Vulnerability Search Top

Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

Vulnerability Information Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":June 30, 2026, 6 p.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
259071	4.3	警告	BlackBerry	-	BlackBerry Enterprise Server におけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2009-0307	2011-03-28 15:13	2009-04-16	Show	GitHub Exploit DB Packet Storm

259072	9.3	危険	BlackBerry IBM	-	BlackBerry Desktop Software の IBM Lotus Notes Intellisync ActiveX コントロールにおけるバッファオーバーフローの脆弱性	CWE-119 バッファエラー	CVE-2009-0306	2011-03-28 15:07	2009-11-3	Show	GitHub Exploit DB Packet Storm

259073	9.3	危険	BlackBerry マイクロソフト	-	BlackBerry Application Web Loader の Motion RIM AxLoader ActiveX コントロールの Research におけるバッファオーバーフローの脆弱性	CWE-119 バッファエラー	CVE-2009-0305	2011-03-28 15:05	2009-02-10	Show	GitHub Exploit DB Packet Storm

259074	6.9	警告	サイバートラスト株式会社 VMware kernel.org レッドハット	-	Linux-PAM の pam_namespace.c における権限を取得される脆弱性	CWE-DesignError	CVE-2010-3853	2011-03-28 14:27	2010-11-1	Show	GitHub Exploit DB Packet Storm

259075	4.7	警告	サイバートラスト株式会社 VMware kernel.org レッドハット	-	Linux-PAM の run_coprocess 関数における任意のファイルを読まれる脆弱性	CWE-DesignError	CVE-2010-3435	2011-03-28 14:27	2010-11-1	Show	GitHub Exploit DB Packet Storm

259076	3.3	注意	サイバートラスト株式会社 VMware kernel.org レッドハット	-	Linux-PAM の run_coprocess 関数における任意のファイルを読まれる脆弱性	CWE-DesignError	CVE-2010-3316	2011-03-28 14:26	2010-11-1	Show	GitHub Exploit DB Packet Storm

259077	4.3	警告	ISC, Inc. サイバートラスト株式会社 VMware ターボリナックスレッドハット	-	ISC BIND におけるサービス運用妨害 (DoS) の脆弱性	CWE-20 不適切な入力確認	CVE-2010-3762	2011-03-28 14:25	2010-10-5	Show	GitHub Exploit DB Packet Storm

259078	9.3	危険	マイクロソフト	-	Microsoft Internet Explorer に任意のコードが実行される脆弱性	CWE-399 リソース管理の問題	CVE-2010-3971	2011-03-28 14:14	2010-12-14	Show	GitHub Exploit DB Packet Storm

259079	10	危険	サイバートラスト株式会社 Mozilla Foundation レッドハット	-	Mozilla Firefox および SeaMonkey の JavaScript エンジンにおけるバッファオーバーフローの脆弱性	CWE-119 バッファエラー	CVE-2011-0056	2011-03-25 15:44	2011-03-1	Show	GitHub Exploit DB Packet Storm

259080	10	危険	サイバートラスト株式会社 Mozilla Foundation レッドハット	-	Mozilla Firefox および SeaMonkey の JavaScript エンジンにおけるバッファオーバーフローの脆弱性	CWE-119 バッファエラー	CVE-2011-0054	2011-03-25 15:42	2011-03-1	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:June 30, 2026, 4:22 a.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
247011	9.1	CRITICAL Network	apache	hive	This vulnerability in Apache Hive JDBC driver 0.7.1 to 2.3.2 allows carefully crafted arguments to be used to bypass the argument escaping/cleanup that JDBC driver does in PreparedStatement implement…	CWE-89 SQL Injection	CVE-2018-1282	2024-11-21 12:59	2018-04-5	Show	GitHub Exploit DB Packet Storm

247012	8.8	HIGH Network	theforeman redhat	foreman satellite	A flaw was found in foreman before 1.16.1. The issue allows users with limited permissions for powering oVirt/RHV hosts on and off to discover the username and password used to connect to the compute…	-	CVE-2018-1097	2024-11-21 12:59	2018-04-5	Show	GitHub Exploit DB Packet Storm

247013	8.1	HIGH Network	moodle	moodle	A flaw was found in Moodle 3.4 to 3.4.1, and 3.3 to 3.3.4. If a user account using OAuth2 authentication method was once confirmed but later suspended, the user could still login to the site.	CWE-287 Improper Authentication	CVE-2018-1082	2024-11-21 12:59	2018-04-5	Show	GitHub Exploit DB Packet Storm

247014	5.3	MEDIUM Network	moodle	moodle	A flaw was found in Moodle 3.4 to 3.4.1, 3.3 to 3.3.4, 3.2 to 3.2.7, 3.1 to 3.1.10 and earlier unsupported versions. Unauthenticated users can trigger custom messages to admin via paypal enrol script…	NVD-CWE-noinfo	CVE-2018-1081	2024-11-21 12:59	2018-04-5	Show	GitHub Exploit DB Packet Storm

247015	9.8	CRITICAL Network	ibm	api_connect	IBM API Connect Developer Portal 5.0.0.0 through 5.0.8.2 could allow an unauthenticated attacker to execute system commands using specially crafted HTTP requests. IBM X-Force ID: 140605.	NVD-CWE-noinfo	CVE-2018-1469	2024-11-21 12:59	2018-04-5	Show	GitHub Exploit DB Packet Storm

247016	8.1	HIGH Network	ibm	spectrum_protect_for_virtual_environments spectrum_protect_for_space_management spectrum_protect_snapshot	The GSKit (IBM Spectrum Protect 7.1 and 7.2) and (IBM Spectrum Protect Snapshot 4.1.3, 4.1.4, and 4.1.6) CMS KDB logic fails to salt the hash function resulting in weaker than expected protection of …	CWE-916 Use of Password Hash With Insufficient Computational Effort	CVE-2018-1447	2024-11-21 12:59	2018-04-5	Show	GitHub Exploit DB Packet Storm

247017	7.1	HIGH Network	ibm	datapower_gateway	IBM WebSphere DataPower Appliances 7.1, 7.2, 7.5, 7.5.1, 7.5.2, and 7.6 is vulnerable to a XML External Entity Injection (XXE) attack when processing XML data. A remote attacker could exploit this vu…	CWE-611 XXE	CVE-2018-1421	2024-11-21 12:59	2018-04-5	Show	GitHub Exploit DB Packet Storm

247018	5.5	MEDIUM Local	redhat fedoraproject	etcd fedora	DNS rebinding vulnerability found in etcd 3.3.1 and earlier. An attacker can control his DNS records to direct to localhost, and trick the browser into sending requests to localhost (or any other add…	CWE-20 Improper Input Validation	CVE-2018-1099	2024-11-21 12:59	2018-04-4	Show	GitHub Exploit DB Packet Storm

247019	8.8	HIGH Network	redhat fedoraproject	etcd fedora	A cross-site request forgery flaw was found in etcd 3.3.1 and earlier. An attacker can set up a website that tries to send a POST request to the etcd server and modify a key. Adding a key is done wit…	-	CVE-2018-1098	2024-11-21 12:59	2018-04-4	Show	GitHub Exploit DB Packet Storm

247020	9.8	CRITICAL Network	apache	ignite	In Apache Ignite 2.3 or earlier, the serialization mechanism does not have a list of classes allowed for serialization/deserialization, which makes it possible to run arbitrary code when 3-rd party v…	CWE-502 Deserialization of Untrusted Data	CVE-2018-1295	2024-11-21 12:59	2018-04-3	Show	GitHub Exploit DB Packet Storm