Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":June 15, 2026, 2 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
251001 5 警告 mark pilgrim - Universal Feed Parser におけるサービス運用妨害 (メモリ消費) の脆弱性 CWE-399
リソース管理の問題 		CVE-2012-2921 2012-05-23 18:50 2012-05-2 Show GitHub Exploit DB Packet Storm
251002 4.3 警告 Weston Ruter - WordPress 用 User Photo プラグインにおけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2012-2920 2012-05-23 18:48 2012-05-21 Show GitHub Exploit DB Packet Storm
251003 4.3 警告 Andrew Killen - WordPress 用 Share and Follow プラグインにおけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2012-2917 2012-05-23 18:47 2012-05-21 Show GitHub Exploit DB Packet Storm
251004 4.3 警告 dlo - WordPress 用 Sabre プラグインにおけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2012-2916 2012-05-23 18:46 2012-05-21 Show GitHub Exploit DB Packet Storm
251005 4.3 警告 Hind - WordPress 用 Leaflet プラグインにおけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2012-2913 2012-05-23 18:41 2012-05-21 Show GitHub Exploit DB Packet Storm
251006 4.3 警告 Kolja Schleich - WordPress 用 LeagueManager プラグインにおけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2012-2912 2012-05-23 18:25 2012-05-21 Show GitHub Exploit DB Packet Storm
251007 5 警告 Chevereto Software - Chevereto の Upload/engine.php におけるディレクトリトラバーサルの脆弱性 CWE-22
パス・トラバーサル 		CVE-2012-2919 2012-05-23 18:19 2012-05-21 Show GitHub Exploit DB Packet Storm
251008 4.3 警告 Chevereto Software - Chevereto の Upload/engine.php におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2012-2918 2012-05-23 18:18 2012-05-21 Show GitHub Exploit DB Packet Storm
251009 7.5 危険 Johan Cwiklinski - Galette の includes/picture.class.php における SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2012-2338 2012-05-23 18:16 2012-05-21 Show GitHub Exploit DB Packet Storm
251010 10 危険 DMSoft Technologies - SkinCrafter の InitLicenKeys 関数におけるバッファオーバーフローの脆弱性 CWE-119
バッファエラー 		CVE-2012-2271 2012-05-23 18:15 2012-05-21 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:June 15, 2026, 4:10 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
247141 7.0 HIGH
Local 		canonical
systemd_project 		ubuntu_linux
systemd 		A race condition in chown_one() of systemd allows an attacker to cause systemd to set arbitrary permissions on arbitrary files. Affected releases are systemd versions up to and including 239. CWE-362
Race Condition 		CVE-2018-15687 2024-11-21 12:51 2018-10-26 Show GitHub Exploit DB Packet Storm
247142 7.8 HIGH
Local 		debian
canonical
systemd_project
oracle 		debian_linux
ubuntu_linux
systemd
communications_cloud_native_core_network_function_cloud_native_environment 		A vulnerability in unit_deserialize of systemd allows an attacker to supply arbitrary state across systemd re-execution via NotifyAccess. This can be used to improperly influence systemd execution an… CWE-502
 Deserialization of Untrusted Data 		CVE-2018-15686 2024-11-21 12:51 2018-10-26 Show GitHub Exploit DB Packet Storm
247143 9.8 CRITICAL
Network 		saltstack salt SaltStack Salt before 2017.7.8 and 2018.3.x before 2018.3.3 allow remote attackers to bypass authentication and execute arbitrary commands via salt-api(netapi). CWE-287
Improper Authentication 		CVE-2018-15751 2024-11-21 12:51 2018-10-25 Show GitHub Exploit DB Packet Storm
247144 5.3 MEDIUM
Network 		saltstack salt Directory Traversal vulnerability in salt-api in SaltStack Salt before 2017.7.8 and 2018.3.x before 2018.3.3 allows remote attackers to determine which files exist on the server. CWE-22
Path Traversal 		CVE-2018-15750 2024-11-21 12:51 2018-10-25 Show GitHub Exploit DB Packet Storm
247145 8.8 HIGH
Network 		advantech webaccess Advantech WebAccess 8.3.2 and below is vulnerable to a stack buffer overflow vulnerability. A remote authenticated attacker could potentially exploit this vulnerability by sending a crafted HTTP requ… CWE-787
 Out-of-bounds Write 		CVE-2018-15704 2024-11-21 12:51 2018-10-23 Show GitHub Exploit DB Packet Storm
247146 6.1 MEDIUM
Network 		advantech webaccess Advantech WebAccess 8.3.2 and below is vulnerable to multiple reflected cross site scripting vulnerabilities. A remote unauthenticated attacker could potentially exploit this vulnerability by trickin… CWE-79
Cross-site Scripting 		CVE-2018-15703 2024-11-21 12:51 2018-10-23 Show GitHub Exploit DB Packet Storm
247147 5.5 MEDIUM
Local 		dell emc_secure_remote_services Dell EMC Secure Remote Services, versions prior to 3.32.00.08, contains an Information Exposure vulnerability. The log file contents store sensitive data including executed commands to generate authe… CWE-200
Information Exposure 		CVE-2018-15765 2024-11-21 12:51 2018-10-19 Show GitHub Exploit DB Packet Storm
247148 8.1 HIGH
Network 		pivotal_software spring_security_oauth Spring Security OAuth, versions 2.3 prior to 2.3.4, and 2.2 prior to 2.2.3, and 2.1 prior to 2.1.3, and 2.0 prior to 2.0.16, and older unsupported versions could be susceptible to a privilege escalat… NVD-CWE-noinfo
CVE-2018-15758 2024-11-21 12:51 2018-10-19 Show GitHub Exploit DB Packet Storm
247149 7.5 HIGH
Network 		vmware
oracle
debian 		spring_framework
flexcube_private_banking
insurance_policy_administration_j2ee
retail_xstore_point_of_service
weblogic_server
retail_invoice_matching
primavera_gateway
insurance_… 		Spring Framework, version 5.1, versions 5.0.x prior to 5.0.10, versions 4.3.x prior to 4.3.20, and older unsupported versions on the 4.2.x branch provide support for range requests when serving stati… NVD-CWE-noinfo
CVE-2018-15756 2024-11-21 12:51 2018-10-19 Show GitHub Exploit DB Packet Storm
247150 7.8 HIGH
Local 		adobe technical_communications_suite Adobe Technical Communications Suite versions 1.0.5.1 and below have an insecure library loading (dll hijacking) vulnerability. Successful exploitation could lead to privilege escalation. CWE-427
 Uncontrolled Search Path Element 		CVE-2018-15976 2024-11-21 12:51 2018-10-18 Show GitHub Exploit DB Packet Storm