Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":May 7, 2026, 12:09 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
249791 7.5 危険 jonkemp - WordPress 用 WordPress Users プラグインの wp-users.php における SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2011-4669 2011-12-5 16:08 2011-12-2 Show GitHub Exploit DB Packet Storm
249792 7.5 危険 IBM - IBM Tivoli Netcool/Reporter における任意のコードを実行される脆弱性 CWE-94
コード・インジェクション 		CVE-2011-4668 2011-12-5 16:07 2011-12-2 Show GitHub Exploit DB Packet Storm
249793 5 警告 Schneider Electric - Schneider Electric の複数の製品におけるディレクトリトラバーサルの脆弱性 CWE-22
パス・トラバーサル 		CVE-2011-4036 2011-12-5 16:06 2011-10-24 Show GitHub Exploit DB Packet Storm
249794 4.3 警告 Schneider Electric - Schneider Electric の複数の製品におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2011-4035 2011-12-5 16:05 2011-10-24 Show GitHub Exploit DB Packet Storm
249795 9.3 危険 Schneider Electric - Steema TeeChart ActiveX コントロールにおけるバッファオーバーフローの脆弱性 CWE-119
バッファエラー 		CVE-2011-4034 2011-12-5 16:05 2011-10-24 Show GitHub Exploit DB Packet Storm
249796 4.3 警告 Schneider Electric - Steema TeeChart ActiveX コントロールにおけるバッファオーバーフローの脆弱性 CWE-119
バッファエラー 		CVE-2011-4033 2011-12-5 16:03 2011-10-24 Show GitHub Exploit DB Packet Storm
249797 5 警告 PrestaShop - Prestashop の admin/displayImage.php における CRLF インジェクションの脆弱性 CWE-94
コード・インジェクション 		CVE-2011-4545 2011-12-5 16:01 2011-12-2 Show GitHub Exploit DB Packet Storm
249798 4.3 警告 PrestaShop - Prestashop におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2011-4544 2011-12-5 16:00 2011-12-1 Show GitHub Exploit DB Packet Storm
249799 4.3 警告 atmail pty ltd - AtMail Open におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2011-4540 2011-12-5 15:58 2011-12-1 Show GitHub Exploit DB Packet Storm
249800 2.6 注意 CloudBees - CloudBees Jenkins の Jenkins Core におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2011-4344 2011-12-2 15:50 2011-11-8 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:May 7, 2026, 4:22 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
314491 9.8 CRITICAL
Network 		risearch risearch
risearch_pro 		RiSearch 1.0.01 and RiSearch Pro 3.2.06 allows remote attackers to use the show.pl script as an open proxy, or read arbitrary local files, by setting the url parameter to a (1) http://, (2) ftp://, o… CWE-918
Server-Side Request Forgery (SSRF)  		CVE-2004-2061 2024-02-9 04:56 2004-07-27 Show GitHub Exploit DB Packet Storm
314492 9.8 CRITICAL
Network 		siemens db4web DB4Web server, when configured to use verbose debug messages, allows remote attackers to use DB4Web as a proxy and attempt TCP connections to other systems (port scan) via a request for a URL that sp… CWE-918
Server-Side Request Forgery (SSRF)  		CVE-2002-1484 2024-02-9 04:56 2003-04-22 Show GitHub Exploit DB Packet Storm
314493 7.5 HIGH
Network 		adobe acrobat_reader
acrobat 		The Adobe Reader control in Adobe Reader and Acrobat 7.0 and 7.0.1 allows remote attackers to determine the existence of files via Javascript containing XML script, aka the "XML External Entity vulne… CWE-611
XXE 		CVE-2005-1306 2024-02-9 04:55 2005-06-15 Show GitHub Exploit DB Packet Storm
314494 5.5 MEDIUM
Local 		dump_project dump dump 0.4 b10 through b29 allows local users to cause a denial of service (execution prevention) by using flock() to lock the /etc/dumpdates file. CWE-667
 Improper Locking 		CVE-2002-1914 2024-02-9 04:24 2002-12-31 Show GitHub Exploit DB Packet Storm
314495 5.5 MEDIUM
Local 		openbsd
netbsd
freebsd 		openbsd
netbsd
freebsd 		tip on multiple BSD-based operating systems allows local users to cause a denial of service (execution prevention) by using flock() to lock the /var/log/acculog file. CWE-667
 Improper Locking 		CVE-2002-1915 2024-02-9 04:24 2002-12-31 Show GitHub Exploit DB Packet Storm
314496 7.8 HIGH
Local 		microsoft windows_2000 Windows 2000 allows local users to prevent the application of new group policy settings by opening Group Policy files with exclusive-read access. CWE-667
 Improper Locking 		CVE-2002-0051 2024-02-9 04:24 2002-04-4 Show GitHub Exploit DB Packet Storm
314497 5.5 MEDIUM
Local 		concurrent_versions_software_project concurrent_versions_software Concurrent Versions Software (CVS) uses predictable temporary file names for locking, which allows local users to cause a denial of service by creating the lock directory before it is created for use… CWE-667
 Improper Locking 		CVE-2000-0338 2024-02-9 04:23 2000-04-23 Show GitHub Exploit DB Packet Storm
314498 5.5 MEDIUM
Local 		qualcomm qpopper qpopper POP server creates lock files with predictable names, which allows local users to cause a denial of service for other users (lack of mail access) by creating lock files for other mail boxes. CWE-667
 Improper Locking 		CVE-2000-1198 2024-02-9 04:22 2001-08-31 Show GitHub Exploit DB Packet Storm
314499 9.8 CRITICAL
Network 		gnome
debian 		evolution
debian_linux 		Integer overflow in camel-lock-helper in Evolution 2.0.2 and earlier allows local users or remote malicious POP3 servers to execute arbitrary code via a length value of -1, which leads to a zero byte… CWE-190
 Integer Overflow or Wraparound 		CVE-2005-0102 2024-02-9 03:39 2005-01-24 Show GitHub Exploit DB Packet Storm
314500 9.8 CRITICAL
Network 		php
opensuse
suse 		php
opensuse
linux_enterprise 		The dechunk filter in PHP 5.3 through 5.3.2, when decoding an HTTP chunked encoding stream, allows context-dependent attackers to cause a denial of service (crash) and possibly trigger memory corrupt… CWE-190
 Integer Overflow or Wraparound 		CVE-2010-1866 2024-02-9 03:38 2010-05-8 Show GitHub Exploit DB Packet Storm