Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":July 1, 2026, 6 p.m.

No CVSS Level
Attach Vector
Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show
Exploit
PoC
Search
244491 7.8 危険 netcaptor - NetCaptor における制限された情報に他のドメインからアクセスされる脆弱性 - CVE-2006-6989 2012-09-25 15:36 2007-02-8 Show GitHub Exploit DB Packet Storm
244492 7.8 危険 phaseout - PhaseOut における他のドメインから制限情報にアクセスされる脆弱性 - CVE-2006-6986 2012-09-25 15:36 2007-02-8 Show GitHub Exploit DB Packet Storm
244493 5 警告 Maxthon - Maxthon における制限された情報に他のドメインからアクセスされる脆弱性 - CVE-2006-6985 2012-09-25 15:36 2007-02-8 Show GitHub Exploit DB Packet Storm
244494 5 警告 More Quick Tools - GreenBrowser における他ドメインから制限された情報にアクセスされる脆弱性 - CVE-2006-6984 2012-09-25 15:36 2007-02-8 Show GitHub Exploit DB Packet Storm
244495 5 警告 myweb4net - MYweb4net Browser における他のドメインから制限された情報にアクセスされる脆弱性 - CVE-2006-6983 2012-09-25 15:36 2007-02-8 Show GitHub Exploit DB Packet Storm
244496 2.6 注意 magnatune.com - Amarok の magnatune.com アルバムブラウザにおけるサービス運用妨害 (DoS) の脆弱性 - CVE-2006-6980 2012-09-25 15:36 2007-02-8 Show GitHub Exploit DB Packet Storm
244497 7.5 危険 headstart solutions - Headstart Solutions の DeskPRO における ディレクトリ内のファイルを一覧される脆弱性 - CVE-2006-6974 2012-09-25 15:36 2007-02-7 Show GitHub Exploit DB Packet Storm
244498 7.5 危険 headstart solutions - Headstart Solutions の DeskPRO におけるアプリケーションを再インストールされる脆弱性 - CVE-2006-6973 2012-09-25 15:36 2007-02-7 Show GitHub Exploit DB Packet Storm
244499 5 警告 Opera Software ASA - Opera における不正行為の保護メカニズムを回避される脆弱性 CWE-264
認可・権限・アクセス制御
CVE-2006-6970 2012-09-25 15:36 2007-02-7 Show GitHub Exploit DB Packet Storm
244500 6.8 警告 jetty - Jetty におけるセッション識別子を推測される脆弱性 - CVE-2006-6969 2012-09-25 15:36 2007-02-7 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:July 1, 2026, 4:27 a.m.

No CVSS Level
Attach Vector
Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
253141 5.3 MEDIUM
Network
digium
debian
asterisk
certified_asterisk
debian_linux
An issue was discovered in Asterisk Open Source 13.x before 13.21.1, 14.x before 14.7.7, and 15.x before 15.4.1 and Certified Asterisk 13.18-cert before 13.18-cert4 and 13.21-cert before 13.21-cert2.… CWE-200
Information Exposure
CVE-2018-12227 2024-11-21 12:44 2018-06-12 Show GitHub Exploit DB Packet Storm
253142 7.8 HIGH
Local
md4c_project md4c md_build_attribute in md4c.c in md4c 0.2.6 allows remote attackers to cause a denial of service (Segmentation fault and application crash) or possibly have unspecified other impact via a crafted file. CWE-119
Incorrect Access of Indexable Resource ('Range Error') 
CVE-2018-12112 2024-11-21 12:44 2018-06-11 Show GitHub Exploit DB Packet Storm
253143 6.1 MEDIUM
Network
canon efi_printme Cross-site scripting (XSS) vulnerability in the Canon PrintMe EFI webinterface allows remote attackers to inject arbitrary web script or HTML via the PATH_INFO to the /wt3/mydocs.php URI. CWE-79
Cross-site Scripting
CVE-2018-12111 2024-11-21 12:44 2018-06-11 Show GitHub Exploit DB Packet Storm
253144 7.2 HIGH
Network
portfoliocms_project portfoliocms portfolioCMS 1.0.5 has SQL Injection via the admin/portfolio.php preview parameter. CWE-89
SQL Injection
CVE-2018-12110 2024-11-21 12:44 2018-06-11 Show GitHub Exploit DB Packet Storm
253145 7.8 HIGH
Local
flif flif An issue was discovered in Free Lossless Image Format (FLIF) 0.3. The TransformPaletteC<FileIO>::process function in transform/palette_C.hpp allows remote attackers to cause a denial of service (heap… CWE-787
 Out-of-bounds Write
CVE-2018-12109 2024-11-21 12:44 2018-06-11 Show GitHub Exploit DB Packet Storm
253146 5.5 MEDIUM
Local
dropbox lepton An issue was discovered in Dropbox Lepton 1.2.1. The validateAndCompress function in validation.cc allows remote attackers to cause a denial of service (SIGFPE and application crash) via a malformed … CWE-20
 Improper Input Validation 
CVE-2018-12108 2024-11-21 12:44 2018-06-11 Show GitHub Exploit DB Packet Storm
253147 5.5 MEDIUM
Local
md4c_project md4c md4c 0.2.6 has a NULL pointer dereference in the function md_process_line in md4c.c, related to ctx->current_block. CWE-476
 NULL Pointer Dereference
CVE-2018-12102 2024-11-21 12:44 2018-06-11 Show GitHub Exploit DB Packet Storm
253148 4.8 MEDIUM
Network
sonatype nexus_repository_manager Sonatype Nexus Repository Manager versions 3.x before 3.12.0 has XSS in multiple areas in the Administration UI. CWE-79
Cross-site Scripting
CVE-2018-12100 2024-11-21 12:44 2018-06-11 Show GitHub Exploit DB Packet Storm
253149 6.1 MEDIUM
Network
grafana
netapp
grafana
active_iq_performance_analytics_services
storagegrid_webscale_nas_bridge
Grafana before 5.2.0-beta1 has XSS vulnerabilities in dashboard links. CWE-79
Cross-site Scripting
CVE-2018-12099 2024-11-21 12:44 2018-06-11 Show GitHub Exploit DB Packet Storm
253150 5.4 MEDIUM
Network
oecms_project oecms A Reflected Cross-Site Scripting web vulnerability has been discovered in the OEcms v3.1 web-application. The vulnerability is located in the mod parameter of info.php. CWE-79
Cross-site Scripting
CVE-2018-12095 2024-11-21 12:44 2018-06-11 Show GitHub Exploit DB Packet Storm