Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":June 2, 2026, 6 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
252741 4.3 警告 Parallels - Parallels Plesk Panel の Control Panel における重要な情報を取得される脆弱性 CWE-200
情報漏えい 		CVE-2011-4852 2011-12-20 14:38 2011-12-16 Show GitHub Exploit DB Packet Storm
252742 9.3 危険 Parallels - Parallels Plesk Panel の Control Panel における認証を回避される脆弱性 CWE-255
証明書・パスワード管理 		CVE-2011-4851 2011-12-20 14:13 2011-12-16 Show GitHub Exploit DB Packet Storm
252743 4.3 警告 Parallels - Parallels Plesk Panel の Control Panel における重要な情報を取得される脆弱性 CWE-200
情報漏えい 		CVE-2011-4850 2011-12-20 14:12 2011-12-16 Show GitHub Exploit DB Packet Storm
252744 4.3 警告 Parallels - Parallels Plesk Panel の Control Panel における Cookie をキャプチャされる脆弱性 CWE-200
情報漏えい 		CVE-2011-4849 2011-12-20 14:11 2011-12-16 Show GitHub Exploit DB Packet Storm
252745 4.3 警告 Parallels - Parallels Plesk Panel の Control Panel における重要な情報を取得される脆弱性 CWE-200
情報漏えい 		CVE-2011-4848 2011-12-20 14:10 2011-12-16 Show GitHub Exploit DB Packet Storm
252746 7.5 危険 Parallels - Parallels Plesk Panel の Control Panel における SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2011-4847 2011-12-20 12:23 2011-12-16 Show GitHub Exploit DB Packet Storm
252747 4.3 警告 Parallels - Parallels Plesk Panel の Site Editor 機能におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2011-4777 2011-12-20 12:23 2011-12-16 Show GitHub Exploit DB Packet Storm
252748 4.3 警告 Parallels - Parallels Plesk Panel の Control Panel におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2011-4776 2011-12-20 12:22 2011-12-16 Show GitHub Exploit DB Packet Storm
252749 10 危険 Parallels - Parallels Plesk Small Business Panel の Site Editor 機能における詳細不明な脆弱性 CWE-DesignError
CVE-2011-4768 2011-12-20 12:21 2011-12-16 Show GitHub Exploit DB Packet Storm
252750 5 警告 Parallels - Parallels Plesk Small Business Panel の Site Editor 機能における重要な情報を取得される脆弱性 CWE-200
情報漏えい 		CVE-2011-4767 2011-12-20 12:21 2011-12-16 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:June 2, 2026, 4:18 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
318471 9.8 CRITICAL
Network 		arajajyothibabu school_management_system School Management System commit bae5aa was discovered to contain a SQL injection vulnerability via the medium parameter at dtmarks.php. CWE-89
SQL Injection 		CVE-2024-42573 2024-08-22 23:35 2024-08-20 Show GitHub Exploit DB Packet Storm
318472 7.8 HIGH
Local 		fortinet fortimanager
fortianalyzer 		A unverified password change in Fortinet FortiManager versions 7.0.0 through 7.0.10, versions 7.2.0 through 7.2.4, and versions 7.4.0 through 7.4.1, as well as Fortinet FortiAnalyzer versions 7.0.0 t… NVD-CWE-Other
CVE-2024-21757 2024-08-22 23:34 2024-08-14 Show GitHub Exploit DB Packet Storm
318473 9.0 CRITICAL
Network 		fortinet fortisoar An improper neutralization of input during web page generation ('cross-site scripting') in Fortinet FortiSOAR 7.3.0 through 7.3.2 allows an authenticated, remote attacker to inject arbitrary web scri… CWE-79
Cross-site Scripting 		CVE-2023-26211 2024-08-22 23:33 2024-08-14 Show GitHub Exploit DB Packet Storm
318474 8.8 HIGH
Network 		fortinet fortios
fortipam
fortiswitchmanager
fortiproxy 		An insufficient session expiration vulnerability [CWE-613] vulnerability in FortiOS 7.2.5 and below, 7.0 all versions, 6.4 all versions; FortiProxy 7.2 all versions, 7.0 all versions; FortiPAM 1.3 al… CWE-613
 Insufficient Session Expiration 		CVE-2022-45862 2024-08-22 23:32 2024-08-14 Show GitHub Exploit DB Packet Storm
318475 7.8 HIGH
Local 		fortinet fortiddos-f
fortiddos 		A improper neutralization of special elements used in an os command ('os command injection') in Fortinet FortiDDoS version 5.5.0 through 5.5.1, 5.4.2 through 5.4.0, 5.3.0 through 5.3.1, 5.2.0, 5.1.0,… CWE-78
OS Command  		CVE-2022-27486 2024-08-22 23:29 2024-08-14 Show GitHub Exploit DB Packet Storm
318476 7.1 HIGH
Network 		pepperl-fuchs icdm-rx\/tcp_socketserver_firmware
profinet_firmware
profinet\/modbus_firmware
modbus_router_firmware
modbus_server_firmware
modbus_tcp_firmware
ethernet\/ip_firmware
eip\/modbus… 		An unauthenticated remote attacker may use a reflected XSS vulnerability to obtain information from a user or reboot the affected device once. CWE-79
Cross-site Scripting 		CVE-2024-5849 2024-08-22 22:39 2024-08-13 Show GitHub Exploit DB Packet Storm
318477 7.1 HIGH
Network 		pepperl-fuchs icdm-rx\/tcp_socketserver_firmware
profinet_firmware
profinet\/modbus_firmware
modbus_router_firmware
modbus_server_firmware
modbus_tcp_firmware
ethernet\/ip_firmware
eip\/modbus… 		An unauthenticated remote attacker may use stored XSS vulnerability to obtain information from a user or reboot the affected device once. CWE-79
Cross-site Scripting 		CVE-2024-38502 2024-08-22 22:35 2024-08-13 Show GitHub Exploit DB Packet Storm
318478 6.1 MEDIUM
Network 		pepperl-fuchs icdm-rx\/tcp_socketserver_firmware
profinet_firmware
profinet\/modbus_firmware
modbus_router_firmware
modbus_server_firmware
modbus_tcp_firmware
ethernet\/ip_firmware
eip\/modbus… 		An unauthenticated remote attacker may use a HTML injection vulnerability with limited length to inject malicious HTML code and gain low-privileged access on the affected device. CWE-79
Cross-site Scripting 		CVE-2024-38501 2024-08-22 22:34 2024-08-13 Show GitHub Exploit DB Packet Storm
318479 7.2 HIGH
Network 		elastic kibana A flaw allowing arbitrary code execution was discovered in Kibana. An attacker with access to ML and Alerting connector features, as well as write access to internal ML indices can trigger a prototyp… CWE-1321
 Improperly Controlled Modification of Object Prototype Attributes ('Prototype Pollution') 		CVE-2024-37287 2024-08-22 22:33 2024-08-13 Show GitHub Exploit DB Packet Storm
318480 7.5 HIGH
Network 		ibm openbmc A vulnerability in the combination of the OpenBMC's FW1050.00 through FW1050.10, FW1030.00 through FW1030.50, and FW1020.00 through FW1020.60 default password and session management allow an attacker… CWE-306
Missing Authentication for Critical Function 		CVE-2024-35124 2024-08-22 22:31 2024-08-13 Show GitHub Exploit DB Packet Storm