Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":May 27, 2026, 6 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
254061 5.1 警告 マイクロソフト - Microsoft .NET Framework の JIT コンパイラにおけるアクセス制限を回避される脆弱性 CWE-264
認可・権限・アクセス制御 		CVE-2011-1271 2011-06-24 10:05 2011-06-14 Show GitHub Exploit DB Packet Storm
254062 10 危険 マイクロソフト - Microsoft Windows の SMB クライアントにおける任意コードを実行される脆弱性 CWE-20
不適切な入力確認 		CVE-2011-1268 2011-06-24 10:04 2011-06-14 Show GitHub Exploit DB Packet Storm
254063 7.8 危険 マイクロソフト - Microsoft Windows の Distributed File System 実装におけるサービス運用妨害 (システムハング) の脆弱性 CWE-399
リソース管理の問題 		CVE-2011-1869 2011-06-24 10:03 2011-06-14 Show GitHub Exploit DB Packet Storm
254064 10 危険 マイクロソフト - Microsoft Windows の Distributed File System 実装における任意のコードを実行される脆弱性 CWE-119
バッファエラー 		CVE-2011-1868 2011-06-24 10:01 2011-06-14 Show GitHub Exploit DB Packet Storm
254065 5.7 警告 Linux
レッドハット		 - Linux kernel の RPC サーバソケット機能におけるサービス運用妨害 (クラッシュ) の脆弱性 CWE-399
リソース管理の問題 		CVE-2011-0714 2011-06-23 11:48 2011-03-8 Show GitHub Exploit DB Packet Storm
254066 9.3 危険 マイクロソフト - Microsoft Windows の win32k.sys における任意のコードを実行される脆弱性 CWE-20
不適切な入力確認 		CVE-2011-1873 2011-06-23 11:42 2011-06-14 Show GitHub Exploit DB Packet Storm
254067 10 危険 マイクロソフト - Microsoft Forefront Threat Management Gateway (TMG) 2010 クライアントの NSPLookupServiceNext 関数における任意のコードを実行される脆弱性 CWE-119
バッファエラー 		CVE-2011-1889 2011-06-23 11:30 2011-06-14 Show GitHub Exploit DB Packet Storm
254068 9.3 危険 マイクロソフト - Microsoft .NET Framework および Silverlight における任意のコードを実行される脆弱性 CWE-20
不適切な入力確認 		CVE-2011-0664 2011-06-23 11:29 2011-06-14 Show GitHub Exploit DB Packet Storm
254069 9.3 危険 マイクロソフト - Microsoft Windows の OLE オートメーションプロトコル実装における整数アンダーフローの脆弱性 CWE-189
数値処理の問題 		CVE-2011-0658 2011-06-23 11:28 2011-06-14 Show GitHub Exploit DB Packet Storm
254070 4.3 警告 マイクロソフト - Microsoft Windows の MHTML プロトコルハンドラにおけるクロスサイトスクリプティングを誘導される脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2011-1894 2011-06-23 11:27 2011-06-14 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:May 28, 2026, 4:16 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
311181 7.5 HIGH
Network 		gaizhenbiao chuanhuchatgpt An arbitrary file read vulnerability exists in gaizhenbiao/chuanhuchatgpt version 20240628 due to insufficient validation when loading prompt template files. An attacker can read any file that matche… CWE-22
Path Traversal 		CVE-2024-7962 2024-11-1 23:19 2024-10-29 Show GitHub Exploit DB Packet Storm
311182 5.4 MEDIUM
Network 		ysoft safeq Multiple Stored Cross-Site Scripting vulnerabilities were discovered in Y Soft SAFEQ 6 Build 53. Multiple fields in the YSoft SafeQ web application can be used to inject malicious inputs that, due to… CWE-79
Cross-site Scripting 		CVE-2022-23861 2024-11-1 23:19 2024-10-23 Show GitHub Exploit DB Packet Storm
311183 8.8 HIGH
Network 		tenda rx9_pro_firmware A vulnerability, which was classified as critical, has been found in Tenda RX9 and RX9 Pro 22.03.02.20. Affected by this issue is the function sub_4337EC of the file /goform/SetNetControlList. The ma… CWE-787
 Out-of-bounds Write 		CVE-2024-10283 2024-11-1 23:08 2024-10-24 Show GitHub Exploit DB Packet Storm
311184 7.5 HIGH
Network 		tenda ac15_firmware
ac7_firmware
ac10u_firmware
ac500_firmware
ac18_firmware
ac9_firmware
ac1206_firmware
ac6_firmware
ac10_firmware
ac8_firmware 		A vulnerability was found in Tenda AC6, AC7, AC8, AC9, AC10, AC10U, AC15, AC18, AC500 and AC1206 up to 20241022. It has been rated as problematic. This issue affects the function websReadEvent of the… CWE-476
 NULL Pointer Dereference 		CVE-2024-10280 2024-11-1 23:03 2024-10-23 Show GitHub Exploit DB Packet Storm
311185 8.8 HIGH
Network 		tenda rx9_pro_firmware A vulnerability classified as critical has been found in Tenda RX9 and RX9 Pro 22.03.02.10/22.03.02.20. Affected is the function sub_42EEE0 of the file /goform/SetStaticRouteCfg. The manipulation of … CWE-787
 Out-of-bounds Write 		CVE-2024-10281 2024-11-1 22:52 2024-10-23 Show GitHub Exploit DB Packet Storm
311186 8.8 HIGH
Network 		tenda rx9_pro_firmware A vulnerability classified as critical was found in Tenda RX9 and RX9 Pro 22.03.02.10/22.03.02.20. Affected by this vulnerability is the function sub_42EA38 of the file /goform/SetVirtualServerCfg. T… CWE-787
 Out-of-bounds Write 		CVE-2024-10282 2024-11-1 22:47 2024-10-24 Show GitHub Exploit DB Packet Storm
311187 - - - Directory Traversal in /SASStudio/sasexec/sessions/{sessionID}/workspace/{InternalPath} in SAS Studio 9.4 allows remote attacker to access internal files by manipulating default path during file down… - CVE-2024-48735 2024-11-1 22:15 2024-10-31 Show GitHub Exploit DB Packet Storm
311188 - - - In PyTorch <=2.4.1, the RemoteModule has Deserialization RCE. NOTE: this is disputed by multiple parties because this is intended behavior in PyTorch distributed computing. - CVE-2024-48063 2024-11-1 22:15 2024-10-30 Show GitHub Exploit DB Packet Storm
311189 6.4 MEDIUM
Network 		- - The Otter Blocks – Gutenberg Blocks, Page Builder for Gutenberg Editor & FSE plugin for WordPress is vulnerable to Stored Cross-Site Scripting via REST API SVG File uploads in all versions up to, and… CWE-79
Cross-site Scripting 		CVE-2024-10367 2024-11-1 21:57 2024-11-1 Show GitHub Exploit DB Packet Storm
311190 6.1 MEDIUM
Network 		- - IDExpert from CHANGING Information Technology does not properly validate a parameter for a specific functionality, allowing unauthenticated remote attackers to inject JavsScript code and perform Refl… CWE-79
Cross-site Scripting 		CVE-2024-10652 2024-11-1 21:57 2024-11-1 Show GitHub Exploit DB Packet Storm