Vulnerability Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":May 15, 2026, 4 p.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
251881	6.3	警告	Puppet	-	Puppet Labs の Puppet における任意のファイルのパーミッションを変更される脆弱性	CWE-59 リンク解釈の問題	CVE-2011-3870	2011-11-4 15:01	2011-09-30	Show	GitHub Exploit DB Packet Storm

251882	6.3	警告	Puppet	-	Puppet Labs の Puppet における任意のファイルを上書きされる脆弱性	CWE-59 リンク解釈の問題	CVE-2011-3869	2011-11-4 15:01	2011-09-30	Show	GitHub Exploit DB Packet Storm

251883	5	警告	Puppet	-	Puppet Labs の Puppet におけるディレクトリトラバーサルの脆弱性	CWE-22 パス・トラバーサル	CVE-2011-3848	2011-11-4 15:00	2011-09-28	Show	GitHub Exploit DB Packet Storm

251884	4.3	警告	アップル	-	WebObjects におけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2011-3998	2011-11-4 14:03	2011-11-4	Show	GitHub Exploit DB Packet Storm

251885	6.4	警告	Opengear	-	複数の Opengear 製品における認証回避の脆弱性	CWE-287 不適切な認証	CVE-2011-3997	2011-11-4 14:02	2011-11-4	Show	GitHub Exploit DB Packet Storm

251886	9.3	危険	アップル	-	Windows 上で稼動する Apple QuickTime における任意のコードを実行される脆弱性	CWE-119 バッファエラー	CVE-2011-3251	2011-11-4 11:52	2011-10-26	Show	GitHub Exploit DB Packet Storm

251887	9.3	危険	アップル	-	Apple QuickTime における整数オーバーフローの脆弱性	CWE-189 数値処理の問題	CVE-2011-3250	2011-11-4 11:38	2011-10-28	Show	GitHub Exploit DB Packet Storm

251888	9.3	危険	アップル	-	Apple QuickTime におけるバッファオーバーフローの脆弱性	CWE-119 バッファエラー	CVE-2011-3249	2011-11-4 11:38	2011-10-28	Show	GitHub Exploit DB Packet Storm

251889	9.3	危険	アップル	-	Apple QuickTime における整数符号エラーの脆弱性	CWE-189 数値処理の問題	CVE-2011-3248	2011-11-4 11:37	2011-10-28	Show	GitHub Exploit DB Packet Storm

251890	9.3	危険	アップル	-	Windows 上で稼働する Apple QuickTime における整数オーバーフローの脆弱性	CWE-189 数値処理の問題	CVE-2011-3247	2011-11-4 11:36	2011-10-28	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:May 15, 2026, 4:28 a.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
222781	6.0	MEDIUM Local	synaptics lenovo hp	vfs75xx_firmware thinkpad_25_firmware thankpad_a475_firmware thankpad_a485_firmware thinkpad_e480_firmware thinkpad_e580_firmware thinkpad_e485_firmware thinkpad_e585_firmware	Incorrect access control in the firmware of Synaptics VFS75xx family fingerprint sensors that include external flash (all versions prior to 2019-11-15) allows a local administrator or physical attack…	NVD-CWE-noinfo	CVE-2019-18618	2024-11-21 13:33	2020-07-22	Show	GitHub Exploit DB Packet Storm

222782	7.8	HIGH Local	cypress	cyw20735_firmware	On the Cypress CYW20735 evaluation board, any data that exceeds 384 bytes is copied and causes an overflow. This is because the maximum BLOC buffer size for sending and receiving data is set to 384 b…	CWE-787 Out-of-bounds Write	CVE-2019-18614	2024-11-21 13:33	2020-06-16	Show	GitHub Exploit DB Packet Storm

222783	9.8	CRITICAL Network	dlink	dap-1360_revision_f_firmware	An issue was discovered on D-Link DAP-1360 revision F devices. Remote attackers can start a telnet service without authorization via an undocumented HTTP request. Although this is the primary vulnera…	CWE-306 Missing Authentication for Critical Function	CVE-2019-18666	2024-11-21 13:33	2020-05-16	Show	GitHub Exploit DB Packet Storm

222784	7.5	HIGH Network	blaauwproducts	remote_kiln_control	Weak password requirements in Blaauw Remote Kiln Control through v3.00r4 allow a user to set short or guessable passwords (e.g., 1 or 1234).	CWE-521 Weak Password Requirements	CVE-2019-18872	2024-11-21 13:33	2020-05-7	Show	GitHub Exploit DB Packet Storm

222785	8.8	HIGH Network	blaauwproducts	remote_kiln_control	A path traversal in debug.php accessed via default.php in Blaauw Remote Kiln Control through v3.00r4 allows an authenticated attacker to upload arbitrary files, leading to arbitrary remote code execu…	CWE-22 Path Traversal	CVE-2019-18871	2024-11-21 13:33	2020-05-7	Show	GitHub Exploit DB Packet Storm

222786	6.5	MEDIUM Network	blaauwproducts	remote_kiln_control	A path traversal via the iniFile parameter in excel.php in Blaauw Remote Kiln Control through v3.00r4 allows an authenticated attacker to download arbitrary files from the host machine.	CWE-22 Path Traversal	CVE-2019-18870	2024-11-21 13:33	2020-05-7	Show	GitHub Exploit DB Packet Storm

222787	9.8	CRITICAL Network	blaauwproducts	remote_kiln_control	Leftover Debug Code in Blaauw Remote Kiln Control through v3.00r4 allows a user to execute arbitrary php code via /default.php?idx=17.	NVD-CWE-Other	CVE-2019-18869	2024-11-21 13:33	2020-05-7	Show	GitHub Exploit DB Packet Storm

222788	7.5	HIGH Network	blaauwproducts	remote_kiln_control	Unauthenticated SQL injection via the username in the login mechanism in Blaauw Remote Kiln Control through v3.00r4 allows a user to extract arbitrary data from the rkc database.	CWE-89 SQL Injection	CVE-2019-18866	2024-11-21 13:33	2020-05-7	Show	GitHub Exploit DB Packet Storm

222789	7.5	HIGH Network	blaauwproducts	remote_kiln_control	/server-info and /server-status in Blaauw Remote Kiln Control through v3.00r4 allow an unauthenticated attacker to gain sensitive information about the host machine.	NVD-CWE-noinfo	CVE-2019-18864	2024-11-21 13:33	2020-05-7	Show	GitHub Exploit DB Packet Storm

222790	9.8	CRITICAL Network	blaauwproducts	remote_kiln_control	Blaauw Remote Kiln Control through v3.00r4 allows an unauthenticated attacker to access MySQL credentials in cleartext in /engine/db.inc, /lang/nl.bak, or /lang/en.bak.	CWE-312 CWE-522 Cleartext Storage of Sensitive Information Insufficiently Protected Credentials	CVE-2019-18868	2024-11-21 13:33	2020-05-7	Show	GitHub Exploit DB Packet Storm

Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed