Vulnerability Search Top

Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

Vulnerability Information Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":May 2, 2026, 6 p.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
251351	9.3	危険	マイクロソフト	-	複数の Microsoft 製品における任意のコードを実行される脆弱性	CWE-20 不適切な入力確認	CVE-2011-0655	2011-05-6 10:56	2011-04-12	Show	GitHub Exploit DB Packet Storm

251352	9.3	危険	マイクロソフト	-	複数の Microsoft 製品における任意のコードを実行される脆弱性	CWE-264 認可・権限・アクセス制御	CVE-2011-0980	2011-05-6 10:55	2011-02-10	Show	GitHub Exploit DB Packet Storm

251353	9.3	危険	マイクロソフト	-	複数の Microsoft 製品における任意のコードを実行される脆弱性	CWE-119 バッファエラー	CVE-2011-0104	2011-05-6 10:54	2011-04-12	Show	GitHub Exploit DB Packet Storm

251354	9.3	危険	マイクロソフト	-	複数の Microsoft 製品における任意のコードを実行される脆弱性	CWE-119 バッファエラー	CVE-2011-0103	2011-05-6 10:52	2011-04-12	Show	GitHub Exploit DB Packet Storm

251355	9.3	危険	マイクロソフト	-	複数の Microsoft 製品におけるバッファオーバーフローの脆弱性	CWE-119 バッファエラー	CVE-2011-0105	2011-05-2 14:19	2011-04-12	Show	GitHub Exploit DB Packet Storm

251356	9.3	危険	マイクロソフト	-	複数の Microsoft Office 製品における任意のコードを実行される脆弱性	CWE-20 不適切な入力確認	CVE-2011-0979	2011-05-2 14:17	2011-02-10	Show	GitHub Exploit DB Packet Storm

251357	9.3	危険	マイクロソフト	-	複数の Microsoft Office 製品におけるスタックベースのバッファオーバーフローの脆弱性	CWE-119 バッファエラー	CVE-2011-0978	2011-05-2 14:16	2011-02-10	Show	GitHub Exploit DB Packet Storm

251358	9.3	危険	マイクロソフト	-	複数の Microsoft Office 製品における整数アンダーフローの脆弱性	CWE-189 数値処理の問題	CVE-2011-0097	2011-05-2 14:14	2011-04-12	Show	GitHub Exploit DB Packet Storm

251359	9.3	危険	マイクロソフト	-	Microsoft Windows の OpenType Compact Font Format ドライバにおけるスタックベースのバッファオーバーフローの脆弱性	CWE-119 バッファエラー	CVE-2011-0034	2011-05-2 14:14	2011-04-12	Show	GitHub Exploit DB Packet Storm

251360	9.3	危険	マイクロソフト	-	Microsoft の JScript および VBScript スクリプトエンジンにおける整数オーバーフローの脆弱性	CWE-189 数値処理の問題	CVE-2011-0663	2011-05-2 14:13	2011-04-12	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:May 2, 2026, 4:08 a.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
213341	9.8	CRITICAL Network	mobatek	mobaxterm	In MobaTek MobaXterm Personal Edition v11.1 Build 3860, the SSH private key and its password can be retrieved from process memory for the lifetime of the process, even after the user disconnects from…	CWE-255 Credentials Management	CVE-2019-7690	2024-11-21 13:48	2019-05-14	Show	GitHub Exploit DB Packet Storm

213342	5.4	MEDIUM Network	mythemeshop	launcher	Multiple stored cross-site scripting (XSS) in the MyThemeShop Launcher plugin 1.0.8 for WordPress allow remote authenticated users to inject arbitrary web script or HTML via fields as follows: (1) Ti…	CWE-79 Cross-site Scripting	CVE-2019-7411	2024-11-21 13:48	2019-05-13	Show	GitHub Exploit DB Packet Storm

213343	6.1	MEDIUM Network	vegadesign	profiledesign_cms	Multiple cross-site scripting (XSS) vulnerabilities in ProfileDesign CMS v6.0.2.5 allows remote attackers to inject arbitrary web script or HTML via the (1) page, (2) gbs, (3) side, (4) id, (5) imgid…	CWE-79 Cross-site Scripting	CVE-2019-7409	2024-11-21 13:48	2019-05-13	Show	GitHub Exploit DB Packet Storm

213344	7.5	HIGH Network	lg	gamp-7100_firmware gapm-7200_firmware gapm-8000_firmware	An issue was discovered on LG GAMP-7100, GAPM-7200, and GAPM-8000 routers. An unauthenticated user can read a log file via an HTTP request containing its full pathname, such as http://192.168.0.1/var…	CWE-306 Missing Authentication for Critical Function	CVE-2019-7404	2024-11-21 13:48	2019-05-13	Show	GitHub Exploit DB Packet Storm

213345	7.7	HIGH Network	thehive-project	cortex-analyzers	TheHive Project UnshortenLink analyzer before 1.1, included in Cortex-Analyzers before 1.15.2, has SSRF. To exploit the vulnerability, an attacker must create a new analysis, select URL for Data Type…	CWE-918 Server-Side Request Forgery (SSRF)	CVE-2019-7652	2024-11-21 13:48	2019-05-10	Show	GitHub Exploit DB Packet Storm

213346	9.8	CRITICAL Network	cyberark	enterprise_password_vault	An XML external entity (XXE) vulnerability in the Password Vault Web Access (PVWA) of CyberArk Enterprise Password Vault <=10.7 allows remote attackers to read arbitrary files or potentially bypass a…	CWE-611 XXE	CVE-2019-7442	2024-11-21 13:48	2019-05-9	Show	GitHub Exploit DB Packet Storm

213347	8.1	HIGH Network	jio	jmr1140_firmware	JioFi 4 jmr1140 Amtel_JMR1140_R12.07 devices allow remote attackers to obtain an admin token by making a /cgi-bin/qcmap_auth type=getuser request and then reading the token field. This token value ca…	CWE-352 Origin Validation Error	CVE-2019-7746	2024-11-21 13:48	2019-05-8	Show	GitHub Exploit DB Packet Storm

213348	9.8	CRITICAL Network	jio	jmr1140_firmware	JioFi 4 jmr1140 Amtel_JMR1140_R12.07 devices allow remote attackers to obtain the Wi-Fi password by making a cgi-bin/qcmap_web_cgi Page=GetWiFi_Setting request and then reading the wpa_security_key f…	NVD-CWE-noinfo	CVE-2019-7745	2024-11-21 13:48	2019-05-8	Show	GitHub Exploit DB Packet Storm

213349	6.1	MEDIUM Network	jio	jmr1140_firmware	cgi-bin/qcmap_web_cgi on JioFi 4 jmr1140 Amtel_JMR1140_R12.07 devices has POST based reflected XSS via the Page parameter. No sanitization is performed for user input data.	CWE-79 Cross-site Scripting	CVE-2019-7687	2024-11-21 13:48	2019-05-8	Show	GitHub Exploit DB Packet Storm

213350	9.8	CRITICAL Network	coship	rt3052_firmware rt3050_firmware wm3300_firmware rt7620_firmware	An issue was discovered on Shenzhen Coship WM3300 WiFi Router 5.0.0.55 devices. The password reset functionality of the Wireless SSID doesn't require any type of authentication. By making a POST requ…	CWE-306 Missing Authentication for Critical Function	CVE-2019-7564	2024-11-21 13:48	2019-05-8	Show	GitHub Exploit DB Packet Storm