14:16 2011-02-10 Show GitHub Exploit DB Packet Storm
258982 9.3 危険 マイクロソフト - 複数の Microsoft Office 製品における整数アンダーフローの脆弱性 CWE-189
数値処理の問題
CVE-2011-0097 2011-05-2 14:14 2011-04-12 Show GitHub Exploit DB Packet Storm
258983 9.3 危険 マイクロソフト - Microsoft Windows の OpenType Compact Font Format ドライバにおけるスタックベースのバッファオーバーフローの脆弱性 CWE-119
バッファエラー
CVE-2011-0034 2011-05-2 14:14 2011-04-12 Show GitHub Exploit DB Packet Storm
258984 9.3 危険 マイクロソフト - Microsoft の JScript および VBScript スクリプトエンジンにおける整数オーバーフローの脆弱性 CWE-189
数値処理の問題
CVE-2011-0663 2011-05-2 14:13 2011-04-12 Show GitHub Exploit DB Packet Storm
258985 7.5 危険 マイクロソフト - Microsoft Windows の DNS クライアント内にある DNSAPI.dll における任意のコードを実行される脆弱性 CWE-20
不適切な入力確認
CVE-2011-0657 2011-05-2 14:12 2011-04-12 Show GitHub Exploit DB Packet Storm
258986 9.3 危険 マイクロソフト - Microsoft Windows および Office XP の GDI+ 内にある gdiplus.dll における整数オーバーフローの脆弱性 CWE-189
数値処理の問題
CVE-2011-0041 2011-05-2 14:11 2011-04-12 Show GitHub Exploit DB Packet Storm
258987 9.3 危険 マイクロソフト - Microsoft .NET Framework の x86 JIT コンパイラにおける任意のコードを実行される脆弱性 CWE-20
不適切な入力確認
CVE-2010-3958 2011-05-2 14:09 2011-04-12 Show GitHub Exploit DB Packet Storm
258988 9.3 危険 マイクロソフト - Microsoft Windows XP の Windows Messenger ActiveX コントロールにおける任意のコードを実行される脆弱性 CWE-119
バッファエラー
CVE-2011-1243 2011-05-2 14:08 2011-04-12 Show GitHub Exploit DB Packet Storm
258989 10 危険 マイクロソフト - Microsoft Windows の SMB サーバサービスにおける任意のコードを実行される脆弱性 CWE-20
不適切な入力確認
CVE-2011-0661 2011-05-2 14:06 2011-04-12 Show GitHub Exploit DB Packet Storm
258990 9.3 危険 マイクロソフト - 複数の Microsoft 製品の SMB クライアントにおける任意のコードを実行される脆弱性 CWE-20
不適切な入力確認
CVE-2011-0660 2011-05-2 14:05 2011-04-12 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:July 1, 2026, 4:27 a.m.

No CVSS Level
Attach Vector
Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
247721 5.5 MEDIUM
Local
dcraw_project dcraw A floating point exception in parse_tiff_ifd in dcraw through 9.28 could be used by attackers able to supply malicious files to crash an application that bundles the dcraw code. CWE-119
Incorrect Access of Indexable Resource ('Range Error') 
CVE-2018-19567 2024-11-21 12:58 2018-11-27 Show GitHub Exploit DB Packet Storm
247722 7.1 HIGH
Local
dcraw_project dcraw A heap buffer over-read in parse_tiff_ifd in dcraw through 9.28 could be used by attackers able to supply malicious files to crash an application that bundles the dcraw code or leak private informati… CWE-125
Out-of-bounds Read
CVE-2018-19566 2024-11-21 12:58 2018-11-27 Show GitHub Exploit DB Packet Storm
247723 7.1 HIGH
Local
dcraw_project dcraw A buffer over-read in crop_masked_pixels in dcraw through 9.28 could be used by attackers able to supply malicious files to crash an application that bundles the dcraw code or leak private informatio… CWE-125
Out-of-bounds Read
CVE-2018-19565 2024-11-21 12:58 2018-11-27 Show GitHub Exploit DB Packet Storm
247724 6.1 MEDIUM
Network
goldplugins easy_testimonials Stored XSS was discovered in the Easy Testimonials plugin 3.2 for WordPress. Three wp-admin/post.php parameters (_ikcf_client and _ikcf_position and _ikcf_other) have Cross-Site Scripting. CWE-79
Cross-site Scripting
CVE-2018-19564 2024-11-21 12:58 2018-11-27 Show GitHub Exploit DB Packet Storm
247725 8.8 HIGH
Network
phpok phpok An issue was discovered in PHPok 4.9.015. admin.php?c=update&f=unzip allows remote attackers to execute arbitrary code via a "Login Background > Program Upgrade > Compressed Packet Upgrade" action in… CWE-434
 Unrestricted Upload of File with Dangerous Type 
CVE-2018-19562 2024-11-21 12:58 2018-11-26 Show GitHub Exploit DB Packet Storm
247726 8.8 HIGH
Network
sikcms sikcms sikcms 1.1 has CSRF via admin.php?m=Admin&c=Users&a=userAdd to add an administrator account. CWE-352
 Origin Validation Error
CVE-2018-19561 2024-11-21 12:58 2018-11-26 Show GitHub Exploit DB Packet Storm
247727 8.8 HIGH
Network
bagesoft bagecms BageCMS 3.1.3 has CSRF via upload/index.php?r=admini/admin/ownerUpdate to modify a user account. CWE-352
 Origin Validation Error
CVE-2018-19560 2024-11-21 12:58 2018-11-26 Show GitHub Exploit DB Packet Storm
247728 9.8 CRITICAL
Network
cuppacms cuppacms CuppaCMS before 2018-11-12 has SQL Injection in administrator/classes/ajax/functions.php via the reference_id parameter. CWE-89
SQL Injection
CVE-2018-19559 2024-11-21 12:58 2018-11-26 Show GitHub Exploit DB Packet Storm
247729 9.8 CRITICAL
Network
arcms_project arcms An issue was discovered in arcms through 2018-03-19. SQL injection exists via the json/newslist limit parameter because of ctl/main/Json.php, ctl/main/service/Data.php, and comp/Db/Mysql.php. CWE-89
SQL Injection
CVE-2018-19558 2024-11-21 12:58 2018-11-26 Show GitHub Exploit DB Packet Storm
247730 9.8 CRITICAL
Network
arcms_project arcms An issue was discovered in arcms through 2018-03-19. No authentication is required for index/main, user/useradd, or img/images. CWE-89
SQL Injection
CVE-2018-19557 2024-11-21 12:58 2018-11-26 Show GitHub Exploit DB Packet Storm