Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":July 1, 2026, 2:01 p.m.

No CVSS Level
Attach Vector
Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show
Exploit
PoC
Search
251471 6.8 警告 MyBB Group
ecardmax.com
- eCardMAX Hot Editor および HotEditor プラグインの richedit/keyboard.php におけるディレクトリトラバーサルの脆弱性 - CVE-2007-1906 2012-06-26 15:46 2007-04-10 Show GitHub Exploit DB Packet Storm
251472 4.3 警告 AOL - AIM および ICQ におけるディレクトリトラバーサルの脆弱性 - CVE-2007-1904 2012-06-26 15:46 2007-04-10 Show GitHub Exploit DB Packet Storm
251473 9.3 危険 アカマイテクノロジーズ - Akamai Technologies Download Manager ActiveX コントロール (DownloadManagerV2.ocx) におけるスタックベースのバッファオーバーフローの脆弱性 - CVE-2007-1892 2012-06-26 15:46 2007-04-17 Show GitHub Exploit DB Packet Storm
251474 7.2 危険 アドビシステムズ - Adobe ColdFusion MX における任意のコードを実行される脆弱性 - CVE-2007-1874 2012-06-26 15:46 2007-04-10 Show GitHub Exploit DB Packet Storm
251475 4.3 警告 chcounter - chcounter におけるクロスサイトスクリプティングの脆弱性 - CVE-2007-1871 2012-06-26 15:46 2007-04-13 Show GitHub Exploit DB Packet Storm
251476 5 警告 drake team - Drake CMS の classes/captcha/captcha.jpg.php におけるディレクトリトラバーサルの脆弱性 - CVE-2007-1850 2012-06-26 15:46 2007-04-3 Show GitHub Exploit DB Packet Storm
251477 7.5 危険 drake team - Drake CMS の 404.php におけるディレクトリトラバーサルの脆弱性 - CVE-2007-1849 2012-06-26 15:46 2007-04-3 Show GitHub Exploit DB Packet Storm
251478 4.3 警告 drake team - Drake CMS の admin/classes/ui.dta.php におけるクロスサイトスクリプティングの脆弱性 - CVE-2007-1848 2012-06-26 15:46 2007-04-3 Show GitHub Exploit DB Packet Storm
251479 7.5 危険 avatic - Aardvark Topsites PHP における PHP リモートファイルインクルージョンの脆弱性 - CVE-2007-1844 2012-06-26 15:46 2007-04-3 Show GitHub Exploit DB Packet Storm
251480 7.5 危険 codebb - CodeBB における PHP リモートファイルインクルージョンの脆弱性 - CVE-2007-1839 2012-06-26 15:46 2007-04-2 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:July 1, 2026, 4:27 a.m.

No CVSS Level
Attach Vector
Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
254471 10.0 CRITICAL
Network
keepassdx keepass_dx KeePassDX version <= 2.5.0.0beta17 contains a XML External Entity (XXE) vulnerability in kdbx file parser that can result in Disclosure of confidential data, denial of service, SSRF, port scanning. CWE-611
XXE
CVE-2018-1000835 2024-11-21 12:40 2018-12-21 Show GitHub Exploit DB Packet Storm
254472 9.0 CRITICAL
Network
runelite runelite runelite version <= runelite-parent-1.4.23 contains a XML External Entity (XXE) vulnerability in Man in the middle runscape services call that can result in Disclosure of confidential data, denial of… CWE-611
XXE
CVE-2018-1000834 2024-11-21 12:40 2018-12-21 Show GitHub Exploit DB Packet Storm
254473 9.8 CRITICAL
Network
zoneminder zoneminder ZoneMinder version <= 1.32.2 contains a Other/Unknown vulnerability in User-controlled parameter that can result in Disclosure of confidential data, denial of service, SSRF, remote code execution. CWE-502
 Deserialization of Untrusted Data
CVE-2018-1000833 2024-11-21 12:40 2018-12-21 Show GitHub Exploit DB Packet Storm
254474 9.8 CRITICAL
Network
zoneminder zoneminder ZoneMinder version <= 1.32.2 contains a Other/Unknown vulnerability in User-controlled parameter that can result in Disclosure of confidential data, denial of service, SSRF, remote code execution. CWE-502
 Deserialization of Untrusted Data
CVE-2018-1000832 2024-11-21 12:40 2018-12-21 Show GitHub Exploit DB Packet Storm
254475 10.0 CRITICAL
Network
k9mail k-9_mail K9Mail version <= v5.600 contains a XML External Entity (XXE) vulnerability in WebDAV response parser that can result in Disclosure of confidential data, denial of service, SSRF, port scanning. This … CWE-611
XXE
CVE-2018-1000831 2024-11-21 12:40 2018-12-21 Show GitHub Exploit DB Packet Storm
254476 10.0 CRITICAL
Network
xr3player_project xr3player XR3Player version <= V3.124 contains a XML External Entity (XXE) vulnerability in Playlist parser that can result in Disclosure of confidential data, denial of service, SSRF, port scanning. CWE-611
XXE
CVE-2018-1000830 2024-11-21 12:40 2018-12-21 Show GitHub Exploit DB Packet Storm
254477 9.0 CRITICAL
Network
anyplace_project anyplace Anyplace version before commit 80359b4 contains a XML External Entity (XXE) vulnerability in Man in the middle on map API call that can result in Disclosure of confidential data, denial of service, S… CWE-611
XXE
CVE-2018-1000829 2024-11-21 12:40 2018-12-21 Show GitHub Exploit DB Packet Storm
254478 9.0 CRITICAL
Network
frostwire frostwire FrostWire version <= frostwire-desktop-6.7.4-build-272 contains a XML External Entity (XXE) vulnerability in Man in the middle on update that can result in Disclosure of confidential data, denial of … CWE-611
XXE
CVE-2018-1000828 2024-11-21 12:40 2018-12-21 Show GitHub Exploit DB Packet Storm
254479 9.8 CRITICAL
Network
ubilling ubilling Ubilling version <= 0.9.2 contains a Other/Unknown vulnerability in user-controlled parameter that can result in Disclosure of confidential data, denial of service, SSRF, remote code execution. CWE-502
 Deserialization of Untrusted Data
CVE-2018-1000827 2024-11-21 12:40 2018-12-21 Show GitHub Exploit DB Packet Storm
254480 6.1 MEDIUM
Network
microweber microweber Microweber version <= 1.0.7 contains a Cross Site Scripting (XSS) vulnerability in Admin login form template that can result in Execution of JavaScript code. CWE-79
Cross-site Scripting
CVE-2018-1000826 2024-11-21 12:40 2018-12-21 Show GitHub Exploit DB Packet Storm