Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":May 18, 2026, 4:01 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
203951 6.5 警告
Network 		マイクロソフト - 複数の Microsoft Windows 製品の GDI における重要な情報を取得される脆弱性 CWE-200
情報漏えい 		CVE-2016-0169 2016-05-13 15:16 2016-05-10 Show GitHub Exploit DB Packet Storm
203952 6.5 警告
Network 		マイクロソフト - 複数の Microsoft Windows 製品の GDI における重要な情報を取得される脆弱性 CWE-200
情報漏えい 		CVE-2016-0168 2016-05-13 15:16 2016-05-10 Show GitHub Exploit DB Packet Storm
203953 7.8 重要
Local 		マイクロソフト - 複数の Microsoft 製品における任意のコードを実行される脆弱性 CWE-119
バッファエラー 		CVE-2016-0198 2016-05-13 14:33 2016-05-10 Show GitHub Exploit DB Packet Storm
203954 8.8 重要
Network 		マイクロソフト - 複数の Microsoft 製品の Windows フォント ライブラリにおける任意のコードを実行される脆弱性 CWE-Other
その他 		CVE-2016-0183 2016-05-13 14:33 2016-05-10 Show GitHub Exploit DB Packet Storm
203955 7.8 重要
Local 		マイクロソフト - 複数の Microsoft 製品における任意のコードを実行される脆弱性 CWE-119
バッファエラー 		CVE-2016-0140 2016-05-13 14:33 2016-05-10 Show GitHub Exploit DB Packet Storm
203956 7.8 重要
Local 		マイクロソフト - Microsoft Office 2013 および 2016 における任意のコードを実行される脆弱性 CWE-119
バッファエラー 		CVE-2016-0126 2016-05-13 14:33 2016-05-10 Show GitHub Exploit DB Packet Storm
203957 7.8 重要
Local 		マイクロソフト - 複数の Microsoft Windows 製品の Media Center における任意のコードを実行される脆弱性 CWE-20
不適切な入力確認 		CVE-2016-0185 2016-05-13 13:56 2016-05-10 Show GitHub Exploit DB Packet Storm
203958 8.8 重要
Network 		Debian
Mercurial		 - Mercurial の convert エクステンションにおける任意のコードを実行される脆弱性 CWE-Other
その他 		CVE-2016-3105 2016-05-12 17:38 2016-05-1 Show GitHub Exploit DB Packet Storm
203959 7.8 重要
Local 		w1.fi
Google		 - wpa_supplicant における任意のライブラリのロードを誘発される脆弱性 CWE-Other
その他 		CVE-2016-4477 2016-05-12 16:44 2016-05-2 Show GitHub Exploit DB Packet Storm
203960 7.5 重要
Network 		w1.fi - hostapd および wpa_supplicant におけるサービス運用妨害 (DoS) の脆弱性 CWE-20
不適切な入力確認 		CVE-2016-4476 2016-05-12 16:44 2016-05-2 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:May 18, 2026, 4:12 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
11 8.2 HIGH
Network 		- - Zechat 1.5 contains a SQL injection vulnerability in the hashtag parameter that allows unauthenticated attackers to extract database information using union-based techniques. Attackers can exploit th… New CWE-89
SQL Injection 		CVE-2018-25338 2026-05-17 22:16 2026-05-17 Show GitHub Exploit DB Packet Storm
12 4.3 MEDIUM
Network 		- - Joomla JoomOCShop 1.0 contains a cross-site request forgery vulnerability that allows attackers to perform unauthorized actions on behalf of authenticated users. Attackers can craft malicious HTML fo… New CWE-352
 Origin Validation Error 		CVE-2018-25337 2026-05-17 22:16 2026-05-17 Show GitHub Exploit DB Packet Storm
13 5.3 MEDIUM
Network 		- - Joomla jCart for OpenCart 2.3.0.2 contains a cross-site request forgery vulnerability that allows attackers to modify user account information without authentication. Attackers can craft malicious HT… New CWE-352
 Origin Validation Error 		CVE-2018-25336 2026-05-17 22:16 2026-05-17 Show GitHub Exploit DB Packet Storm
14 9.8 CRITICAL
Network 		- - WordPress Plugin Peugeot Music 1.0 contains an arbitrary file upload vulnerability that allows unauthenticated attackers to upload malicious files by sending POST requests to the upload.php endpoint.… New CWE-306
Missing Authentication for Critical Function 		CVE-2018-25335 2026-05-17 22:16 2026-05-17 Show GitHub Exploit DB Packet Storm
15 5.4 MEDIUM
Network 		- - Zechat 1.5 contains a Cross-Site Request Forgery (CSRF) vulnerability that allows an attacker to change a user's information by bypassing anti-CSRF protections. The application uses a CSRF token, but… New CWE-352
 Origin Validation Error 		CVE-2018-25334 2026-05-17 22:16 2026-05-17 Show GitHub Exploit DB Packet Storm
16 8.2 HIGH
Network 		- - Nordex N149/4.0-4.5 Wind Turbine Web Server 4.0 contains an SQL injection vulnerability that allows unauthenticated attackers to execute arbitrary SQL queries by injecting malicious code through the … New CWE-89
SQL Injection 		CVE-2018-25333 2026-05-17 22:16 2026-05-17 Show GitHub Exploit DB Packet Storm
17 9.8 CRITICAL
Network 		- - GitBucket 4.23.1 contains an unauthenticated remote code execution vulnerability that allows attackers to execute arbitrary commands by exploiting weak secret token generation and insecure file uploa… New CWE-306
Missing Authentication for Critical Function 		CVE-2018-25332 2026-05-17 22:16 2026-05-17 Show GitHub Exploit DB Packet Storm
18 6.1 MEDIUM
Network 		- - Zenar Content Management System contains a cross-site scripting vulnerability that allows unauthenticated attackers to inject malicious scripts by manipulating form parameters in POST requests. Attac… New CWE-79
Cross-site Scripting 		CVE-2018-25331 2026-05-17 22:16 2026-05-17 Show GitHub Exploit DB Packet Storm
19 8.2 HIGH
Network 		- - Joomla! extension EkRishta 2.10 contains persistent cross-site scripting and SQL injection vulnerabilities that allow attackers to inject malicious code through profile fields and POST parameters. At… New CWE-89
SQL Injection 		CVE-2018-25330 2026-05-17 22:16 2026-05-17 Show GitHub Exploit DB Packet Storm
20 7.5 HIGH
Network 		- - WordPress Plugin WP with Spritz 1.0 contains a remote file inclusion vulnerability that allows unauthenticated attackers to read arbitrary files by injecting file paths into the url parameter. Attack… New CWE-98
 Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') 		CVE-2018-25329 2026-05-17 22:16 2026-05-17 Show GitHub Exploit DB Packet Storm