Vulnerability Search Top
Show Search Menu
|
You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database). |
JVN Vulnerability Information
Update Date":June 7, 2026, 6 p.m.
| No | CVSS | Level Attach Vector |
Vendor Name | Project Name | Title | CWE | CVE | Update Date | Publication Date | Impact Show |
Exploit PoC Search |
|---|---|---|---|---|---|---|---|---|---|---|---|
| 251041 | 4.3 | 警告 | SolarWinds | - | SolarWinds Orion NPM におけるクロスサイトスクリプティングの脆弱性 |
CWE-79
クロスサイト・スクリプティング(XSS) |
CVE-2010-4828 | 2012-03-27 18:42 | 2011-08-24 | Show | GitHub Exploit DB Packet Storm |
| 251042 | 4.3 | 警告 | Snitz | - | Snitz Forums の members.asp におけるクロスサイトスクリプティングの脆弱性 |
CWE-79
クロスサイト・スクリプティング(XSS) |
CVE-2010-4827 | 2012-03-27 18:42 | 2011-08-24 | Show | GitHub Exploit DB Packet Storm |
| 251043 | 7.5 | 危険 | Snitz | - | Snitz Forums の members.asp における SQL インジェクションの脆弱性 |
CWE-89
SQLインジェクション |
CVE-2010-4826 | 2012-03-27 18:42 | 2011-08-24 | Show | GitHub Exploit DB Packet Storm |
| 251044 | 4.3 | 警告 | WordPress.org pleer |
- | WordPress 用の Twitter Feed プラグイン の magpie_debug.php におけるクロスサイトスクリプティングの脆弱性 |
CWE-79
クロスサイト・スクリプティング(XSS) |
CVE-2010-4825 | 2012-03-27 18:42 | 2011-08-24 | Show | GitHub Exploit DB Packet Storm |
| 251045 | 7.5 | 危険 | bestsoftinc | - | BSI Advance Hotel Booking System における SQL インジェクションの脆弱性 |
CWE-89
SQLインジェクション |
CVE-2010-4814 | 2012-03-27 18:42 | 2011-07-8 | Show | GitHub Exploit DB Packet Storm |
| 251046 | 3.5 | 注意 | Drupal scheepers de bruin |
- | Drupal 用の Category Tokens モジュールにおけるクロスサイトスクリプティングの脆弱性 |
CWE-79
クロスサイト・スクリプティング(XSS) |
CVE-2010-4813 | 2012-03-27 18:42 | 2011-07-8 | Show | GitHub Exploit DB Packet Storm |
| 251047 | 6.5 | 警告 | 6kbbs | - | 6kbbs における SQL インジェクションの脆弱性 |
CWE-89
SQLインジェクション |
CVE-2010-4812 | 2012-03-27 18:42 | 2011-07-8 | Show | GitHub Exploit DB Packet Storm |
| 251048 | 4.3 | 警告 | 6kbbs | - | 6kbbs の ajaxmember.php におけるクロスサイトスクリプティングの脆弱性 |
CWE-79
クロスサイト・スクリプティング(XSS) |
CVE-2010-4811 | 2012-03-27 18:42 | 2011-07-8 | Show | GitHub Exploit DB Packet Storm |
| 251049 | 7.5 | 危険 | awcm | - | AWCM における任意の PHP コードを実行される脆弱性 |
CWE-94
コード・インジェクション |
CVE-2010-4810 | 2012-03-27 18:42 | 2011-07-8 | Show | GitHub Exploit DB Packet Storm |
| 251050 | 7.5 | 危険 | liberologico | - | DBSite の index.php における SQL インジェクションの脆弱性 |
CWE-89
SQLインジェクション |
CVE-2010-4809 | 2012-03-27 18:42 | 2011-07-8 | Show | GitHub Exploit DB Packet Storm |
NVD Vulnerability Information
Update Date:June 7, 2026, 4:13 a.m.
| No | CVSS | Level Attach Vector |
Vendor Name | Project Name | Title | CWE | CVE | Update Date | Publication Date | Show Affected | Exploit PoC Search |
|---|---|---|---|---|---|---|---|---|---|---|---|
| 248141 | 8.2 |
HIGH
Local |
qemu canonical redhat debian |
qemu ubuntu_linux enterprise_linux_desktop enterprise_linux_workstation enterprise_linux_server enterprise_linux_eus openstack enterprise_linux_server_tus enterprise_linux_ser… |
m_cat in slirp/mbuf.c in Qemu has a heap-based buffer overflow via incoming fragmented datagrams. |
CWE-787
Out-of-bounds Write |
CVE-2018-11806 | 2024-11-21 12:44 | 2018-06-14 | Show | GitHub Exploit DB Packet Storm |
| 248142 | 9.8 |
CRITICAL
Network |
palemoon | pale_moon | A use-after-free vulnerability exists in DOMProxyHandler::EnsureExpandoObject in Pale Moon before 27.9.3. |
CWE-416
Use After Free |
CVE-2018-12292 | 2024-11-21 12:44 | 2018-06-13 | Show | GitHub Exploit DB Packet Storm |
| 248143 | 7.5 |
HIGH
Network |
matrix | synapse | The on_get_missing_events function in handlers/federation.py in Matrix Synapse before 0.31.1 has a security bug in the get_missing_events federation API where event visibility rules were not applied … |
NVD-CWE-noinfo
|
CVE-2018-12291 | 2024-11-21 12:44 | 2018-06-13 | Show | GitHub Exploit DB Packet Storm |
| 248144 | 6.1 |
MEDIUM
Network |
yii2-statemachine | yii2-statemachine | The Yii2-StateMachine extension v2.x.x for Yii2 has XSS. |
CWE-79
Cross-site Scripting |
CVE-2018-12290 | 2024-11-21 12:44 | 2018-06-13 | Show | GitHub Exploit DB Packet Storm |
| 248145 | 6.1 |
MEDIUM
Network |
ximdex | ximdex | The /edit URI in the DMS component in Ximdex 4.0 has XSS via the Ciudad or Nombre parameter. |
CWE-79
Cross-site Scripting |
CVE-2018-12273 | 2024-11-21 12:44 | 2018-06-13 | Show | GitHub Exploit DB Packet Storm |
| 248146 | 6.1 |
MEDIUM
Network |
ximdex | ximdex | xowl/request.php in Ximdex 4.0 has XSS via the content parameter. |
CWE-79
Cross-site Scripting |
CVE-2018-12272 | 2024-11-21 12:44 | 2018-06-13 | Show | GitHub Exploit DB Packet Storm |
| 248147 | 9.8 |
CRITICAL
Network |
acccheck_project | acccheck.pl | acccheck.pl in acccheck 0.2.1 allows Command Injection via shell metacharacters in a username or password file, as demonstrated by injection into an smbclient command line. |
CWE-78
OS Command |
CVE-2018-12268 | 2024-11-21 12:44 | 2018-06-13 | Show | GitHub Exploit DB Packet Storm |
| 248148 | 6.1 |
MEDIUM
Network |
hongcms_project | hongcms | system\errors\404.php in HongCMS 3.0.0 has XSS via crafted input that triggers a 404 HTTP status code. |
CWE-79
Cross-site Scripting |
CVE-2018-12266 | 2024-11-21 12:44 | 2018-06-13 | Show | GitHub Exploit DB Packet Storm |
| 248149 | 8.8 |
HIGH
Network |
exiv2 debian canonical |
exiv2 debian_linux ubuntu_linux |
Exiv2 0.26 has an integer overflow in the LoaderExifJpeg class in preview.cpp, leading to an out-of-bounds read in Exiv2::MemIo::read in basicio.cpp. |
CWE-125 CWE-190 Out-of-bounds Read Integer Overflow or Wraparound |
CVE-2018-12265 | 2024-11-21 12:44 | 2018-06-13 | Show | GitHub Exploit DB Packet Storm |
| 248150 | 8.8 |
HIGH
Network |
exiv2 debian canonical |
exiv2 debian_linux ubuntu_linux |
Exiv2 0.26 has integer overflows in LoaderTiff::getData() in preview.cpp, leading to an out-of-bounds read in Exiv2::ValueType::setDataArea in value.hpp. |
CWE-125 CWE-190 Out-of-bounds Read Integer Overflow or Wraparound |
CVE-2018-12264 | 2024-11-21 12:44 | 2018-06-13 | Show | GitHub Exploit DB Packet Storm |