Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":July 1, 2026, 12:08 p.m.

No CVSS Level
Attach Vector
Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show
Exploit
PoC
Search
259001 2.1 注意 オラクル - Oracle Solaris 10 に認証情報漏えいの脆弱性 - CVE-2011-0412 2011-04-28 15:27 2011-04-6 Show GitHub Exploit DB Packet Storm
259002 - - デル - Dell Kace K2000 Systems Deployment Appliance に脆弱性 - - 2011-04-28 15:21 2011-04-6 Show GitHub Exploit DB Packet Storm
259003 - - ネットギア - Netgear Prosafe Wireless-N Access Point に複数の脆弱性 - - 2011-04-28 15:19 2011-04-6 Show GitHub Exploit DB Packet Storm
259004 7.2 危険 Prefix WhoIs Project - pWhois Layer Four Traceroute に権限昇格の脆弱性 CWE-noinfo
情報不足
CVE-2011-0765 2011-04-28 15:18 2011-04-5 Show GitHub Exploit DB Packet Storm
259005 6.9 警告 レッドハット - policycoreutils パッケージの seunshare_mount 関数における権限を取得される脆弱性 CWE-264
認可・権限・アクセス制御
CVE-2011-1011 2011-04-28 15:11 2011-02-24 Show GitHub Exploit DB Packet Storm
259006 4.3 警告 マイクロソフト - Microsoft Windows にスクリプトインジェクションの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS)
CVE-2011-0096 2011-04-28 14:33 2011-01-31 Show GitHub Exploit DB Packet Storm
259007 9.3 危険 マイクロソフト - Microsoft WMI Administrative Tools の WBEMSingleView.ocx ActiveX コントロールにおける任意のコードを実行される脆弱性 CWE-94
コード・インジェクション
CVE-2010-3973 2011-04-28 14:29 2010-12-23 Show GitHub Exploit DB Packet Storm
259008 9.3 危険 マイクロソフト - Microsoft Internet Explorer における任意のコードを実行される脆弱性 CWE-94
コード・インジェクション
CVE-2010-0811 2011-04-28 14:25 2010-06-8 Show GitHub Exploit DB Packet Storm
259009 5 警告 ProFTPD Project - ProFTPD の mod_sftp モジュールにおける整数オーバーフローの脆弱性 CWE-189
数値処理の問題
CVE-2011-1137 2011-04-27 11:59 2011-01-24 Show GitHub Exploit DB Packet Storm
259010 6.8 警告 IBM - IBM AIX の LDAP ログイン機能における認証を回避される脆弱性 CWE-287
不適切な認証
CVE-2011-1561 2011-04-27 11:57 2011-03-31 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:July 1, 2026, 4:27 a.m.

No CVSS Level
Attach Vector
Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
249141 6.5 MEDIUM
Network
apache tika A carefully crafted or corrupt sqlite file can cause an infinite loop in Apache Tika's SQLite3Parser in versions 1.8-1.19.1 of Apache Tika. CWE-835
 Loop with Unreachable Exit Condition ('Infinite Loop')
CVE-2018-17197 2024-11-21 12:54 2018-12-24 Show GitHub Exploit DB Packet Storm
249142 5.9 MEDIUM
Network
elastic elasticsearch Elasticsearch Security versions 6.5.0 and 6.5.1 contain an XXE flaw in Machine Learning's find_file_structure API. If a policy allowing external network access has been added to Elasticsearch's Java … CWE-611
XXE
CVE-2018-17247 2024-11-21 12:54 2018-12-21 Show GitHub Exploit DB Packet Storm
249143 9.8 CRITICAL
Network
elastic
redhat
kibana
openshift_container_platform
Kibana versions before 6.4.3 and 5.6.13 contain an arbitrary file inclusion flaw in the Console plugin. An attacker with access to the Kibana Console API could send a request that will attempt to exe… CWE-829
 Inclusion of Functionality from Untrusted Control Sphere
CVE-2018-17246 2024-11-21 12:54 2018-12-21 Show GitHub Exploit DB Packet Storm
249144 9.8 CRITICAL
Network
elastic kibana Kibana versions 4.0 to 4.6, 5.0 to 5.6.12, and 6.0 to 6.4.2 contain an error in the way authorization credentials are used when generating PDF reports. If a report requests external resources plainte… CWE-522
 Insufficiently Protected Credentials
CVE-2018-17245 2024-11-21 12:54 2018-12-21 Show GitHub Exploit DB Packet Storm
249145 6.5 MEDIUM
Network
elastic elasticsearch Elasticsearch Security versions 6.4.0 to 6.4.2 contain an error in the way request headers are applied to requests when using the Active Directory, LDAP, Native, or File realms. A request may receive… CWE-200
Information Exposure
CVE-2018-17244 2024-11-21 12:54 2018-12-21 Show GitHub Exploit DB Packet Storm
249146 6.1 MEDIUM
Network
apache nifi The message-page.jsp error page used the value of the HTTP request header X-ProxyContextPath without sanitization, resulting in a reflected XSS attack. Mitigation: The fix to correctly parse and sani… CWE-79
Cross-site Scripting
CVE-2018-17193 2024-11-21 12:54 2018-12-19 Show GitHub Exploit DB Packet Storm
249147 6.5 MEDIUM
Network
apache nifi The X-Frame-Options headers were applied inconsistently on some HTTP responses, resulting in duplicate or missing security headers. Some browsers would interpret these results incorrectly, allowing c… CWE-1021
 Improper Restriction of Rendered UI Layers or Frames
CVE-2018-17192 2024-11-21 12:54 2018-12-19 Show GitHub Exploit DB Packet Storm
249148 7.5 HIGH
Network
apache nifi The template upload API endpoint accepted requests from different domain when sent in conjunction with ARP spoofing + man in the middle (MiTM) attack, resulting in a CSRF attack. The required attack … CWE-319
CWE-863
Cleartext Transmission of Sensitive Information
 Incorrect Authorization
CVE-2018-17195 2024-11-21 12:54 2018-12-19 Show GitHub Exploit DB Packet Storm
249149 7.5 HIGH
Network
apache nifi When a client request to a cluster node was replicated to other nodes in the cluster for verification, the Content-Length was forwarded. On a DELETE request, the body was ignored, but if the initial … CWE-20
 Improper Input Validation 
CVE-2018-17194 2024-11-21 12:54 2018-12-19 Show GitHub Exploit DB Packet Storm
249150 9.8 CRITICAL
Network
dlink dva-5592_firmware An issue was discovered on D-Link DVA-5592 A1_WI_20180823 devices. If the PIN of the page "/ui/cbpc/login" is the default Parental Control PIN (0000), it is possible to bypass the login form by editi… CWE-287
Improper Authentication
CVE-2018-17777 2024-11-21 12:54 2018-12-19 Show GitHub Exploit DB Packet Storm