Vulnerability Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":June 22, 2026, 6:01 p.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
244981	4.3	警告	T-dah	-	T-dah WebMail におけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2012-2573	2012-08-14 16:34	2012-08-12	Show	GitHub Exploit DB Packet Storm

244982	4.3	警告	WinWebMail	-	WinWebMail Servert におけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2012-2571	2012-08-14 16:33	2012-08-12	Show	GitHub Exploit DB Packet Storm

244983	10	危険	Amazon.com, Inc.	-	Amazon Kindle Touch における任意のコマンドを実行される脆弱性	CWE-94 コード・インジェクション	CVE-2012-4249	2012-08-14 16:31	2012-08-12	Show	GitHub Exploit DB Packet Storm

244984	9.3	危険	Amazon.com, Inc.	-	Amazon Kindle Touch における脆弱性	CWE-264 認可・権限・アクセス制御	CVE-2012-4248	2012-08-14 16:30	2012-08-12	Show	GitHub Exploit DB Packet Storm

244985	7.5	危険	Dir2web	-	Dir2web における SQL インジェクションの脆弱性	CWE-89 SQLインジェクション	CVE-2012-4070	2012-08-14 16:29	2012-08-12	Show	GitHub Exploit DB Packet Storm

244986	5	警告	Dir2web	-	Dir2web におけるデータベースをダウンロードされる脆弱性	CWE-264 認可・権限・アクセス制御	CVE-2012-4069	2012-08-14 16:26	2012-08-12	Show	GitHub Exploit DB Packet Storm

244987	4.3	警告	Alt-N	-	Alt-N MDaemon フリー版におけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2012-2584	2012-08-14 16:22	2012-08-12	Show	GitHub Exploit DB Packet Storm

244988	6.4	警告	Caucho Technology	-	Resin に同梱されている Caucho Quercus におけるファイル名の拡張子による制限を回避される脆弱性	CWE-264 認可・権限・アクセス制御	CVE-2012-2969	2012-08-14 16:16	2012-08-12	Show	GitHub Exploit DB Packet Storm

244989	5	警告	Caucho Technology	-	Resin に同梱されている Caucho Quercus におけるディレクトリトラバーサルの脆弱性	CWE-22 パス・トラバーサル	CVE-2012-2968	2012-08-14 16:09	2012-08-12	Show	GitHub Exploit DB Packet Storm

244990	7.5	危険	Caucho Technology	-	Resin に同梱されている Caucho Quercus における脆弱性	CWE-Other その他	CVE-2012-2967	2012-08-14 16:08	2012-08-12	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:June 23, 2026, 4 a.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
252121	9.8	CRITICAL Network	ubiquoss	vp5208a_firmware	ubiQuoss Switch VP5208A creates a bcm_password file at /cgi-bin/ with the user credentials in cleartext when a failed login attempt occurs. The file can be reached via an HTTP request. The credential…	CWE-522 Insufficiently Protected Credentials	CVE-2018-10024	2024-11-21 12:40	2018-04-12	Show	GitHub Exploit DB Packet Storm

252122	5.4	MEDIUM Network	catfish-cms	catfish_cms	Catfish CMS V4.7.21 allows XSS via the pinglun parameter to cat/index/index/pinglun (aka an authenticated comment).	CWE-79 Cross-site Scripting	CVE-2018-10023	2024-11-21 12:40	2018-04-12	Show	GitHub Exploit DB Packet Storm

252123	5.5	MEDIUM Local	linux	linux_kernel	drivers/scsi/libsas/sas_scsi_host.c in the Linux kernel before 4.16 allows local users to cause a denial of service (ata qc leak) by triggering certain failure conditions. NOTE: a third party dispute…	NVD-CWE-noinfo	CVE-2018-10021	2024-11-21 12:40	2018-04-12	Show	GitHub Exploit DB Packet Storm

252124	6.5	MEDIUM Network	openmpt	openmpt libopenmpt	soundlib/Snd_fx.cpp in OpenMPT before 1.27.07.00 and libopenmpt before 0.3.8 allows remote attackers to cause a denial of service (out-of-bounds read) via an IT or MO3 file with many nested pattern l…	CWE-125 Out-of-bounds Read	CVE-2018-10017	2024-11-21 12:40	2018-04-11	Show	GitHub Exploit DB Packet Storm

252125	5.5	MEDIUM Local	nasm	netwide_assembler	Netwide Assembler (NASM) 2.14rc0 has a division-by-zero vulnerability in the expr5 function in asm/eval.c via a malformed input file.	CWE-369 Divide By Zero	CVE-2018-10016	2024-11-21 12:40	2018-04-11	Show	GitHub Exploit DB Packet Storm

252126	6.5	MEDIUM Network	ffmpeg debian	ffmpeg debian_linux	The decode_init function in libavcodec/utvideodec.c in FFmpeg through 3.4.2 allows remote attackers to cause a denial of service (out of array read) via an AVI file.	CWE-125 Out-of-bounds Read	CVE-2018-10001	2024-11-21 12:40	2018-04-11	Show	GitHub Exploit DB Packet Storm

252127	6.1	MEDIUM Network	videodownloaderultimate	video_downloader	The Video Downloader professional extension before 2018-04-05 for Chrome has Universal XSS (UXSS) via vectors related to a link64_msgAddLinks event.	CWE-79 Cross-site Scripting	CVE-2018-10000	2024-11-21 12:40	2018-04-11	Show	GitHub Exploit DB Packet Storm

252128	9.1	CRITICAL Network	koji_project	koji	Koji version 1.12, 1.13, 1.14 and 1.15 contain an incorrect access control vulnerability resulting in arbitrary filesystem read/write access. This vulnerability has been fixed in versions 1.12.1, 1.1…	CWE-732 Incorrect Permission Assignment for Critical Resource	CVE-2018-1002150	2024-11-21 12:40	2018-04-5	Show	GitHub Exploit DB Packet Storm

252129	6.5	MEDIUM Network	jenkins	jenkins	A path traversal vulnerability exists in Jenkins 2.145 and earlier, LTS 2.138.1 and earlier in core/src/main/java/hudson/model/FileParameterValue.java that allows attackers with Job/Configure permiss…	CWE-22 Path Traversal	CVE-2018-1000406	2024-11-21 12:39	2019-01-10	Show	GitHub Exploit DB Packet Storm

252130	8.4	HIGH Adjacent	microsoft	windows_server_2016 windows_10	A remote code execution vulnerability exists when Windows Hyper-V on a host server fails to properly validate input from an authenticated user on a guest operating system, aka "Windows Hyper-V Remote…	CWE-20 Improper Input Validation	CVE-2018-0965	2024-11-21 12:39	2018-09-13	Show	GitHub Exploit DB Packet Storm

Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed