Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":July 1, 2026, 2:01 p.m.

No CVSS Level
Attach Vector
Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show
Exploit
PoC
Search
259461 5 警告 Google
レッドハット
- WebKit の CSSParser::parseFontFaceSrc 関数におけるサービス運用妨害 (DoS) の脆弱性 CWE-119
バッファエラー
CVE-2010-4577 2011-02-22 14:07 2010-12-13 Show GitHub Exploit DB Packet Storm
259462 5 警告 シスコシステムズ - Cisco Adaptive Security Appliances デバイス上で稼働する Mobile User Security における重要な情報を取得される脆弱性 CWE-287
不適切な認証
CVE-2010-4690 2011-02-22 13:58 2011-01-7 Show GitHub Exploit DB Packet Storm
259463 7.8 危険 シスコシステムズ - Cisco Adaptive Security Appliances デバイスにおけるアクセス制限を回避される脆弱性 CWE-264
認可・権限・アクセス制御
CVE-2010-4689 2011-02-22 13:56 2011-01-7 Show GitHub Exploit DB Packet Storm
259464 7.8 危険 シスコシステムズ - Cisco Adaptive Security Appliances デバイス上の SIP 検査機能におけるサービス運用妨害 (DoS) の脆弱性 CWE-noinfo
情報不足
CVE-2010-4688 2011-02-22 13:53 2011-01-7 Show GitHub Exploit DB Packet Storm
259465 7.8 危険 シスコシステムズ - CSG2 上で稼働する Cisco IOS におけるサービス運用妨害 (DoS) の脆弱性 CWE-noinfo
情報不足
CVE-2011-0350 2011-02-22 13:49 2011-01-26 Show GitHub Exploit DB Packet Storm
259466 7.8 危険 シスコシステムズ - CSG2 上で稼働する Cisco IOS におけるサービス運用妨害 (DoS) の脆弱性 CWE-noinfo
情報不足
CVE-2011-0349 2011-02-22 13:47 2011-01-26 Show GitHub Exploit DB Packet Storm
259467 6.4 警告 シスコシステムズ - CSG2 上で稼働する Cisco IOS におけるアクセスおよび課金などの制限を回避される脆弱性 CWE-264
認可・権限・アクセス制御
CVE-2011-0348 2011-02-22 13:44 2011-01-26 Show GitHub Exploit DB Packet Storm
259468 4.3 警告 Google - Android の com.android.phone プロセスにおけるサービス運用妨害 (DoS) 脆弱性 CWE-noinfo
情報不足
CVE-2009-2999 2011-02-22 11:32 2009-10-14 Show GitHub Exploit DB Packet Storm
259469 5 警告 Google - Android の com.android.phone プロセスにおけるサービス運用妨害 (DoS) 脆弱性 CWE-noinfo
情報不足
CVE-2009-2656 2011-02-22 11:28 2009-08-3 Show GitHub Exploit DB Packet Storm
259470 7.5 危険 OpenBSD - OpenSSH における共有秘密鍵の認証要求を回避される脆弱性 CWE-287
不適切な認証
CVE-2010-4478 2011-02-21 16:53 2010-12-6 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:July 1, 2026, 4:27 a.m.

No CVSS Level
Attach Vector
Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
249521 4.9 MEDIUM
Network
monstra monstra admin/index.php in Monstra CMS 3.0.4 allows arbitrary file deletion via id=filesmanager&path=uploads/.......//./.......//./&delete_file= requests. CWE-22
Path Traversal
CVE-2018-16819 2024-11-21 12:53 2018-09-19 Show GitHub Exploit DB Packet Storm
249522 8.6 HIGH
Network
microsoft active_directory_federation_services Microsoft ADFS 4.0 Windows Server 2016 and previous (Active Directory Federation Services) has an SSRF vulnerability via the txtBoxEmail parameter in /adfs/ls. CWE-918
Server-Side Request Forgery (SSRF) 
CVE-2018-16794 2024-11-21 12:53 2018-09-19 Show GitHub Exploit DB Packet Storm
249523 5.3 MEDIUM
Network
circontrol circarlife_scada An issue was discovered in CIRCONTROL CirCarLife before 4.3. There is system software information disclosure due to lack of authentication for /html/device-id. CWE-200
Information Exposure
CVE-2018-16671 2024-11-21 12:53 2018-09-19 Show GitHub Exploit DB Packet Storm
249524 5.3 MEDIUM
Network
circontrol circarlife_scada An issue was discovered in CIRCONTROL CirCarLife before 4.3. There is PLC status disclosure due to lack of authentication for /html/devstat.html. CWE-287
Improper Authentication
CVE-2018-16670 2024-11-21 12:53 2018-09-19 Show GitHub Exploit DB Packet Storm
249525 9.8 CRITICAL
Network
circontrol open_charge_point_protocol An issue was discovered in CIRCONTROL Open Charge Point Protocol (OCPP) before 1.5.0, as used in CirCarLife, PowerStudio, and other products. Due to storage of credentials in XML files, an unprivileg… CWE-522
 Insufficiently Protected Credentials
CVE-2018-16669 2024-11-21 12:53 2018-09-19 Show GitHub Exploit DB Packet Storm
249526 5.3 MEDIUM
Network
circontrol circarlife_scada An issue was discovered in CIRCONTROL CirCarLife before 4.3. There is internal installation path disclosure due to the lack of authentication for /html/repository. CWE-287
Improper Authentication
CVE-2018-16668 2024-11-21 12:53 2018-09-19 Show GitHub Exploit DB Packet Storm
249527 9.8 CRITICAL
Network
western_digital my_cloud_wdbctl0020hwt_firmware
my_cloud_pr4100
my_cloud_pr2100_firmware
my_cloud_mirror_gen_2_firmware
my_cloud_mirror_firmware
my_cloud_ex4100
my_cloud_ex4_firmware
my_cloud_ex…
It was discovered that the Western Digital My Cloud device before 2.30.196 is affected by an authentication bypass vulnerability. An unauthenticated attacker can exploit this vulnerability to authent… CWE-287
Improper Authentication
CVE-2018-17153 2024-11-21 12:53 2018-09-19 Show GitHub Exploit DB Packet Storm
249528 6.1 MEDIUM
Network
oracle webcenter_interaction The login function of Oracle WebCenter Interaction Portal 10.3.3 is vulnerable to reflected cross-site scripting (XSS). The content of the in_hi_redirect parameter, when prefixed with the https:// sc… CWE-79
Cross-site Scripting
CVE-2018-16955 2024-11-21 12:53 2018-09-18 Show GitHub Exploit DB Packet Storm
249529 6.1 MEDIUM
Network
oracle webcenter_interaction An issue was discovered in Oracle WebCenter Interaction Portal 10.3.3. The login function of the portal is vulnerable to insecure redirection (also called an open redirect). The in_hi_redirect parame… CWE-601
Open Redirect
CVE-2018-16954 2024-11-21 12:53 2018-09-18 Show GitHub Exploit DB Packet Storm
249530 6.1 MEDIUM
Network
oracle webcenter_interaction The AjaxView::DisplayResponse() function of the portalpages.dll assembly in Oracle WebCenter Interaction Portal 10.3.3 is vulnerable to reflected cross-site scripting (XSS). User input from the name … CWE-79
Cross-site Scripting
CVE-2018-16953 2024-11-21 12:53 2018-09-18 Show GitHub Exploit DB Packet Storm