NVD脆弱性情報トップ
検索メニュー表示
ベンダー名
プロダクト・サービス名
タイトル
CVE
CRITICAL
HIGH
MEDIUM
LOW
CWE
公表日降順
更新日降順
表示数

NVD(National Vulnerability Database)で管理されている脆弱性の一覧を検索することが出来ます。
JVN(Japan Vulnerability Note)より先に脆弱性情報が更新される事が多いため、JVNに未記載の脆弱性が更新されている場合があります。

JVN(Japan Vulnerability Note)に関連した脆弱性がある場合は詳細画面で情報を表示します。

CWEで検索する場合は、CWE概要を参照して、CWE番号を確認してください。

  • CRITICAL
  • HIGH
  • MEDIUM
  • LOW

更新日:2026年6月22日4:00

No CVSS レベル
攻撃区分		 ベンダー名 プロダクト名 タイトル CWE CVE 更新日 公表日 影響表示 Exploit
PoC
検索
248051 9.8 CRITICAL
ネットワーク 		cisco video_surveillance_manager A vulnerability in Cisco Video Surveillance Manager (VSM) Software running on certain Cisco Connected Safety and Security Unified Computing System (UCS) platforms could allow an unauthenticated, remo… CWE-798
ハードコードされた認証情報の使用 		CVE-2018-15427 2024-11-21 12:50 2018-10-5 表示 GitHub Exploit DB Packet Storm
248052 4.8 MEDIUM
ネットワーク 		cisco unity_connection A vulnerability in the web-based interface of Cisco Unity Connection could allow an authenticated, remote attacker to conduct a stored cross-site scripting (XSS) attack against a user of the web-base… CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2018-15426 2024-11-21 12:50 2018-10-5 表示 GitHub Exploit DB Packet Storm
248053 4.7 MEDIUM
ネットワーク 		cisco hyperflex_hx_data_platform A vulnerability in the web UI of Cisco HyperFlex Software could allow an unauthenticated, remote attacker to affect the integrity of a device via a clickjacking attack. The vulnerability is due to in… CWE-1021
レンダリングされたユーザインターフェースレイヤまたはフレームの不適切な制限 		CVE-2018-15423 2024-11-21 12:50 2018-10-5 表示 GitHub Exploit DB Packet Storm
248054 7.8 HIGH
ローカル 		cisco webex_meetings_online
webex_meetings_server
webex_business_suite_32
webex_business_suite_33 		A vulnerability in the Cisco Webex Network Recording Player for Microsoft Windows and the Cisco Webex Player for Microsoft Windows could allow an attacker to execute arbitrary code on an affected sys… CWE-787
境界外書き込み 		CVE-2018-15422 2024-11-21 12:50 2018-10-5 表示 GitHub Exploit DB Packet Storm
248055 7.8 HIGH
ローカル 		cisco webex_meetings_online
webex_meetings_server
webex_business_suite_32
webex_business_suite_33 		A vulnerability in the Cisco Webex Network Recording Player for Microsoft Windows and the Cisco Webex Player for Microsoft Windows could allow an attacker to execute arbitrary code on an affected sys… CWE-787
境界外書き込み 		CVE-2018-15421 2024-11-21 12:50 2018-10-5 表示 GitHub Exploit DB Packet Storm
248056 7.8 HIGH
ローカル 		cisco webex_meetings_online
webex_meetings_server
webex_business_suite_32
webex_business_suite_33 		A vulnerability in the Cisco Webex Network Recording Player for Microsoft Windows and the Cisco Webex Player for Microsoft Windows could allow an attacker to execute arbitrary code on an affected sys… CWE-20
不適切な入力確認 		CVE-2018-15420 2024-11-21 12:50 2018-10-5 表示 GitHub Exploit DB Packet Storm
248057 7.8 HIGH
ローカル 		cisco webex_meetings_online
webex_meetings_server
webex_business_suite_32
webex_business_suite_33 		A vulnerability in the Cisco Webex Network Recording Player for Microsoft Windows and the Cisco Webex Player for Microsoft Windows could allow an attacker to execute arbitrary code on an affected sys… CWE-787
境界外書き込み 		CVE-2018-15419 2024-11-21 12:50 2018-10-5 表示 GitHub Exploit DB Packet Storm
248058 7.8 HIGH
ローカル 		cisco webex_meetings_online
webex_meetings_server
webex_business_suite_32
webex_business_suite_33
webex_business_suite_31 		A vulnerability in the Cisco Webex Network Recording Player for Microsoft Windows and the Cisco Webex Player for Microsoft Windows could allow an attacker to execute arbitrary code on an affected sys… CWE-191
整数アンダーフロー 		CVE-2018-15418 2024-11-21 12:50 2018-10-5 表示 GitHub Exploit DB Packet Storm
248059 7.8 HIGH
ローカル 		cisco webex_meetings_online
webex_meetings_server
webex_business_suite_32
webex_business_suite_33 		A vulnerability in the Cisco Webex Network Recording Player for Microsoft Windows and the Cisco Webex Player for Microsoft Windows could allow an attacker to execute arbitrary code on an affected sys… CWE-20
不適切な入力確認 		CVE-2018-15417 2024-11-21 12:50 2018-10-5 表示 GitHub Exploit DB Packet Storm
248060 7.8 HIGH
ローカル 		cisco webex_meetings_online
webex_meetings_server
webex_business_suite_32
webex_business_suite_33 		A vulnerability in the Cisco Webex Network Recording Player for Microsoft Windows and the Cisco Webex Player for Microsoft Windows could allow an attacker to execute arbitrary code on an affected sys… CWE-20
不適切な入力確認 		CVE-2018-15416 2024-11-21 12:50 2018-10-5 表示 GitHub Exploit DB Packet Storm
248061 7.8 HIGH
ローカル 		cisco webex_meetings_online
webex_meetings_server
webex_business_suite_32
webex_business_suite_33 		A vulnerability in the Cisco Webex Network Recording Player for Microsoft Windows and the Cisco Webex Player for Microsoft Windows could allow an attacker to execute arbitrary code on an affected sys… CWE-20
不適切な入力確認 		CVE-2018-15415 2024-11-21 12:50 2018-10-5 表示 GitHub Exploit DB Packet Storm
248062 7.8 HIGH
ローカル 		cisco webex_meetings_online
webex_meetings_server
webex_business_suite_32
webex_business_suite_33 		A vulnerability in the Cisco Webex Network Recording Player for Microsoft Windows and the Cisco Webex Player for Microsoft Windows could allow an attacker to execute arbitrary code on an affected sys… CWE-20
不適切な入力確認 		CVE-2018-15414 2024-11-21 12:50 2018-10-5 表示 GitHub Exploit DB Packet Storm
248063 7.8 HIGH
ローカル 		cisco webex_meetings_online
webex_meetings_server
webex_business_suite_32
webex_business_suite_33 		A vulnerability in the Cisco Webex Network Recording Player for Microsoft Windows and the Cisco Webex Player for Microsoft Windows could allow an attacker to execute arbitrary code on an affected sys… CWE-20
不適切な入力確認 		CVE-2018-15413 2024-11-21 12:50 2018-10-5 表示 GitHub Exploit DB Packet Storm
248064 7.8 HIGH
ローカル 		cisco webex_meetings_online
webex_meetings_server
webex_business_suite_32
webex_business_suite_33 		A vulnerability in the Cisco Webex Network Recording Player for Microsoft Windows and the Cisco Webex Player for Microsoft Windows could allow an attacker to execute arbitrary code on an affected sys… CWE-20
不適切な入力確認 		CVE-2018-15412 2024-11-21 12:50 2018-10-5 表示 GitHub Exploit DB Packet Storm
248065 7.8 HIGH
ローカル 		cisco webex_meetings_online
webex_meetings_server
webex_business_suite_32
webex_business_suite_33 		A vulnerability in the Cisco Webex Network Recording Player for Microsoft Windows and the Cisco Webex Player for Microsoft Windows could allow an attacker to execute arbitrary code on an affected sys… CWE-20
不適切な入力確認 		CVE-2018-15411 2024-11-21 12:50 2018-10-5 表示 GitHub Exploit DB Packet Storm
248066 7.8 HIGH
ローカル 		cisco webex_meetings_online
webex_meetings_server
webex_business_suite_32
webex_business_suite_33
webex_business_suite_31 		A vulnerability in the Cisco Webex Network Recording Player for Microsoft Windows and the Cisco Webex Player for Microsoft Windows could allow an attacker to execute arbitrary code on an affected sys… CWE-20
不適切な入力確認 		CVE-2018-15410 2024-11-21 12:50 2018-10-5 表示 GitHub Exploit DB Packet Storm
248067 7.8 HIGH
ローカル 		cisco webex_meetings_online
webex_meetings_server
webex_business_suite_31
webex_business_suite_33 		A vulnerability in the Cisco Webex Network Recording Player for Microsoft Windows and the Cisco Webex Player for Microsoft Windows could allow an attacker to execute arbitrary code on an affected sys… CWE-20
不適切な入力確認 		CVE-2018-15409 2024-11-21 12:50 2018-10-5 表示 GitHub Exploit DB Packet Storm
248068 7.8 HIGH
ローカル 		cisco webex_meetings_online
webex_meetings_server
webex_business_suite_32
webex_business_suite_33 		A vulnerability in the Cisco Webex Network Recording Player for Microsoft Windows and the Cisco Webex Player for Microsoft Windows could allow an attacker to execute arbitrary code on an affected sys… CWE-20
不適切な入力確認 		CVE-2018-15408 2024-11-21 12:50 2018-10-5 表示 GitHub Exploit DB Packet Storm
248069 6.1 MEDIUM
ネットワーク 		cisco ucs_director A vulnerability in the web-based management interface of Cisco UCS Director could allow an unauthenticated, remote attacker to conduct a stored cross-site scripting (XSS) attack against a user of the… CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2018-15406 2024-11-21 12:50 2018-10-5 表示 GitHub Exploit DB Packet Storm
248070 6.5 MEDIUM
ネットワーク 		cisco ucs_director A vulnerability in the web interface for specific feature sets of Cisco Integrated Management Controller (IMC) Supervisor and Cisco UCS Director could allow an authenticated, remote attacker to acces… CWE-863
不正な認証 		CVE-2018-15405 2024-11-21 12:50 2018-10-5 表示 GitHub Exploit DB Packet Storm
248071 6.5 MEDIUM
ネットワーク 		cisco unified_computing_system_director
integrated_management_controller_supervisor 		A vulnerability in the web interface of Cisco Integrated Management Controller (IMC) Supervisor and Cisco UCS Director could allow an authenticated, remote attacker to cause a denial of service (DoS)… CWE-770
制限またはスロットリング無しのリソースの割り当て 		CVE-2018-15404 2024-11-21 12:50 2018-10-5 表示 GitHub Exploit DB Packet Storm
248072 5.4 MEDIUM
ネットワーク 		cisco unified_communications_manager
unity_connection
unified_communications_manager_im_and_presence_service
emergency_responder 		A vulnerability in the web interface of Cisco Emergency Responder, Cisco Unified Communications Manager, Cisco Unified Communications Manager IM & Presence Service, and Cisco Unity Connection could a… CWE-601
オープンリダイレクト 		CVE-2018-15403 2024-11-21 12:50 2018-10-5 表示 GitHub Exploit DB Packet Storm
248073 6.5 MEDIUM
ネットワーク 		cisco hosted_collaboration_mediation_fulfillment A vulnerability in the web-based management interface of Cisco Hosted Collaboration Mediation Fulfillment could allow an unauthenticated, remote attacker to conduct a cross-site request forgery (CSRF… CWE-352
同一生成元ポリシー違反 		CVE-2018-15401 2024-11-21 12:50 2018-10-5 表示 GitHub Exploit DB Packet Storm
248074 6.1 MEDIUM
ネットワーク 		cisco cloud_services_platform_2100_firmware A vulnerability in the web-based management interface of Cisco Cloud Services Platform 2100 could allow an unauthenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a us… CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2018-15400 2024-11-21 12:50 2018-10-5 表示 GitHub Exploit DB Packet Storm
248075 6.8 MEDIUM
ネットワーク 		cisco adaptive_security_appliance_software
firepower_threat_defense 		A vulnerability in the TCP syslog module of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to exhau… CWE-770
制限またはスロットリング無しのリソースの割り当て 		CVE-2018-15399 2024-11-21 12:50 2018-10-5 表示 GitHub Exploit DB Packet Storm
248076 4.0 MEDIUM
ネットワーク 		cisco adaptive_security_appliance_software
firepower_threat_defense 		A vulnerability in the per-user-override feature of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker … NVD-CWE-noinfo
CVE-2018-15398 2024-11-21 12:50 2018-10-5 表示 GitHub Exploit DB Packet Storm
248077 6.8 MEDIUM
ネットワーク 		cisco firepower_management_center
adaptive_security_appliance_software 		A vulnerability in the implementation of Traffic Flow Confidentiality (TFC) over IPsec functionality in Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Softw… NVD-CWE-noinfo
CVE-2018-15397 2024-11-21 12:50 2018-10-5 表示 GitHub Exploit DB Packet Storm
248078 6.8 MEDIUM
ネットワーク 		cisco unity_connection A vulnerability in the Bulk Administration Tool (BAT) for Cisco Unity Connection could allow an authenticated, remote attacker to cause high disk utilization, resulting in a denial of service (DoS) c… CWE-400
リソースの枯渇 		CVE-2018-15396 2024-11-21 12:50 2018-10-5 表示 GitHub Exploit DB Packet Storm
248079 4.3 MEDIUM
隣接 		cisco industrial_network_director A vulnerability in the DHCP service of Cisco Industrial Network Director could allow an unauthenticated, adjacent attacker to cause a denial of service (DoS) condition. The vulnerability is due to im… NVD-CWE-noinfo
CVE-2018-15392 2024-11-21 12:50 2018-10-5 表示 GitHub Exploit DB Packet Storm
248080 7.5 HIGH
ネットワーク 		cisco remote A vulnerability in certain IPv4 fragment-processing functions of Cisco Remote PHY Software could allow an unauthenticated, remote attacker to impact traffic passing through a device, potentially caus… CWE-682
計算の誤り 		CVE-2018-15391 2024-11-21 12:50 2018-10-5 表示 GitHub Exploit DB Packet Storm
248081 6.8 MEDIUM
ネットワーク 		cisco firepower_threat_defense A vulnerability in the FTP inspection engine of Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to cause an affected device to reload, resulting in a den… CWE-667
不適切なロック 		CVE-2018-15390 2024-11-21 12:50 2018-10-5 表示 GitHub Exploit DB Packet Storm
248082 9.8 CRITICAL
ネットワーク 		cisco prime_collaboration A vulnerability in the install function of Cisco Prime Collaboration Provisioning (PCP) could allow an unauthenticated, remote attacker to access the administrative web interface using a default hard… CWE-798
ハードコードされた認証情報の使用 		CVE-2018-15389 2024-11-21 12:50 2018-10-5 表示 GitHub Exploit DB Packet Storm
248083 9.8 CRITICAL
ネットワーク 		cisco digital_network_architecture_center A vulnerability in Cisco Digital Network Architecture (DNA) Center could allow an unauthenticated, remote attacker to bypass authentication and have direct unauthorized access to critical management … NVD-CWE-noinfo
CVE-2018-15386 2024-11-21 12:50 2018-10-5 表示 GitHub Exploit DB Packet Storm
248084 7.5 HIGH
ネットワーク 		cisco firepower_threat_defense
adaptive_security_appliance_software 		A vulnerability in the cryptographic hardware accelerator driver of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, … CWE-770
制限またはスロットリング無しのリソースの割り当て 		CVE-2018-15383 2024-11-21 12:50 2018-10-5 表示 GitHub Exploit DB Packet Storm
248085 8.6 HIGH
ネットワーク 		cisco hyperflex_hx_data_platform A vulnerability in Cisco HyperFlex Software could allow an unauthenticated, remote attacker to generate valid, signed session tokens. The vulnerability is due to a static signing key that is present … CWE-642
重要な状態データの外部制御 		CVE-2018-15382 2024-11-21 12:50 2018-10-5 表示 GitHub Exploit DB Packet Storm
248086 9.8 CRITICAL
ネットワーク 		cisco prime_infrastructure A vulnerability in which the HTTP web server for Cisco Prime Infrastructure (PI) has unrestricted directory permissions could allow an unauthenticated, remote attacker to upload an arbitrary file. Th… CWE-732
重要なリソースに対する不適切なパーミッションの割り当て 		CVE-2018-15379 2024-11-21 12:50 2018-10-5 表示 GitHub Exploit DB Packet Storm
248087 8.6 HIGH
ネットワーク 		cisco ios A vulnerability in the Cisco Network Plug and Play agent, also referred to as the Cisco Open Plug-n-Play agent, of Cisco IOS Software and Cisco IOS XE Software could allow an unauthenticated, remote … CWE-401
有効期限後のメモリの解放の欠如 		CVE-2018-15377 2024-11-21 12:50 2018-10-5 表示 GitHub Exploit DB Packet Storm
248088 6.7 MEDIUM
ローカル 		cisco ios A vulnerability in the embedded test subsystem of Cisco IOS Software for Cisco 800 Series Industrial Integrated Services Routers could allow an authenticated, local attacker to write arbitrary values… CWE-123
任意の場所に任意の値を書き込み可能な状態 		CVE-2018-15376 2024-11-21 12:50 2018-10-5 表示 GitHub Exploit DB Packet Storm
248089 6.7 MEDIUM
ローカル 		cisco ios A vulnerability in the embedded test subsystem of Cisco IOS Software for Cisco 800 Series Industrial Integrated Services Routers could allow an authenticated, local attacker to write arbitrary values… CWE-123
任意の場所に任意の値を書き込み可能な状態 		CVE-2018-15375 2024-11-21 12:50 2018-10-5 表示 GitHub Exploit DB Packet Storm
248090 6.7 MEDIUM
ローカル 		cisco ios_xe A vulnerability in the Image Verification feature of Cisco IOS XE Software could allow an authenticated, local attacker to install a malicious software image or file on an affected device. The vulner… CWE-347
デジタル署名の不適切な検証 		CVE-2018-15374 2024-11-21 12:50 2018-10-5 表示 GitHub Exploit DB Packet Storm
248091 7.4 HIGH
隣接 		cisco ios_xe
ios 		A vulnerability in the implementation of Cisco Discovery Protocol functionality in Cisco IOS Software and Cisco IOS XE Software could allow an unauthenticated, adjacent attacker to exhaust memory on … CWE-770
制限またはスロットリング無しのリソースの割り当て 		CVE-2018-15373 2024-11-21 12:50 2018-10-5 表示 GitHub Exploit DB Packet Storm
248092 8.1 HIGH
隣接 		cisco ios_xe A vulnerability in the MACsec Key Agreement (MKA) using Extensible Authentication Protocol-Transport Layer Security (EAP-TLS) functionality of Cisco IOS XE Software could allow an unauthenticated, ad… NVD-CWE-noinfo
CVE-2018-15372 2024-11-21 12:50 2018-10-5 表示 GitHub Exploit DB Packet Storm
248093 6.7 MEDIUM
ローカル 		cisco ios_xe A vulnerability in the shell access request mechanism of Cisco IOS XE Software could allow an authenticated, local attacker to bypass authentication and gain unrestricted access to the root shell of … CWE-287
不適切な認証 		CVE-2018-15371 2024-11-21 12:50 2018-10-5 表示 GitHub Exploit DB Packet Storm
248094 6.8 MEDIUM
物理 		cisco ios_rom_monitor A vulnerability in Cisco IOS ROM Monitor (ROMMON) Software for Cisco Catalyst 6800 Series Switches could allow an unauthenticated, local attacker to bypass Cisco Secure Boot validation checks and loa… NVD-CWE-noinfo
CVE-2018-15370 2024-11-21 12:50 2018-10-5 表示 GitHub Exploit DB Packet Storm
248095 6.8 MEDIUM
ネットワーク 		cisco ios_xe
ios 		A vulnerability in the TACACS+ client subsystem of Cisco IOS Software and Cisco IOS XE Software could allow an unauthenticated, remote attacker to cause an affected device to reload, resulting in a d… CWE-20
不適切な入力確認 		CVE-2018-15369 2024-11-21 12:50 2018-10-5 表示 GitHub Exploit DB Packet Storm
248096 6.7 MEDIUM
ローカル 		cisco ios_xe A vulnerability in the CLI parser of Cisco IOS XE Software could allow an authenticated, local attacker to gain access to the underlying Linux shell of an affected device and execute arbitrary comman… CWE-78
OSコマンド・インジェクション 		CVE-2018-15368 2024-11-21 12:50 2018-10-5 表示 GitHub Exploit DB Packet Storm
248097 5.4 MEDIUM
ネットワーク 		trendmicro deep_discovery_inspector A Reflected Cross-Site Scripting (XSS) vulnerability in Trend Micro Deep Discovery Inspector 3.85 and below could allow an attacker to bypass CSRF protection and conduct an attack on vulnerable insta… CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2018-15365 2024-11-21 12:50 2018-09-29 表示 GitHub Exploit DB Packet Storm
248098 9.8 CRITICAL
ネットワーク 		isweb isweb CMS ISWEB 3.5.3 is vulnerable to directory traversal and local file download, as demonstrated by moduli/downloadFile.php?file=oggetto_documenti/../.././inc/config.php (one can take the control of the… CWE-22
パス・トラバーサル 		CVE-2018-14957 2024-11-21 12:50 2018-09-28 表示 GitHub Exploit DB Packet Storm
248099 9.8 CRITICAL
ネットワーク 		isweb isweb CMS ISWEB 3.5.3 is vulnerable to multiple SQL injection flaws. An attacker can inject malicious queries into the application and obtain sensitive information. CWE-89
SQLインジェクション 		CVE-2018-14956 2024-11-21 12:50 2018-09-28 表示 GitHub Exploit DB Packet Storm
248100 7.8 HIGH
ローカル 		vectra cognito Management Console in Vectra Networks Cognito Brain and Sensor before 4.3 contains a local privilege escalation vulnerability. NVD-CWE-noinfo
CVE-2018-14891 2024-11-21 12:50 2018-09-22 表示 GitHub Exploit DB Packet Storm