Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":May 8, 2026, 6 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
250361 7.5 危険 IBM - IBM Tivoli Netcool/Reporter における任意のコードを実行される脆弱性 CWE-94
コード・インジェクション 		CVE-2011-4668 2011-12-5 16:07 2011-12-2 Show GitHub Exploit DB Packet Storm
250362 5 警告 Schneider Electric - Schneider Electric の複数の製品におけるディレクトリトラバーサルの脆弱性 CWE-22
パス・トラバーサル 		CVE-2011-4036 2011-12-5 16:06 2011-10-24 Show GitHub Exploit DB Packet Storm
250363 4.3 警告 Schneider Electric - Schneider Electric の複数の製品におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2011-4035 2011-12-5 16:05 2011-10-24 Show GitHub Exploit DB Packet Storm
250364 9.3 危険 Schneider Electric - Steema TeeChart ActiveX コントロールにおけるバッファオーバーフローの脆弱性 CWE-119
バッファエラー 		CVE-2011-4034 2011-12-5 16:05 2011-10-24 Show GitHub Exploit DB Packet Storm
250365 4.3 警告 Schneider Electric - Steema TeeChart ActiveX コントロールにおけるバッファオーバーフローの脆弱性 CWE-119
バッファエラー 		CVE-2011-4033 2011-12-5 16:03 2011-10-24 Show GitHub Exploit DB Packet Storm
250366 5 警告 PrestaShop - Prestashop の admin/displayImage.php における CRLF インジェクションの脆弱性 CWE-94
コード・インジェクション 		CVE-2011-4545 2011-12-5 16:01 2011-12-2 Show GitHub Exploit DB Packet Storm
250367 4.3 警告 PrestaShop - Prestashop におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2011-4544 2011-12-5 16:00 2011-12-1 Show GitHub Exploit DB Packet Storm
250368 4.3 警告 atmail pty ltd - AtMail Open におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2011-4540 2011-12-5 15:58 2011-12-1 Show GitHub Exploit DB Packet Storm
250369 2.6 注意 CloudBees - CloudBees Jenkins の Jenkins Core におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2011-4344 2011-12-2 15:50 2011-11-8 Show GitHub Exploit DB Packet Storm
250370 4.3 警告 シュナイダーエレクトリック株式会社 (旧社名株式会社エーピーシー・ジャパン) - PowerChute Business Edition におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2011-4263 2011-12-2 12:01 2011-12-2 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:May 8, 2026, 4:54 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
213231 8.8 HIGH
Network 		ofcms_project ofcms An issue was discovered in OFCMS before 1.1.3. Remote attackers can execute arbitrary code because blocking of .jsp and .jspx files does not consider (for example) file.jsp::$DATA to the admin/comn/s… CWE-434
 Unrestricted Upload of File with Dangerous Type  		CVE-2019-9609 2024-11-21 13:51 2019-03-7 Show GitHub Exploit DB Packet Storm
213232 8.8 HIGH
Network 		ofcms_project ofcms An issue was discovered in OFCMS before 1.1.3. Remote attackers can execute arbitrary code because blocking of .jsp and .jspx files does not consider (for example) file.jsp::$DATA to the admin/uedito… CWE-434
 Unrestricted Upload of File with Dangerous Type  		CVE-2019-9608 2024-11-21 13:51 2019-03-7 Show GitHub Exploit DB Packet Storm
213233 5.3 MEDIUM
Network 		medical_store_script_project medical_store_script PHP Scripts Mall Medical Store Script 3.0.3 allows Path Traversal by navigating to the parent directory of a jpg or png file. CWE-22
Path Traversal 		CVE-2019-9607 2024-11-21 13:51 2019-03-7 Show GitHub Exploit DB Packet Storm
213234 5.4 MEDIUM
Network 		personal_video_collection_script_project personal_video_collection_script PHP Scripts Mall Personal Video Collection Script 4.0.4 has Stored XSS via the "Update profile" feature. CWE-79
Cross-site Scripting 		CVE-2019-9606 2024-11-21 13:51 2019-03-7 Show GitHub Exploit DB Packet Storm
213235 6.5 MEDIUM
Network 		1234n minicms MiniCMS 1.10 allows mc-admin/post.php?state=publish&delete= CSRF to delete articles, a different vulnerability than CVE-2018-18891. CWE-352
 Origin Validation Error 		CVE-2019-9603 2024-11-21 13:51 2019-03-7 Show GitHub Exploit DB Packet Storm
213236 7.5 HIGH
Network 		apowersoft apowermanager The ApowerManager application through 3.1.7 for Android allows remote attackers to cause a denial of service via many simultaneous /?Key=PhoneRequestAuthorization requests. NVD-CWE-noinfo
CVE-2019-9601 2024-11-21 13:51 2019-03-7 Show GitHub Exploit DB Packet Storm
213237 7.5 HIGH
Network 		theolivetree ftp_server The Olive Tree FTP Server (aka com.theolivetree.ftpserver) application through 1.32 for Android allows remote attackers to cause a denial of service via a client that makes many connection attempts a… NVD-CWE-noinfo
CVE-2019-9600 2024-11-21 13:51 2019-03-7 Show GitHub Exploit DB Packet Storm
213238 7.5 HIGH
Network 		airdroid airdroid The AirDroid application through 4.2.1.6 for Android allows remote attackers to cause a denial of service (service crash) via many simultaneous sdctl/comm/lite_auth/ requests. NVD-CWE-noinfo
CVE-2019-9599 2024-11-21 13:51 2019-03-7 Show GitHub Exploit DB Packet Storm
213239 6.1 MEDIUM
Network 		appcms appcms AppCMS 2.0.101 allows XSS via the upload/callback.php params parameter. CWE-79
Cross-site Scripting 		CVE-2019-9595 2024-11-21 13:51 2019-03-7 Show GitHub Exploit DB Packet Storm
213240 9.8 CRITICAL
Network 		bluecms_project bluecms BlueCMS 1.6 allows SQL Injection via the user_id parameter in an uploads/admin/user.php?act=edit request. CWE-89
SQL Injection 		CVE-2019-9594 2024-11-21 13:51 2019-03-7 Show GitHub Exploit DB Packet Storm