Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":June 30, 2026, 6 p.m.

No CVSS Level
Attach Vector
Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show
Exploit
PoC
Search
245961 6.8 警告 Tecnick.com - TCExam における SQL インジェクションの脆弱性 CWE-89
SQLインジェクション
CVE-2012-4237 2012-08-22 16:43 2012-08-6 Show GitHub Exploit DB Packet Storm
245962 4.3 警告 Jease - Jease におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS)
CVE-2012-4052 2012-08-22 16:42 2012-08-20 Show GitHub Exploit DB Packet Storm
245963 4.3 警告 Total Shop UK - Total Shop UK eCommerce Open Source におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS)
CVE-2012-4236 2012-08-22 16:40 2012-08-20 Show GitHub Exploit DB Packet Storm
245964 4.9 警告 OpenStack - OpenStack Compute (Nova) の virt/disk/api.py における任意のファイルを上書される脆弱性 CWE-264
認可・権限・アクセス制御
CVE-2012-3447 2012-08-22 16:34 2012-07-31 Show GitHub Exploit DB Packet Storm
245965 5 警告 Debian - devotee における秘密のあだ名を取得される脆弱性 CWE-200
情報漏えい
CVE-2012-2387 2012-08-22 16:24 2012-08-20 Show GitHub Exploit DB Packet Storm
245966 5 警告 GNOME Project - libsoup における認証を回避される脆弱性 CWE-287
不適切な認証
CVE-2012-2132 2012-08-22 16:20 2011-12-15 Show GitHub Exploit DB Packet Storm
245967 6.8 警告 Libav - Libav の libavcodec におけるヒープベースのバッファオーバーフローの脆弱性 CWE-119
バッファエラー
CVE-2012-0947 2012-08-22 16:19 2012-05-4 Show GitHub Exploit DB Packet Storm
245968 4.3 警告 FFmpeg
Libav
- FFmpeg および Libav の libavcodec におけるサービス運用妨害 (メモリ破損) の脆弱性 CWE-119
バッファエラー
CVE-2011-4579 2012-08-22 15:26 2011-12-25 Show GitHub Exploit DB Packet Storm
245969 6.8 警告 FFmpeg
Libav
- FFmpeg および Libav の libavcodec におけるバッファオーバーフローの脆弱性 CWE-119
バッファエラー
CVE-2011-4364 2012-08-22 15:25 2011-12-25 Show GitHub Exploit DB Packet Storm
245970 4.3 警告 FFmpeg
Libav
- FFmpeg および Libav におけるサービス運用妨害 (out-of-bounds read) の脆弱性 CWE-119
バッファエラー
CVE-2011-4353 2012-08-22 15:24 2011-12-25 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:July 1, 2026, 4:27 a.m.

No CVSS Level
Attach Vector
Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
252941 7.5 HIGH
Network
nodejs
suse
node.js
suse_linux_enterprise_server
suse_enterprise_storage
suse_openstack_cloud
Node.js: All versions prior to Node.js 6.15.0, 8.14.0, 10.14.0 and 11.3.0: Slowloris HTTP Denial of Service: An attacker can cause a Denial of Service (DoS) by sending headers very slowly keeping HTT… CWE-400
 Uncontrolled Resource Consumption
CVE-2018-12122 2024-11-21 12:44 2018-11-29 Show GitHub Exploit DB Packet Storm
252942 7.5 HIGH
Network
nodejs
redhat
node.js
enterprise_linux_desktop
enterprise_linux_workstation
enterprise_linux_server
enterprise_linux_eus
enterprise_linux_server_tus
enterprise_linux_server_aus
enterprise_linux
Node.js: All versions prior to Node.js 6.15.0, 8.14.0, 10.14.0 and 11.3.0: Denial of Service with large HTTP headers: By using a combination of many requests with maximum sized headers (almost 80 KB … CWE-400
 Uncontrolled Resource Consumption
CVE-2018-12121 2024-11-21 12:44 2018-11-29 Show GitHub Exploit DB Packet Storm
252943 8.1 HIGH
Network
nodejs node.js Node.js: All versions prior to Node.js 6.15.0: Debugger port 5858 listens on any interface by default: When the debugger is enabled with `node --debug` or `node debug`, it listens to port 5858 on all… CWE-829
 Inclusion of Functionality from Untrusted Control Sphere
CVE-2018-12120 2024-11-21 12:44 2018-11-29 Show GitHub Exploit DB Packet Storm
252944 7.5 HIGH
Network
nodejs
suse
node.js
suse_linux_enterprise_server
suse_enterprise_storage
suse_openstack_cloud
Node.js: All versions prior to Node.js 6.15.0 and 8.14.0: HTTP request splitting: If Node.js can be convinced to use unsanitized user-provided Unicode data for the `path` option of an HTTP request, t… NVD-CWE-Other
CVE-2018-12116 2024-11-21 12:44 2018-11-29 Show GitHub Exploit DB Packet Storm
252945 7.8 HIGH
Local
qualcomm mdm9206_firmware
mdm9607_firmware
mdm9650_firmware
mdm9655_firmware
msm8909w_firmware
msm8996au_firmware
sd_210_firmware
sd_212_firmware
sd_205_firmware
sd_600_firmware
When a malformed command is sent to the device programmer, an out-of-bounds access can occur in Snapdragon Automobile, Snapdragon Mobile and Snapdragon Wear in versions MDM9206, MDM9607, MDM9650, MDM… CWE-129
 Improper Validation of Array Index
CVE-2018-11996 2024-11-21 12:44 2018-11-29 Show GitHub Exploit DB Packet Storm
252946 7.8 HIGH
Local
qualcomm mdm9206_firmware
mdm9607_firmware
mdm9650_firmware
msm8996au_firmware
sd_210_firmware
sd_212_firmware
sd_205_firmware
sd_425_firmware
sd_430_firmware
sd_450_firmware
sd_…
SMMU secure camera logic allows secure camera controllers to access HLOS memory during session in Snapdragon Automobile, Snapdragon Mobile and Snapdragon Wear in versions MDM9206, MDM9607, MDM9650, M… NVD-CWE-noinfo
CVE-2018-11994 2024-11-21 12:44 2018-11-29 Show GitHub Exploit DB Packet Storm
252947 7.8 HIGH
Local
qualcomm mdm9206_firmware
mdm9607_firmware
mdm9650_firmware
msm8996au_firmware
sd_210_firmware
sd_212_firmware
sd_205_firmware
sd_410_firmware
sd_412_firmware
sd_425_firmware
sd_…
Failure condition is not handled properly and the correct error code is not returned. It could cause unintended SUI behavior and create unintended SUI display in Snapdragon Automobile, Snapdragon Mob… CWE-755
 Improper Handling of Exceptional Conditions
CVE-2018-11921 2024-11-21 12:44 2018-11-29 Show GitHub Exploit DB Packet Storm
252948 6.1 MEDIUM
Network
symantec security_analytics The Symantec Security Analytics (SA) 7.x prior to 7.3.4 Web UI is susceptible to a reflected cross-site scripting (XSS) vulnerability. A remote attacker with knowledge of the SA web UI hostname or IP… CWE-79
Cross-site Scripting
CVE-2018-12241 2024-11-21 12:44 2018-11-28 Show GitHub Exploit DB Packet Storm
252949 7.8 HIGH
Local
google android In all android releases(Android for MSM, Firefox OS for MSM, QRD Android) from CAF using the linux kernel, a partition name-check variable is not reset for every iteration which may cause improper te… CWE-119
Incorrect Access of Indexable Resource ('Range Error') 
CVE-2018-11995 2024-11-21 12:44 2018-11-28 Show GitHub Exploit DB Packet Storm
252950 7.8 HIGH
Local
google android In all android releases(Android for MSM, Firefox OS for MSM, QRD Android) from CAF using the linux kernel, improper mounting lead to device node and executable to be run from /dsp/ which presents a p… NVD-CWE-noinfo
CVE-2018-11956 2024-11-21 12:44 2018-11-28 Show GitHub Exploit DB Packet Storm