Vulnerability Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":June 5, 2026, 6 p.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
251101	4	警告	OpenBSD アップル FreeBSD NetBSD	-	FreeBSD などで使用される libc の glob 実装におけるサービス運用妨害 (DoS) の脆弱性	CWE-399 リソース管理の問題	CVE-2010-4754	2012-03-27 18:42	2011-03-2	Show	GitHub Exploit DB Packet Storm

251102	4.3	警告	blogcms	-	BLOG:CMS におけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2010-4749	2012-03-27 18:42	2011-03-1	Show	GitHub Exploit DB Packet Storm

251103	4.3	警告	PmWiki	-	PmWiki の pmwiki.php におけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2010-4748	2012-03-27 18:42	2011-03-1	Show	GitHub Exploit DB Packet Storm

251104	4.3	警告	ahmattox WordPress.org	-	WordPress の wordpress-processing-embed/data/popup.php におけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2010-4747	2012-03-27 18:42	2011-03-1	Show	GitHub Exploit DB Packet Storm

251105	5	警告	Fedora Project	-	389 Directory Server の正規化機能におけるサービス運用妨害 (DoS) の脆弱性	CWE-399 リソース管理の問題	CVE-2010-4746	2012-03-27 18:42	2011-02-23	Show	GitHub Exploit DB Packet Storm

251106	4.3	警告	gareth watts	-	PHPXref の nav.html におけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2010-4745	2012-03-27 18:42	2011-02-21	Show	GitHub Exploit DB Packet Storm

251107	10	危険	moinejf	-	abcm2ps における詳細不明な脆弱性	CWE-noinfo 情報不足	CVE-2010-4744	2012-03-27 18:42	2011-02-18	Show	GitHub Exploit DB Packet Storm

251108	6.8	警告	moinejf	-	abcm2ps の getarena 関数におけるヒープベースのバッファオーバーフローの脆弱性	CWE-119 バッファエラー	CVE-2010-4743	2012-03-27 18:42	2011-02-18	Show	GitHub Exploit DB Packet Storm

251109	10	危険	Moxa Inc.	-	Moxa ActiveX SDK の特定の ActiveX コントロールにおけるスタックベースのバッファオーバーフローの脆弱性	CWE-119 バッファエラー	CVE-2010-4742	2012-03-27 18:42	2011-02-18	Show	GitHub Exploit DB Packet Storm

251110	7.5	危険	aretimes Joomla!	-	Joomla! の Maian Media Silver (com_maianmedia) コンポーネントにおける SQL インジェクションの脆弱性	CWE-89 SQLインジェクション	CVE-2010-4739	2012-03-27 18:42	2011-02-15	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:June 6, 2026, 4:18 a.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
247551	8.8	HIGH Network	beescms	beescms	In BEESCMS 4.0, CSRF allows administrators to be added arbitrarily, a related issue to CVE-2018-10266.	CWE-352 Origin Validation Error	CVE-2018-12739	2024-11-21 12:45	2018-07-6	Show	GitHub Exploit DB Packet Storm

247552	9.8	CRITICAL Network	microsoft	forefront_unified_access_gateway	uniquesig0/InternalSite/InitParams.aspx in Microsoft Forefront Unified Access Gateway 2010 allows remote attackers to trigger outbound DNS queries for arbitrary hosts via a comma-separated list of UR…	CWE-918 Server-Side Request Forgery (SSRF)	CVE-2018-12571	2024-11-21 12:45	2018-07-6	Show	GitHub Exploit DB Packet Storm

247553	8.1	HIGH Network	ntop	ntopng	An issue was discovered in ntopng 3.4 before 3.4.180617. The PRNG involved in the generation of session IDs is not seeded at program startup. This results in deterministic session IDs being allocated…	CWE-335 Incorrect Usage of Seeds in Pseudo-Random Number Generator (PRNG)	CVE-2018-12520	2024-11-21 12:45	2018-07-6	Show	GitHub Exploit DB Packet Storm

247554	6.8	MEDIUM Network	onosproject	onos	Time-of-check to time-of-use (TOCTOU) race condition in org.onosproject.acl (aka the access control application) in ONOS v1.13 and earlier allows attackers to bypass network access control via data p…	CWE-362 Race Condition	CVE-2018-12691	2024-11-21 12:45	2018-07-6	Show	GitHub Exploit DB Packet Storm

247555	9.8	CRITICAL Network	3cx	live_chat	The WP Live Chat Support Pro plugin before 8.0.07 for WordPress is vulnerable to unauthenticated Remote Code Execution due to client-side validation of allowed file types, as demonstrated by a v1/rem…	CWE-434 Unrestricted Upload of File with Dangerous Type	CVE-2018-12426	2024-11-21 12:45	2018-07-3	Show	GitHub Exploit DB Packet Storm

247556	8.8	HIGH Network	tp-link	tl-wr841n_firmware	The Ping and Traceroute features on TP-Link TL-WR841N v13 00000001 0.9.1 4.16 v0001.0 Build 180119 Rel.65243n devices allow authenticated blind Command Injection.	CWE-78 OS Command	CVE-2018-12577	2024-11-21 12:45	2018-07-3	Show	GitHub Exploit DB Packet Storm

247557	4.3	MEDIUM Network	tp-link	tl-wr841n_firmware	TP-Link TL-WR841N v13 00000001 0.9.1 4.16 v0001.0 Build 180119 Rel.65243n devices allow clickjacking.	CWE-1021 Improper Restriction of Rendered UI Layers or Frames	CVE-2018-12576	2024-11-21 12:45	2018-07-3	Show	GitHub Exploit DB Packet Storm

247558	9.8	CRITICAL Network	tp-link	tl-wr841n_firmware	On TP-Link TL-WR841N v13 00000001 0.9.1 4.16 v0001.0 Build 171019 Rel.55346n devices, all actions in the web interface are affected by bypass of authentication via an HTTP request.	CWE-287 Improper Authentication	CVE-2018-12575	2024-11-21 12:45	2018-07-3	Show	GitHub Exploit DB Packet Storm

247559	8.8	HIGH Network	tp-link	tl-wr841n_firmware	CSRF exists for all actions in the web interface on TP-Link TL-WR841N v13 00000001 0.9.1 4.16 v0001.0 Build 180119 Rel.65243n devices.	CWE-352 Origin Validation Error	CVE-2018-12574	2024-11-21 12:45	2018-07-3	Show	GitHub Exploit DB Packet Storm

247560	8.8	HIGH Network	intex	n150_firmware	An issue was discovered on Intex N150 devices. The router firmware suffers from multiple CSRF injection point vulnerabilities including changing user passwords and router settings.	CWE-352 Origin Validation Error	CVE-2018-12529	2024-11-21 12:45	2018-07-3	Show	GitHub Exploit DB Packet Storm

Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed