Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":June 6, 2026, 6 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
251301 9.3 危険 Nullsoft - Winamp の in_midi プラグインにおける整数オーバーフローの脆弱性 CWE-189
数値処理の問題 		CVE-2010-4370 2012-03-27 18:42 2010-11-27 Show GitHub Exploit DB Packet Storm
251302 6.4 警告 Laurent Destailleur - AWStats におけるディレクトリトラバーサルの脆弱性 CWE-22
パス・トラバーサル 		CVE-2010-4369 2012-03-27 18:42 2010-12-2 Show GitHub Exploit DB Packet Storm
251303 7.5 危険 Laurent Destailleur - AWStats における任意のコマンドを実行される脆弱性 CWE-94
コード・インジェクション 		CVE-2010-4368 2012-03-27 18:42 2010-12-2 Show GitHub Exploit DB Packet Storm
251304 6 警告 Bharat Mediratta - Menalto Gallery の modules/gallery/models/item.php における任意コードを実行される脆弱性 CWE-Other
その他 		CVE-2010-4353 2012-03-27 18:42 2011-01-24 Show GitHub Exploit DB Packet Storm
251305 4.3 警告 Apache Software Foundation - libcloud における証明書偽造の脆弱性 CWE-264
認可・権限・アクセス制御 		CVE-2010-4340 2012-03-27 18:42 2011-09-12 Show GitHub Exploit DB Packet Storm
251306 4.3 警告 hypermail-project - Hypermail におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2010-4339 2012-03-27 18:42 2011-01-14 Show GitHub Exploit DB Packet Storm
251307 6.2 警告 jwilk - ocrodjvu における任意のファイルを変更される脆弱性 CWE-59
リンク解釈の問題 		CVE-2010-4338 2012-03-27 18:42 2011-01-20 Show GitHub Exploit DB Packet Storm
251308 3.3 注意 GNU Project - gnash の configure スクリプトにおける任意のファイルを上書きされる脆弱性 CWE-59
リンク解釈の問題 		CVE-2010-4337 2012-03-27 18:42 2011-01-14 Show GitHub Exploit DB Packet Storm
251309 7.5 危険 Cake Software Foundation - CakePHP の _validatePost 関数における内部 Cake キャッシュを変更される脆弱性 CWE-20
不適切な入力確認 		CVE-2010-4335 2012-03-27 18:42 2011-01-14 Show GitHub Exploit DB Packet Storm
251310 4 警告 io-socket-ssl - IO::Socket::SSL モジュールにおける証明書の制限を回避される脆弱性 CWE-310
暗号の問題 		CVE-2010-4334 2012-03-27 18:42 2011-01-13 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:June 6, 2026, 4:18 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
248641 7.5 HIGH
Network 		ttembed_project ttembed Certain input files may trigger an integer overflow in ttembed input file processing. This overflow could potentially lead to corruption of the input file due to a lack of checking return codes of fg… CWE-190
 Integer Overflow or Wraparound 		CVE-2018-10921 2024-11-21 12:42 2018-08-3 Show GitHub Exploit DB Packet Storm
248642 6.8 MEDIUM
Network 		nic knot_resolver Improper input validation bug in DNS resolver component of Knot Resolver before 2.4.1 allows remote attacker to poison cache. CWE-20
 Improper Input Validation  		CVE-2018-10920 2024-11-21 12:42 2018-08-2 Show GitHub Exploit DB Packet Storm
248643 7.1 HIGH
Local 		canonical cloud-init The default cloud-init configuration, in cloud-init 0.6.2 and newer, included "ssh_deletekeys: 0", disabling cloud-init's deletion of ssh host keys. In some environments, this could lead to instances… - CVE-2018-10896 2024-11-21 12:42 2018-08-2 Show GitHub Exploit DB Packet Storm
248644 5.4 MEDIUM
Network 		redhat keycloak
single_sign-on 		It was found that SAML authentication in Keycloak 3.4.3.Final incorrectly authenticated expired certificates. A malicious user could use this to access unauthorized data or possibly conduct further a… CWE-295
Improper Certificate Validation  		CVE-2018-10894 2024-11-21 12:42 2018-08-2 Show GitHub Exploit DB Packet Storm
248645 8.1 HIGH
Network 		rpm
redhat 		yum-utils
enterprise_linux_desktop
enterprise_linux_workstation
enterprise_linux_server
virtualization 		A directory traversal issue was found in reposync, a part of yum-utils, where reposync fails to sanitize paths in remote repository configuration files. If an attacker controls a repository, they may… - CVE-2018-10897 2024-11-21 12:42 2018-08-2 Show GitHub Exploit DB Packet Storm
248646 6.5 MEDIUM
Network 		lftp_project
canonical
opensuse 		lftp
ubuntu_linux
leap 		It has been discovered that lftp up to and including version 4.8.3 does not properly sanitize remote file names, leading to a loss of integrity on the local system when reverse mirroring is used. A r… CWE-20
 Improper Input Validation  		CVE-2018-10916 2024-11-21 12:42 2018-08-1 Show GitHub Exploit DB Packet Storm
248647 8.8 HIGH
Adjacent 		dell emc_networker Dell EMC NetWorker versions between 9.0 and 9.1.1.8 through 9.2.1.3, and the version 18.1.0.1 contain a Clear-Text authentication over network vulnerability in the Rabbit MQ Advanced Message Queuing … CWE-319
CWE-522
Cleartext Transmission of Sensitive Information
 Insufficiently Protected Credentials 		CVE-2018-11050 2024-11-21 12:42 2018-08-1 Show GitHub Exploit DB Packet Storm
248648 8.8 HIGH
Adjacent 		redhat
openstack 		openstack
tripleo_heat_templates 		A vulnerability was found in openstack-tripleo-heat-templates before version 8.0.2-40. When deployed using Director using default configuration, Opendaylight in RHOSP13 is configured with easily gues… CWE-798
 Use of Hard-coded Credentials 		CVE-2018-10898 2024-11-21 12:42 2018-07-31 Show GitHub Exploit DB Packet Storm
248649 8.8 HIGH
Network 		prosody prosody prosody before versions 0.10.2, 0.9.14 is vulnerable to an Authentication Bypass. Prosody did not verify that the virtual host associated with a user session remained the same across stream restarts.… CWE-287
Improper Authentication 		CVE-2018-10847 2024-11-21 12:42 2018-07-31 Show GitHub Exploit DB Packet Storm
248650 7.5 HIGH
Network 		cryptography
canonical
redhat 		python-cryptography
ubuntu_linux
openstack 		A flaw was found in python-cryptography versions between >=1.9.0 and <2.3. The finalize_with_tag API did not enforce a minimum tag length. If a user did not validate the input length prior to passing… CWE-20
 Improper Input Validation  		CVE-2018-10903 2024-11-21 12:42 2018-07-31 Show GitHub Exploit DB Packet Storm