Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":July 1, 2026, 10 a.m.

No CVSS Level
Attach Vector
Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show
Exploit
PoC
Search
251011 9.3 危険 Authentium - Authentium Command Antivirus の odapi.dll の特定の ActiveX コントロールにおけるバッファオーバーフローの脆弱性 - CVE-2007-2917 2012-06-26 15:46 2007-05-31 Show GitHub Exploit DB Packet Storm
251012 4.3 警告 gmtt - GMTT Music Distro の showown.php におけるクロスサイトスクリプティングの脆弱性 - CVE-2007-2916 2012-06-26 15:46 2007-05-30 Show GitHub Exploit DB Packet Storm
251013 4.3 警告 clonuswiki - ClonusWiki の index.php におけるクロスサイトスクリプティングの脆弱性 - CVE-2007-2913 2012-06-26 15:46 2007-05-30 Show GitHub Exploit DB Packet Storm
251014 7.5 危険 2z project - 2z project の includes/rating.php における SQL インジェクションの脆弱性 - CVE-2007-2905 2012-06-26 15:46 2007-05-30 Show GitHub Exploit DB Packet Storm
251015 7.5 危険 Dokeos - Dokeos の main/auth/my_progress.php における SQL インジェクションの脆弱性 - CVE-2007-2902 2012-06-26 15:46 2007-05-30 Show GitHub Exploit DB Packet Storm
251016 4.3 警告 Dokeos - Dokeos におけるクロスサイトスクリプティングの脆弱性 - CVE-2007-2901 2012-06-26 15:46 2007-05-30 Show GitHub Exploit DB Packet Storm
251017 7.5 危険 2z project - 2z project の includes/rating.php における SQL インジェクションの脆弱性 CWE-89
SQLインジェクション
CVE-2007-2898 2012-06-26 15:46 2007-05-30 Show GitHub Exploit DB Packet Storm
251018 2.1 注意 bochs - Bochs のフロッピーディスクコントローラーのエミュレータにおけるサービス運用妨害 (DoS) の脆弱性 - CVE-2007-2894 2012-06-26 15:46 2007-05-29 Show GitHub Exploit DB Packet Storm
251019 7.2 危険 bochs - Bochs NE2000 エミュレータデバイスの bx_ne2k_c::rx_frame 関数におけるヒープベースのバッファオーバーフローの脆弱性 CWE-119
バッファエラー
CVE-2007-2893 2012-06-26 15:46 2007-05-29 Show GitHub Exploit DB Packet Storm
251020 4.3 警告 asp-nuke - ASP-Nuke の news.asp におけるクロスサイトスクリプティングの脆弱性 - CVE-2007-2892 2012-06-26 15:46 2007-05-29 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:July 1, 2026, 4:27 a.m.

No CVSS Level
Attach Vector
Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
248721 7.8 HIGH
Local
advantech webaccess WebAccess Versions 8.3.2 and prior. The application fails to properly validate the length of user-supplied data, causing a buffer overflow condition that allows for arbitrary remote code execution. CWE-119
Incorrect Access of Indexable Resource ('Range Error') 
CVE-2018-17910 2024-11-21 12:55 2018-10-30 Show GitHub Exploit DB Packet Storm
248722 7.8 HIGH
Local
advantech webaccess WebAccess Versions 8.3.2 and prior. During installation, the application installer disables user access control and does not re-enable it after the installation is complete. This could allow an attac… CWE-284
Improper Access Control
CVE-2018-17908 2024-11-21 12:55 2018-10-30 Show GitHub Exploit DB Packet Storm
248723 6.1 MEDIUM
Network
geovap reliance_4 Reliance 4 SCADA/HMI, Version 4.7.3 Update 3 and prior. This vulnerability could allow an unauthorized attacker to inject arbitrary code. CWE-79
Cross-site Scripting
CVE-2018-17904 2024-11-21 12:55 2018-10-26 Show GitHub Exploit DB Packet Storm
248724 6.9 MEDIUM
Physics
sagaradio saga1-l8b_firmware SAGA1-L8B with any firmware versions prior to A0.10 are vulnerable to an attack that an attacker with physical access to the product may able to reprogram it. CWE-287
Improper Authentication
CVE-2018-17923 2024-11-21 12:55 2018-10-25 Show GitHub Exploit DB Packet Storm
248725 8.8 HIGH
Adjacent
sagaradio saga1-l8b_firmware SAGA1-L8B with any firmware versions prior to A0.10 are vulnerable to an attack that may allow an attacker to force-pair the device without human interaction. NVD-CWE-Other
CVE-2018-17921 2024-11-21 12:55 2018-10-25 Show GitHub Exploit DB Packet Storm
248726 9.1 CRITICAL
Network
sagaradio saga1-l8b_firmware SAGA1-L8B with any firmware versions prior to A0.10 are vulnerable to a replay attack and command forgery. CWE-294
Authentication Bypass by Capture-replay 
CVE-2018-17903 2024-11-21 12:55 2018-10-25 Show GitHub Exploit DB Packet Storm
248727 7.8 HIGH
Local
citrix xenmobile_server * Lack of authentication in Citrix Xen Mobile through 10.8 allows low-privileged local users to execute system commands as root by making requests to private services listening on ports 8000, 30000 a… CWE-287
Improper Authentication
CVE-2018-18014 2024-11-21 12:55 2018-10-25 Show GitHub Exploit DB Packet Storm
248728 7.8 HIGH
Local
citrix xenmobile_server * Xen Mobile through 10.8.0 includes a service listening on port 5001 within its firewall that accepts unauthenticated input. If this service is supplied with raw serialised Java objects, it deserial… CWE-502
 Deserialization of Untrusted Data
CVE-2018-18013 2024-11-21 12:55 2018-10-25 Show GitHub Exploit DB Packet Storm
248729 8.1 HIGH
Adjacent
telecrane f25-2s_firmware
f25-2d_firmware
f25-4s_firmware
f25-4d_firmware
f25-6s_firmware
f25-6d_firmware
f25-8s_firmware
f25-8d_firmware
f25-10s_firmware
f25-10d_firmware
f25-60_…
All versions of Telecrane F25 Series Radio Controls before 00.0A use fixed codes that are reproducible by sniffing and re-transmission. This can lead to unauthorized replay of a command, spoofing of … CWE-294
Authentication Bypass by Capture-replay 
CVE-2018-17935 2024-11-21 12:55 2018-10-24 Show GitHub Exploit DB Packet Storm
248730 9.8 CRITICAL
Network
zohocorp manageengine_opmanager Zoho ManageEngine OpManager before 12.3 build 123214 allows Unrestricted Arbitrary File Upload. CWE-434
 Unrestricted Upload of File with Dangerous Type 
CVE-2018-18475 2024-11-21 12:55 2018-10-24 Show GitHub Exploit DB Packet Storm