Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":June 4, 2026, 4 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
251331 4.3 警告 Vtiger - vtiger CRM におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2010-3911 2012-03-27 18:42 2010-11-26 Show GitHub Exploit DB Packet Storm
251332 6.8 警告 Vtiger - vtiger CRM の return_application_language 関数におけるディレクトリトラバーサルの脆弱性 CWE-22
パス・トラバーサル 		CVE-2010-3910 2012-03-27 18:42 2010-11-26 Show GitHub Exploit DB Packet Storm
251333 6.8 警告 FFmpeg
mplayerhq		 - MPlayer などの製品で使用される FFmpeg におけるサービス運用妨害 (DoS) 状態の脆弱性 CWE-119
バッファエラー 		CVE-2010-3908 2012-03-27 18:42 2011-05-20 Show GitHub Exploit DB Packet Storm
251334 6 警告 Vtiger - vtiger CRM の config.template.php における任意のコードを実行される脆弱性 CWE-94
コード・インジェクション 		CVE-2010-3909 2012-03-27 18:42 2010-11-26 Show GitHub Exploit DB Packet Storm
251335 9.3 危険 VideoLAN - VideoLAN VLC Media Player の Real demuxer プラグインにおける整数オーバーフローの脆弱性 CWE-189
数値処理の問題 		CVE-2010-3907 2012-03-27 18:42 2010-12-14 Show GitHub Exploit DB Packet Storm
251336 7.5 危険 Eucalyptus Systems - Eucalyptus の管理者のインターフェース のパスワードリセット機能における権限を取得される脆弱性 CWE-287
不適切な認証 		CVE-2010-3905 2012-03-27 18:42 2010-12-16 Show GitHub Exploit DB Packet Storm
251337 5 警告 infradead - OpenConnect におけるサービス運用妨害 (DoS) の脆弱性 CWE-noinfo
情報不足 		CVE-2010-3903 2012-03-27 18:42 2010-10-14 Show GitHub Exploit DB Packet Storm
251338 5 警告 infradead - OpenConnect における重要な情報を取得される脆弱性 CWE-200
情報漏えい 		CVE-2010-3902 2012-03-27 18:42 2010-10-14 Show GitHub Exploit DB Packet Storm
251339 6.4 警告 infradead - OpenConnect における任意の AnyConnect SSL VPN サーバを偽装される脆弱性 CWE-20
不適切な入力確認 		CVE-2010-3901 2012-03-27 18:42 2010-10-14 Show GitHub Exploit DB Packet Storm
251340 5.8 警告 christian dywan - Midori における任意の HTTPS Web サイトになりすまされる脆弱性 CWE-Other
その他 		CVE-2010-3900 2012-03-27 18:42 2010-10-14 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:June 5, 2026, 4:11 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
248611 5.5 MEDIUM
Local 		wavpack
debian 		wavpack
debian_linux 		An issue was discovered in WavPack 5.1.0 and earlier for W64 input. Out-of-bounds writes can occur because ParseWave64HeaderConfig in wave64.c does not validate the sizes of unknown chunks before att… CWE-787
 Out-of-bounds Write 		CVE-2018-10540 2024-11-21 12:41 2018-04-30 Show GitHub Exploit DB Packet Storm
248612 5.5 MEDIUM
Local 		wavpack
debian 		wavpack
debian_linux 		An issue was discovered in WavPack 5.1.0 and earlier for DSDiff input. Out-of-bounds writes can occur because ParseDsdiffHeaderConfig in dsdiff.c does not validate the sizes of unknown chunks before … CWE-787
 Out-of-bounds Write 		CVE-2018-10539 2024-11-21 12:41 2018-04-30 Show GitHub Exploit DB Packet Storm
248613 5.5 MEDIUM
Local 		wavpack
debian 		wavpack
debian_linux 		An issue was discovered in WavPack 5.1.0 and earlier for WAV input. Out-of-bounds writes can occur because ParseRiffHeaderConfig in riff.c does not validate the sizes of unknown chunks before attempt… CWE-787
 Out-of-bounds Write 		CVE-2018-10538 2024-11-21 12:41 2018-04-30 Show GitHub Exploit DB Packet Storm
248614 7.8 HIGH
Local 		wavpack
debian 		wavpack
debian_linux 		An issue was discovered in WavPack 5.1.0 and earlier. The W64 parser component contains a vulnerability that allows writing to memory because ParseWave64HeaderConfig in wave64.c does not reject multi… CWE-119
Incorrect Access of Indexable Resource ('Range Error')  		CVE-2018-10537 2024-11-21 12:41 2018-04-30 Show GitHub Exploit DB Packet Storm
248615 7.8 HIGH
Local 		wavpack
debian 		wavpack
debian_linux 		An issue was discovered in WavPack 5.1.0 and earlier. The WAV parser component contains a vulnerability that allows writing to memory because ParseRiffHeaderConfig in riff.c does not reject multiple … CWE-787
 Out-of-bounds Write 		CVE-2018-10536 2024-11-21 12:41 2018-04-30 Show GitHub Exploit DB Packet Storm
248616 5.5 MEDIUM
Local 		gnu
redhat 		binutils
enterprise_linux_desktop
enterprise_linux_workstation
enterprise_linux_server 		The ignore_section_sym function in elf.c in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.30, does not validate the output_section pointer in the case of a s… CWE-476
 NULL Pointer Dereference 		CVE-2018-10535 2024-11-21 12:41 2018-04-30 Show GitHub Exploit DB Packet Storm
248617 8.8 HIGH
Network 		canonical
libraw 		ubuntu_linux
libraw 		An issue was discovered in LibRaw 0.18.9. There is an out-of-bounds read affecting the X3F property table list implementation in libraw_x3f.cpp and libraw_cxx.cpp. CWE-125
Out-of-bounds Read 		CVE-2018-10529 2024-11-21 12:41 2018-04-29 Show GitHub Exploit DB Packet Storm
248618 8.8 HIGH
Network 		canonical
libraw 		ubuntu_linux
libraw 		An issue was discovered in LibRaw 0.18.9. There is a stack-based buffer overflow in the utf2char function in libraw_cxx.cpp. CWE-787
 Out-of-bounds Write 		CVE-2018-10528 2024-11-21 12:41 2018-04-29 Show GitHub Exploit DB Packet Storm
248619 5.4 MEDIUM
Network 		easycms_project easycms EasyCMS 1.3 is prone to Stored XSS when posting an article; four fields are affected: title, keyword, abstract, and content, as demonstrated by the /admin/index/index.html#listarticle URI. CWE-79
Cross-site Scripting 		CVE-2018-10527 2024-11-21 12:41 2018-04-29 Show GitHub Exploit DB Packet Storm
248620 7.5 HIGH
Network 		uetoken useless_ethereum_token The transferFrom function of a smart contract implementation for Useless Ethereum Token (UET), an Ethereum ERC20 token, allows attackers to steal assets (e.g., transfer all victims' balances into the… CWE-20
 Improper Input Validation  		CVE-2018-10468 2024-11-21 12:41 2018-04-28 Show GitHub Exploit DB Packet Storm