Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":June 19, 2026, 6 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
245621 4.3 警告 aj square - AJ Auction Pro OOPD の index.php におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2009-4989 2012-06-26 16:19 2010-08-25 Show GitHub Exploit DB Packet Storm
245622 7.5 危険 TYPO3 Association
christian ehmann		 - TYPO3 の event_registr 拡張における SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2009-4968 2012-06-26 16:19 2010-07-28 Show GitHub Exploit DB Packet Storm
245623 7.5 危険 elemente
TYPO3 Association		 - TYPO3 の ast_addresszipsearch 拡張における SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2009-4966 2012-06-26 16:19 2010-07-28 Show GitHub Exploit DB Packet Storm
245624 9.3 危険 adammo - Fat Player におけるスタックベースのバッファオーバーフローの脆弱性 CWE-119
バッファエラー 		CVE-2009-4962 2012-06-26 16:19 2010-07-28 Show GitHub Exploit DB Packet Storm
245625 7.5 危険 Emophp Programming - EMO Breeder Manager の video.php における SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2009-4958 2012-06-26 16:19 2010-07-28 Show GitHub Exploit DB Packet Storm
245626 7.5 危険 ATutor - AdPeeps におけるアクセス権を取得される脆弱性 CWE-255
証明書・パスワード管理 		CVE-2009-4945 2012-06-26 16:19 2010-07-22 Show GitHub Exploit DB Packet Storm
245627 4.3 警告 ATutor - ATRC ACollab におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2009-4944 2012-06-26 16:19 2010-07-22 Show GitHub Exploit DB Packet Storm
245628 4.3 警告 ATutor - ACollab におけるクロスサイトリクエストフォージェリの脆弱性 CWE-352
同一生成元ポリシー違反 		CVE-2009-4942 2012-06-26 16:19 2010-07-22 Show GitHub Exploit DB Packet Storm
245629 4.3 警告 ATutor - ATRC ACollab の sign_in.php におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2009-4941 2012-06-26 16:19 2010-07-22 Show GitHub Exploit DB Packet Storm
245630 7.5 危険 esoftpro - Online Guestbook Pro の ogp_show.php における SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2009-4935 2012-06-26 16:19 2010-07-12 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:June 20, 2026, 4:01 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
252461 9.8 CRITICAL
Network 		validformbuilder validform_builder ValidFormBuilder version 4.5.4 contains a PHP Object Injection vulnerability in Valid Form unserialize method that can result in Possible to execute unauthorised system commands remotely and disclose… CWE-502
 Deserialization of Untrusted Data 		CVE-2018-1000059 2024-11-21 12:39 2018-02-10 Show GitHub Exploit DB Packet Storm
252462 4.3 MEDIUM
Network 		jenkins credentials_binding Jenkins Credentials Binding Plugin 1.14 and earlier masks passwords it provides to build processes in their build logs. Jenkins however transforms provided password values, e.g. replacing environment… CWE-522
 Insufficiently Protected Credentials 		CVE-2018-1000057 2024-11-21 12:39 2018-02-10 Show GitHub Exploit DB Packet Storm
252463 9.8 CRITICAL
Network 		sensu sensu_core Sensu, Inc. Sensu Core version Before 1.2.0 & before commit 46ff10023e8cbf1b6978838f47c51b20b98fe30b contains a CWE-522 vulnerability in Sensu::Utilities.redact_sensitive() that can result in sensiti… CWE-532
 Inclusion of Sensitive Information in Log Files 		CVE-2018-1000060 2024-11-21 12:39 2018-02-10 Show GitHub Exploit DB Packet Storm
252464 8.8 HIGH
Network 		jenkins pipeline_supporting_apis Jenkins Pipeline: Supporting APIs Plugin 2.17 and earlier have an arbitrary code execution due to incomplete sandbox protection: Methods related to Java deserialization like readResolve implemented i… CWE-502
 Deserialization of Untrusted Data 		CVE-2018-1000058 2024-11-21 12:39 2018-02-10 Show GitHub Exploit DB Packet Storm
252465 8.3 HIGH
Network 		jenkins junit Jenkins JUnit Plugin 1.23 and earlier processes XML external entities in files it parses as part of the build process, allowing attackers with user permissions in Jenkins to extract secrets from the … CWE-611
CWE-918
XXE
Server-Side Request Forgery (SSRF)  		CVE-2018-1000056 2024-11-21 12:39 2018-02-10 Show GitHub Exploit DB Packet Storm
252466 8.3 HIGH
Network 		jenkins android_lint Jenkins Android Lint Plugin 2.5 and earlier processes XML external entities in files it parses as part of the build process, allowing attackers with user permissions in Jenkins to extract secrets fro… CWE-611
CWE-918
XXE
Server-Side Request Forgery (SSRF)  		CVE-2018-1000055 2024-11-21 12:39 2018-02-10 Show GitHub Exploit DB Packet Storm
252467 8.3 HIGH
Network 		jenkins ccm Jenkins CCM Plugin 3.1 and earlier processes XML external entities in files it parses as part of the build process, allowing attackers with user permissions in Jenkins to extract secrets from the Jen… CWE-611
CWE-918
XXE
Server-Side Request Forgery (SSRF)  		CVE-2018-1000054 2024-11-21 12:39 2018-02-10 Show GitHub Exploit DB Packet Storm
252468 8.8 HIGH
Network 		limesurvey limesurvey LimeSurvey version 3.0.0-beta.3+17110 contains a Cross ite Request Forgery (CSRF) vulnerability in Theme Uninstallation that can result in CSRF causing LimeSurvey admins to delete all their themes, r… CWE-352
 Origin Validation Error 		CVE-2018-1000053 2024-11-21 12:39 2018-02-10 Show GitHub Exploit DB Packet Storm
252469 7.5 HIGH
Network 		fmt fmt fmtlib version prior to version 4.1.0 (before commit 0555cea5fc0bf890afe0071a558e44625a34ba85) contains a Memory corruption (SIGSEGV), CWE-134 vulnerability in fmt::print() library function that can … CWE-134
Use of Externally-Controlled Format String 		CVE-2018-1000052 2024-11-21 12:39 2018-02-10 Show GitHub Exploit DB Packet Storm
252470 7.8 HIGH
Local 		artifex
debian 		mupdf
debian_linux 		Artifex Mupdf version 1.12.0 contains a Use After Free vulnerability in fz_keep_key_storable that can result in DOS / Possible code execution. This attack appear to be exploitable via Victim opens a … CWE-416
 Use After Free 		CVE-2018-1000051 2024-11-21 12:39 2018-02-10 Show GitHub Exploit DB Packet Storm