Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":June 24, 2026, 2 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
244961 6.8 警告 Gajim.org - Gajim の common/helpers.py における任意のコマンドを実行される脆弱性 CWE-94
コード・インジェクション 		CVE-2012-2085 2012-08-31 15:22 2011-11-4 Show GitHub Exploit DB Packet Storm
244962 6 警告 Giant Robot - Drupal 用 ZipCart モジュールにおけるアクセス制限を回避される脆弱性 CWE-264
認可・権限・アクセス制御 		CVE-2012-1650 2012-08-31 15:05 2012-02-29 Show GitHub Exploit DB Packet Storm
244963 4.3 警告 MediaFront - Drupal 用 MediaFront モジュールにおけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2012-1647 2012-08-31 15:02 2012-02-29 Show GitHub Exploit DB Packet Storm
244964 2.6 注意 Wim Leers - Drupal 用 CDN モジュールにおける任意の PHP ファイルを読まれる脆弱性 CWE-200
情報漏えい 		CVE-2012-1645 2012-08-31 14:57 2012-02-15 Show GitHub Exploit DB Packet Storm
244965 2.1 注意 Gizra - Drupal 用 Organic Groups Vocabulary モジュールにおけるボキャブラリを改ざんされる脆弱性 CWE-264
認可・権限・アクセス制御 		CVE-2012-1644 2012-08-31 14:53 2012-02-15 Show GitHub Exploit DB Packet Storm
244966 5 警告 Jason Savino - Drupal 用 Faster Permissions モジュールにおけるアクセス権を変更される脆弱性 CWE-264
認可・権限・アクセス制御 		CVE-2012-1643 2012-08-31 14:50 2012-02-15 Show GitHub Exploit DB Packet Storm
244967 5 警告 YAML for Drupal - Drupal 用 Link checker モジュールにおける重要な情報を取得される脆弱性 CWE-264
認可・権限・アクセス制御 		CVE-2012-1642 2012-08-31 14:48 2012-02-15 Show GitHub Exploit DB Packet Storm
244968 6 警告 danielb - Drupal 用 Finder モジュールの finder_import 関数における任意の PHP コードを実行される脆弱性 CWE-264
認可・権限・アクセス制御 		CVE-2012-1641 2012-08-31 14:45 2012-02-8 Show GitHub Exploit DB Packet Storm
244969 6.4 警告 Rik de Boer - Drupal 用 revisioning モジュールにおけるアクセス制限を回避される脆弱性 CWE-264
認可・権限・アクセス制御 		CVE-2012-1635 2012-08-31 14:41 2012-01-18 Show GitHub Exploit DB Packet Storm
244970 5 警告 SilverStripe - SilverStripe における重要な情報を取得される脆弱性 CWE-200
情報漏えい 		CVE-2010-5188 2012-08-31 10:36 2012-08-26 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:June 24, 2026, 4 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
251981 5.3 MEDIUM
Network 		json-jwt_project json-jwt Nov json-jwt version >= 0.5.0 && < 1.9.4 contains a CWE-347: Improper Verification of Cryptographic Signature vulnerability in Decryption of AES-GCM encrypted JSON Web Tokens that can result in Attac… CWE-347
 Improper Verification of Cryptographic Signature 		CVE-2018-1000539 2024-11-21 12:40 2018-06-27 Show GitHub Exploit DB Packet Storm
251982 7.5 HIGH
Network 		minio minio Minio Inc. Minio S3 server version prior to RELEASE.2018-05-16T23-35-33Z contains a Allocation of Memory Without Limits or Throttling (similar to CWE-774) vulnerability in write-to-RAM that can resul… CWE-774
 Allocation of File Descriptors or Handles Without Limits or Throttling 		CVE-2018-1000538 2024-11-21 12:40 2018-06-27 Show GitHub Exploit DB Packet Storm
251983 9.8 CRITICAL
Network 		marlinfw marlin_firmware Marlin Firmware Marlin version 1.1.x and earlier contains a Buffer Overflow vulnerability in cardreader.cpp (Depending on branch/version) that can result in Arbitrary code execution. This attack appe… CWE-119
Incorrect Access of Indexable Resource ('Range Error')  		CVE-2018-1000537 2024-11-21 12:40 2018-06-27 Show GitHub Exploit DB Packet Storm
251984 6.1 MEDIUM
Network 		getmedis medis Medis version 0.6.1 and earlier contains a XSS vulnerability evolving into code execution due to enabled nodeIntegration for the renderer process vulnerability in Key name parameter on new key creati… CWE-79
Cross-site Scripting 		CVE-2018-1000536 2024-11-21 12:40 2018-06-27 Show GitHub Exploit DB Packet Storm
251985 7.5 HIGH
Network 		lms lms lms version <= LMS_011123 contains a Local File Disclosure vulnerability in File reading functionality in LMS module that can result in Possible to read files on the server. This attack appear to be … CWE-200
Information Exposure 		CVE-2018-1000535 2024-11-21 12:40 2018-06-27 Show GitHub Exploit DB Packet Storm
251986 6.1 MEDIUM
Network 		joplin_project joplin Joplin version prior to 1.0.90 contains a XSS evolving into code execution due to enabled nodeIntegration for that particular BrowserWindow instance where XSS was identified from vulnerability in Not… CWE-79
Cross-site Scripting 		CVE-2018-1000534 2024-11-21 12:40 2018-06-27 Show GitHub Exploit DB Packet Storm
251987 9.8 CRITICAL
Network 		gitlist gitlist klaussilveira GitList version <= 0.6 contains a Passing incorrectly sanitized input to system function vulnerability in `searchTree` function that can result in Execute any code as PHP user. This att… CWE-20
 Improper Input Validation  		CVE-2018-1000533 2024-11-21 12:40 2018-06-27 Show GitHub Exploit DB Packet Storm
251988 4.7 MEDIUM
Local 		beep_project beep beep version 1.3 and up contains a External Control of File Name or Path vulnerability in --device option that can result in Local unprivileged user can inhibit execution of arbitrary programs by oth… CWE-22
Path Traversal 		CVE-2018-1000532 2024-11-21 12:40 2018-06-27 Show GitHub Exploit DB Packet Storm
251989 7.5 HIGH
Network 		inversoft prime-jwt inversoft prime-jwt version prior to commit abb0d479389a2509f939452a6767dc424bb5e6ba contains a CWE-20 vulnerability in JWTDecoder.decode that can result in an incorrect signature validation of a JWT… CWE-20
 Improper Input Validation  		CVE-2018-1000531 2024-11-21 12:40 2018-06-27 Show GitHub Exploit DB Packet Storm
251990 6.1 MEDIUM
Network 		grails grails_fields Grails Fields plugin version 2.2.7 contains a Cross Site Scripting (XSS) vulnerability in Using the display tag that can result in XSS . This vulnerability appears to have been fixed in 2.2.8. CWE-79
Cross-site Scripting 		CVE-2018-1000529 2024-11-21 12:40 2018-06-27 Show GitHub Exploit DB Packet Storm