Vulnerability Search Top

Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

Vulnerability Information Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":May 28, 2026, 6 p.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
253571	7.2	危険	マイクロソフト	-	Microsoft Windows XP および Windows Server 2003 の afd.sys における権限昇格の脆弱性	CWE-264 認可・権限・アクセス制御	CVE-2011-2005	2011-10-21 15:34	2011-10-11	Show	GitHub Exploit DB Packet Storm

253572	5	警告	マイクロソフト	-	Microsoft Windows XP および Windows Server 2003 における権限昇格の脆弱性	CWE-20 不適切な入力確認	CVE-2011-2012	2011-10-21 15:31	2011-10-11	Show	GitHub Exploit DB Packet Storm

253573	9.3	危険	マイクロソフト	-	Microsoft Forefront UAG の MicrosoftClient.jar における任意のコードを実行される脆弱性	CWE-94 コード・インジェクション	CVE-2011-1969	2011-10-21 15:31	2011-10-11	Show	GitHub Exploit DB Packet Storm

253574	4.3	警告	マイクロソフト	-	Microsoft Forefront UAG 2010 におけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2011-1897	2011-10-21 15:30	2011-10-11	Show	GitHub Exploit DB Packet Storm

253575	4.3	警告	マイクロソフト	-	Microsoft Forefront UAG 2010 におけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2011-1896	2011-10-21 15:30	2011-10-11	Show	GitHub Exploit DB Packet Storm

253576	9.3	危険	マイクロソフト	-	Microsoft Forefront UAG 2010 における CRLF インジェクションの脆弱性	CWE-94 コード・インジェクション	CVE-2011-1895	2011-10-21 15:28	2011-10-11	Show	GitHub Exploit DB Packet Storm

253577	9.3	危険	マイクロソフト	-	Microsoft .NET Framework および Silverlight における任意のコードを実行される脆弱性	CWE-264 認可・権限・アクセス制御	CVE-2011-1253	2011-10-21 15:27	2011-10-11	Show	GitHub Exploit DB Packet Storm

253578	7.2	危険	マイクロソフト	-	Microsoft Windows のカーネルモードドライバ内にある win32k.sys における権限昇格の脆弱性	CWE-399 リソース管理の問題	CVE-2011-2011	2011-10-21 15:26	2011-10-11	Show	GitHub Exploit DB Packet Storm

253579	9.3	危険	マイクロソフト	-	Microsoft Windows の win32k.sys のバッファオーバーフローの脆弱性	CWE-119 バッファエラー	CVE-2011-2003	2011-10-21 15:25	2011-10-11	Show	GitHub Exploit DB Packet Storm

253580	4.7	警告	マイクロソフト	-	Microsoft Windows の win32k.sys におけるサービス運用妨害 (システムハング) の脆弱性	CWE-20 不適切な入力確認	CVE-2011-2002	2011-10-21 15:25	2011-10-11	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:May 28, 2026, 4:16 a.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
219891	5.3	MEDIUM Network	lenovo	px12-350r_firmware ix12-300r_firmware home_media_network_hard_drive_firmware storecenter_ix2-200_firmware storecenter_ix4-200d_firmware storecenter_ix4-200rl_firmware	An information leakage vulnerability in Iomega and LenovoEMC NAS products could allow disclosure of some device details such as Share names through the device API when Personal Cloud is enabled. This…	NVD-CWE-noinfo	CVE-2019-6178	2024-11-21 13:46	2019-08-20	Show	GitHub Exploit DB Packet Storm

219892	6.8	MEDIUM Physics	lenovo	20f1_firmware 20f2_firmware 20jq_firmware 20jr_firmware 20g9_firmware 20gb_firmware 20g8_firmware 20ga_firmware 20ht_firmware 20hv_firmware 20hs_firmware 20hu_firmwar…	A vulnerability was reported in various BIOS versions of older ThinkPad systems that could allow a user with administrative privileges or physical access the ability to update the Embedded Controller…	NVD-CWE-noinfo	CVE-2019-6171	2024-11-21 13:46	2019-08-20	Show	GitHub Exploit DB Packet Storm

219893	7.8	HIGH Local	lenovo	yoga_700-11isk_firmware yoga_700-14isk_firmware	A DLL search path vulnerability was reported in PaperDisplay Hotkey Service version 1.2.0.8 that could allow privilege escalation. Lenovo has ended support for PaperDisplay Hotkey software as the Nig…	CWE-426 Untrusted Search Path	CVE-2019-6165	2024-11-21 13:46	2019-08-20	Show	GitHub Exploit DB Packet Storm

219894	6.1	MEDIUM Network	lenovo	bladecenter_hs22_firmware bladecenter_hs22v_firmware bladecenter_hx5_firmware system_x_idataplex_dx360_m2_firmware system_x_idataplex_dx360_m3_firmware system_x3400_m3_firmware syst…	A stored cross-site scripting (XSS) vulnerability exists in various firmware versions of the legacy IBM System x IMM (IMM v1) embedded Baseboard Management Controller (BMC). This vulnerability could …	CWE-79 Cross-site Scripting	CVE-2019-6159	2024-11-21 13:46	2019-08-20	Show	GitHub Exploit DB Packet Storm

219895	7.5	HIGH Network	lenovo	px12-350r_firmware ix12-300r_firmware home_media_network_hard_drive_firmware storcenter_ix2-200_firmware storcenter_ix4-200d_firmware storcenter_ix4-200rl_firmware	A vulnerability in various versions of Iomega and LenovoEMC NAS products could allow an unauthenticated user to access files on NAS shares via the API.	NVD-CWE-noinfo	CVE-2019-6160	2024-11-21 13:46	2019-07-17	Show	GitHub Exploit DB Packet Storm

219896	4.8	MEDIUM Network	f5	big-ip_advanced_firewall_manager big-ip_policy_enforcement_manager	On BIG-IP (AFM, PEM) 14.1.0-14.1.0.5, 14.0.0-14.0.0.4, 13.0.0-13.1.1.4, 12.1.0-12.1.4, 11.6.1-11.6.3.4, and 11.5.1-11.5.8, an undisclosed TMUI pages for AFM and PEM Subscriber management are vulnerab…	CWE-79 Cross-site Scripting	CVE-2019-6639	2024-11-21 13:46	2019-07-4	Show	GitHub Exploit DB Packet Storm

219897	8.4	HIGH Network	f5	big-ip_advanced_firewall_manager big-ip_application_security_manager	On BIG-IP (AFM, ASM) 14.1.0-14.1.0.5, 14.0.0-14.0.0.4, 13.0.0-13.1.1.4, 12.1.0-12.1.4, and 11.5.1-11.6.4, a stored cross-site scripting vulnerability in AFM feed list. In the worst case, an attacker …	CWE-352 CWE-79 Origin Validation Error Cross-site Scripting	CVE-2019-6636	2024-11-21 13:46	2019-07-4	Show	GitHub Exploit DB Packet Storm

219898	6.5	MEDIUM Network	f5	big-ip_local_traffic_manager big-ip_application_acceleration_manager big-ip_advanced_firewall_manager big-ip_application_security_manager big-ip_domain_name_system big-ip_edge_gateway<…	On BIG-IP 12.1.0-12.1.4.1, undisclosed requests can cause iControl REST processes to crash. The attack can only come from an authenticated user; all roles are capable of performing the attack. Unauth…	NVD-CWE-noinfo	CVE-2019-6641	2024-11-21 13:46	2019-07-4	Show	GitHub Exploit DB Packet Storm

219899	5.3	MEDIUM Network	f5	big-ip_local_traffic_manager big-ip_application_acceleration_manager big-ip_advanced_firewall_manager big-ip_analytics big-ip_access_policy_manager big-ip_application_security_manager<…	On BIG-IP 14.1.0-14.1.0.5, 14.0.0-14.0.0.4, 13.0.0-13.1.1.4, 12.1.0-12.1.4, 11.6.1-11.6.3.4, and 11.5.1-11.5.8, SNMP exposes sensitive configuration objects over insecure transmission channels. This …	CWE-319 Cleartext Transmission of Sensitive Information	CVE-2019-6640	2024-11-21 13:46	2019-07-4	Show	GitHub Exploit DB Packet Storm

219900	6.5	MEDIUM Network	f5	big-ip_local_traffic_manager big-ip_application_acceleration_manager big-ip_advanced_firewall_manager big-ip_analytics big-ip_access_policy_manager big-ip_application_security_manager<…	On BIG-IP 14.1.0-14.1.0.5 and 14.0.0-14.0.0.4, Malformed http requests made to an undisclosed iControl REST endpoint can lead to infinite loop of the restjavad process.	CWE-835 Loop with Unreachable Exit Condition ('Infinite Loop')	CVE-2019-6638	2024-11-21 13:46	2019-07-4	Show	GitHub Exploit DB Packet Storm