Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":May 27, 2026, 4 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
252451 4.3 警告 SmarterTools Inc. - SmarterTools SmarterStats におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2011-4750 2011-12-19 16:16 2011-12-16 Show GitHub Exploit DB Packet Storm
252452 4.6 警告 ヒューレット・パッカード
IBM
オラクル		 - HP ALM 内の getInstalledPackages 関数における権限を取得される脆弱性 CWE-264
認可・権限・アクセス制御 		CVE-2011-4834 2011-12-19 15:08 2011-12-15 Show GitHub Exploit DB Packet Storm
252453 7.5 危険 SugarCRM - SugarCRM の Leads モジュールにおける SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2011-4833 2011-12-19 15:08 2011-12-15 Show GitHub Exploit DB Packet Storm
252454 7.5 危険 Moxiecode Systems AB
phpMyFAQ
PHPletter		 - 複数の製品で使用される inc/function.base.php における PHP コードを挿入される脆弱性 CWE-94
コード・インジェクション 		CVE-2011-4825 2011-12-19 15:07 2011-10-25 Show GitHub Exploit DB Packet Storm
252455 7.5 危険 The Cacti Group - Cacti の auth_login.php における SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2011-4824 2011-12-19 15:06 2011-09-26 Show GitHub Exploit DB Packet Storm
252456 4.3 警告 Atlassian - Atlassian FishEye のユーザプロファイル機能におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2011-4822 2011-12-19 15:05 2011-10-24 Show GitHub Exploit DB Packet Storm
252457 3.6 注意 Artsoft Entertainment - Artsoft Entertainment の Rocks'n'Diamonds における任意のファイルを上書きされる脆弱性 CWE-264
認可・権限・アクセス制御 		CVE-2011-4606 2011-12-19 15:05 2011-12-15 Show GitHub Exploit DB Packet Storm
252458 4.3 警告 Digium - Asterisk の channels/chan_sip.c におけるサービス運用妨害 (DoS) の脆弱性 CWE-200
情報漏えい 		CVE-2011-4598 2011-12-19 15:03 2011-11-2 Show GitHub Exploit DB Packet Storm
252459 5 警告 Digium - Asterisk の UDP 実装での SIP におけるユーザ名を列挙される脆弱性 CWE-200
情報漏えい 		CVE-2011-4597 2011-12-19 15:01 2011-07-18 Show GitHub Exploit DB Packet Storm
252460 7.5 危険 Caupo.Net - CaupoShop Pro および CaupoShop Classic におけるディレクトリトラバーサルの脆弱性 CWE-22
パス・トラバーサル 		CVE-2011-4832 2011-12-19 13:44 2011-12-15 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:May 27, 2026, 4:52 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
208771 6.1 MEDIUM
Network 		fusionpbx fusionpbx Cross Site Scripting (XSS) vulnerability in FusionPBX 4.5.7 allows remote malicious users to inject arbitrary web script or HTML via an unsanitized "f" variable in app\vars\vars_textarea.php. CWE-79
Cross-site Scripting 		CVE-2020-21054 2024-11-21 14:12 2021-05-21 Show GitHub Exploit DB Packet Storm
208772 6.1 MEDIUM
Network 		fusionpbx fusionpbx Cross Site Scriptiong (XSS) vulnerability exists in FusionPBX 4.5.7 allows remote malicious users to inject arbitrary web script or HTML via an unsanitized "query_string" variable in app\devices\devi… CWE-79
Cross-site Scripting 		CVE-2020-21053 2024-11-21 14:12 2021-05-21 Show GitHub Exploit DB Packet Storm
208773 9.8 CRITICAL
Network 		pluck-cms pluck In Pluck-4.7.10-dev2 admin background, a remote command execution vulnerability exists when uploading files. CWE-77
Command Injection 		CVE-2020-20951 2024-11-21 14:12 2021-05-19 Show GitHub Exploit DB Packet Storm
208774 8.8 HIGH
Network 		gnu libredwg GNU LibreDWG 0.10 is affected by: memcpy-param-overlap. The impact is: execute arbitrary code (remote). The component is: read_2004_section_header ../../src/decode.c:2580. NVD-CWE-Other
CVE-2020-21844 2024-11-21 14:12 2021-05-18 Show GitHub Exploit DB Packet Storm
208775 8.8 HIGH
Network 		gnu libredwg A heap based buffer overflow vulnerability exits in GNU LibreDWG 0.10 via bit_read_RC ../../src/bits.c:318. CWE-787
 Out-of-bounds Write 		CVE-2020-21843 2024-11-21 14:12 2021-05-18 Show GitHub Exploit DB Packet Storm
208776 8.8 HIGH
Network 		gnu libredwg A heap based buffer overflow vulnerability exists in GNU LibreDWG 0.10 via read_2004_section_revhistory ../../src/decode.c:3051. CWE-787
 Out-of-bounds Write 		CVE-2020-21842 2024-11-21 14:12 2021-05-18 Show GitHub Exploit DB Packet Storm
208777 8.8 HIGH
Network 		gnu libredwg A heap based buffer overflow vulnerability exists in GNU LibreDWG 0.10 via read_2004_section_handles ../../src/decode.c:2637. CWE-787
 Out-of-bounds Write 		CVE-2020-21831 2024-11-21 14:12 2021-05-18 Show GitHub Exploit DB Packet Storm
208778 8.8 HIGH
Network 		gnu libredwg A heap based buffer overflow vulnerability exits in GNU LibreDWG 0.10 via bit_read_B ../../src/bits.c:135. CWE-787
 Out-of-bounds Write 		CVE-2020-21841 2024-11-21 14:12 2021-05-18 Show GitHub Exploit DB Packet Storm
208779 8.8 HIGH
Network 		gnu libredwg A heap based buffer overflow vulnerability exits in GNU LibreDWG 0.10 via bit_search_sentinel ../../src/bits.c:1985. CWE-787
 Out-of-bounds Write 		CVE-2020-21840 2024-11-21 14:12 2021-05-18 Show GitHub Exploit DB Packet Storm
208780 6.5 MEDIUM
Network 		gnu libredwg An issue was discovered in GNU LibreDWG 0.10. Crafted input will lead to an memory leak in dwg_decode_eed ../../src/decode.c:3638. CWE-401
 Missing Release of Memory after Effective Lifetime 		CVE-2020-21839 2024-11-21 14:12 2021-05-18 Show GitHub Exploit DB Packet Storm