Vulnerability Search Top

Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

Vulnerability Information Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":June 8, 2026, 4:01 p.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
3361	6.1	警告 Network	spin.js	spin.js	spin.jsにおけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2026-3884	2026-05-11 11:02	2026-03-11	Show	GitHub Exploit DB Packet Storm

3362	8.3	重要 Network	HCL Technologies Limited	HCL BigFix Service Management (SM)	HCL Technologies LimitedのHCL BigFix Service Management (SM)におけるログファイルからの情報漏えいに関する脆弱性	CWE-532 ログファイルからの情報漏えい	CVE-2024-30151	2026-05-11 11:02	2026-05-6	Show	GitHub Exploit DB Packet Storm

3363	5.7	警告 Network	HCL Technologies Limited	HCL BigFix Service Management (SM)	HCL Technologies LimitedのHCL BigFix Service Management (SM)におけるクロスサイトリクエストフォージェリの脆弱性	CWE-352 同一生成元ポリシー違反	CVE-2025-31957	2026-05-11 11:02	2026-05-6	Show	GitHub Exploit DB Packet Storm

3364	3.5	低 Network	HCL Technologies Limited	HCL BigFix Service Management (SM)	HCL Technologies LimitedのHCL BigFix Service Management (SM)におけるメタデータのよる重要な情報の公開に関する脆弱性	CWE-1230 メタデータのよる重要な情報の公開	CVE-2025-31959	2026-05-11 11:02	2026-05-6	Show	GitHub Exploit DB Packet Storm

3365	5.3	警告 Network	HCL Technologies Limited	HCL BigFix Service Management (SM)	HCL Technologies LimitedのHCL BigFix Service Management (SM)におけるエラーメッセージによる情報漏えいに関する脆弱性	CWE-209 エラーメッセージによる情報漏えい	CVE-2025-31960	2026-05-11 11:02	2026-05-6	Show	GitHub Exploit DB Packet Storm

3366	5.3	警告 Network	HCL Technologies Limited	HCL BigFix Service Management (SM)	HCL Technologies LimitedのHCL BigFix Service Management (SM)における情報漏えいに関する脆弱性	CWE-200 情報漏えい	CVE-2025-31975	2026-05-11 11:02	2026-05-6	Show	GitHub Exploit DB Packet Storm

3367	5.4	警告 Network	HCL Technologies Limited	HCL BigFix Service Management (SM)	HCL Technologies LimitedのHCL BigFix Service Management (SM)における情報漏えいに関する脆弱性	CWE-200 情報漏えい	CVE-2025-31984	2026-05-11 11:02	2026-05-6	Show	GitHub Exploit DB Packet Storm

3368	7.2	重要 Network	デル	data domain operating system	デルのdata domain operating systemにおけるセッションの固定化の脆弱性	CWE-384 セッションの固定化	CVE-2025-46605	2026-05-11 11:02	2026-04-17	Show	GitHub Exploit DB Packet Storm

3369	7.2	重要 Network	デル	data domain operating system	デルのdata domain operating systemにおける過度な認証試行の不適切な制限に関する脆弱性	CWE-307 過度な認証試行の不適切な制限	CVE-2025-46606	2026-05-11 11:01	2026-04-17	Show	GitHub Exploit DB Packet Storm

3370	8.8	重要 Network	HCL Technologies Limited	HCL BigFix Service Management (SM)	HCL Technologies LimitedのHCL BigFix Service Management (SM)における情報漏えいに関する脆弱性	CWE-200 情報漏えい	CVE-2025-52613	2026-05-11 11:01	2026-05-6	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:June 8, 2026, 4:09 a.m.

No	CVSS	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
306451	-	bestpractical	rt	Scrips_Overlay.pm in Best Practical Solutions RT before 3.8.9 does not properly restrict access to a TicketObj in a Scrip after a CurrentUser change, which allows remote authenticated users to obtain…	CWE-264 Permissions, Privileges, and Access Controls	CVE-2011-1008	2024-11-21 10:25	2011-03-1	Show	GitHub Exploit DB Packet Storm

306452	-	bestpractical	rt	Best Practical Solutions RT before 3.8.9 does not perform certain redirect actions upon a login, which allows physically proximate attackers to obtain credentials by resubmitting the login form via t…	CWE-255 Credentials Management	CVE-2011-1007	2024-11-21 10:25	2011-03-1	Show	GitHub Exploit DB Packet Storm

306453	-	cisco	secure_desktop	The CSDWebInstallerCtrl ActiveX control in CSDWebInstaller.ocx in Cisco Secure Desktop (CSD) allows remote attackers to download an unintended Cisco program onto a client machine, and execute this pr…	CWE-20 Improper Input Validation	CVE-2011-0925	2024-11-21 10:25	2011-03-1	Show	GitHub Exploit DB Packet Storm

306454	-	f-secure	policy_manager	The WebReporting module in F-Secure Policy Manager 7.x, 8.00 before hotfix 2, 8.1x before hotfix 3 on Windows and hotfix 2 on Linux, and 9.00 before hotfix 4 on Windows and hotfix 2 on Linux, allows …	CWE-200 Information Exposure	CVE-2011-1103	2024-11-21 10:25	2011-02-26	Show	GitHub Exploit DB Packet Storm

306455	-	f-secure	policy_manager	Cross-site scripting (XSS) vulnerability in the WebReporting module in F-Secure Policy Manager 7.x, 8.00 before hotfix 2, 8.1x before hotfix 3 on Windows and hotfix 2 on Linux, and 9.00 before hotfix…	CWE-79 Cross-site Scripting	CVE-2011-1102	2024-11-21 10:25	2011-02-26	Show	GitHub Exploit DB Packet Storm

306456	-	citrix	licensing_administration_console	Multiple unspecified vulnerabilities in a third-party component of the Citrix Licensing Administration Console 11.6, formerly License Management Console, allow remote attackers to (1) access unauthor…	NVD-CWE-noinfo	CVE-2011-1101	2024-11-21 10:25	2011-02-26	Show	GitHub Exploit DB Packet Storm

306457	-	logwatch	logwatch	logwatch.pl in Logwatch 7.3.6 allows remote attackers to execute arbitrary commands via shell metacharacters in a log file name, as demonstrated via a crafted username to a Samba server.	CWE-20 Improper Input Validation	CVE-2011-1018	2024-11-21 10:25	2011-02-26	Show	GitHub Exploit DB Packet Storm

306458	-	ca	host-based_intrusion_prevention_system internet_security_suite_2010 internet_security_suite_2011	The XML Security Database Parser class in the XMLSecDB ActiveX control in the HIPSEngine component in the Management Server before 8.1.0.88, and the client before 1.6.450, in CA Host-Based Intrusion …	NVD-CWE-Other	CVE-2011-1036	2024-11-21 10:25	2011-02-26	Show	GitHub Exploit DB Packet Storm

306459	-	cisco	secure_desktop	A certain ActiveX control in CSDWebInstaller.ocx in Cisco Secure Desktop (CSD) does not properly verify the signature of an unspecified downloaded program, which allows remote attackers to execute ar…	CWE-20 Improper Input Validation	CVE-2011-0926	2024-11-21 10:25	2011-02-26	Show	GitHub Exploit DB Packet Storm

306460	-	pixelpost	pixelpost	Multiple SQL injection vulnerabilities in admin/index.php in Pixelpost 1.7.3 allow remote authenticated users to execute arbitrary SQL commands via the (1) findfid, (2) id, (3) selectfcat, (4) select…	CWE-89 SQL Injection	CVE-2011-1100	2024-11-21 10:25	2011-02-26	Show	GitHub Exploit DB Packet Storm