Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":June 28, 2026, 10 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
251511 6.8 警告 alternc - AlternC のファイルマネージャーにおける重要な情報を取得される脆弱性 - CVE-2006-6257 2012-06-26 15:38 2006-12-4 Show GitHub Exploit DB Packet Storm
251512 6.8 警告 alternc - AlternC の admin/bro_main.php のファイルマネージャーにおけるクロスサイトスクリプティングの脆弱性 - CVE-2006-6256 2012-06-26 15:38 2006-12-4 Show GitHub Exploit DB Packet Storm
251513 4.3 警告 cahier de textes - Cahier de texte の administration/telecharger.php におけるファイルの未解析コンテンツを取得される脆弱性 - CVE-2006-6254 2012-06-26 15:38 2006-12-4 Show GitHub Exploit DB Packet Storm
251514 5 警告 cahier de textes - Cahier de texte における全ユーザのパスワードを取得される脆弱性 - CVE-2006-6253 2012-06-26 15:38 2006-12-4 Show GitHub Exploit DB Packet Storm
251515 7.8 危険 gphotos - Gphotos の index.php における重要な情報を取得される脆弱性 - CVE-2006-6248 2012-06-26 15:38 2006-12-4 Show GitHub Exploit DB Packet Storm
251516 7.5 危険 coalescent systems - Coalescent Systems freePBX における任意のコマンドを実行される脆弱性 - CVE-2006-6244 2012-06-26 15:38 2006-12-4 Show GitHub Exploit DB Packet Storm
251517 7.5 危険 fipsasp - FipsSHOP の index.asp における SQL インジェクションの脆弱性 - CVE-2006-6243 2012-06-26 15:38 2006-12-4 Show GitHub Exploit DB Packet Storm
251518 5 警告 アップル - Apple Safari の AutoFill 機能における重要な情報を取得される脆弱性 - CVE-2006-6238 2012-06-26 15:38 2006-12-3 Show GitHub Exploit DB Packet Storm
251519 7.5 危険 francisco burzi - PHP-Nuke の Content モジュールにおける SQL インジェクションの脆弱性 - CVE-2006-6234 2012-06-26 15:38 2006-12-2 Show GitHub Exploit DB Packet Storm
251520 7.5 危険 dreamcost - DreamAccount の admin/index.php における PHP リモートファイルインクルージョンの脆弱性 - CVE-2006-6232 2012-06-26 15:38 2006-12-1 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:June 28, 2026, 4:01 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
246601 6.5 MEDIUM
Network 		ibm api_connect IBM API Connect 5.0.0.0 through 5.0.8.2 is impacted by generated LoopBack APIs for a Model using the BelongsTo/HasMany relationship allowing unauthorized modification of information. IBM X-Force ID: … NVD-CWE-noinfo
CVE-2018-1389 2024-11-21 12:59 2018-04-30 Show GitHub Exploit DB Packet Storm
246602 8.8 HIGH
Network 		ibm bigfix_platform IBM BigFix Platform 9.2 and 9.5 is vulnerable to cross-site request forgery which could allow an attacker to execute malicious and unauthorized actions transmitted from a user that the website trusts… CWE-352
 Origin Validation Error 		CVE-2018-1479 2024-11-21 12:59 2018-04-28 Show GitHub Exploit DB Packet Storm
246603 9.8 CRITICAL
Network 		ibm bigfix_platform IBM BigFix Platform 9.2 and 9.5 uses an inadequate account lockout setting that could allow a remote attacker to brute force account credentials. IBM X-Force ID: 140756. CWE-307
mproper Restriction of Excessive Authentication Attempts 		CVE-2018-1475 2024-11-21 12:59 2018-04-28 Show GitHub Exploit DB Packet Storm
246604 6.1 MEDIUM
Network 		ibm bigfix_platform IBM BigFix Platform 9.2 and 9.5 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potent… CWE-79
Cross-site Scripting 		CVE-2018-1473 2024-11-21 12:59 2018-04-28 Show GitHub Exploit DB Packet Storm
246605 7.2 HIGH
Network 		ovirt
redhat 		ovirt
enterprise_virtualization 		ovirt-engine API and administration web portal before versions 4.2.2.5, 4.1.11.2 is vulnerable to an exposure of Power Management credentials, including cleartext passwords to Host Administrators. A … CWE-522
 Insufficiently Protected Credentials 		CVE-2018-1074 2024-11-21 12:59 2018-04-27 Show GitHub Exploit DB Packet Storm
246606 8.8 HIGH
Network 		ibm qradar_security_information_and_event_manager IBM Security QRadar SIEM 7.2 and 7.3 could allow a user to bypass authentication which could lead to code execution. IBM X-Force ID: 138824. CWE-287
Improper Authentication 		CVE-2018-1418 2024-11-21 12:59 2018-04-26 Show GitHub Exploit DB Packet Storm
246607 5.5 MEDIUM
Local 		apache tika A carefully crafted (or fuzzed) file can trigger an infinite loop in Apache Tika's ChmParser in versions of Apache Tika before 1.18. CWE-835
 Loop with Unreachable Exit Condition ('Infinite Loop') 		CVE-2018-1339 2024-11-21 12:59 2018-04-26 Show GitHub Exploit DB Packet Storm
246608 5.5 MEDIUM
Local 		apache tika A carefully crafted (or fuzzed) file can trigger an infinite loop in Apache Tika's BPGParser in versions of Apache Tika before 1.18. CWE-835
 Loop with Unreachable Exit Condition ('Infinite Loop') 		CVE-2018-1338 2024-11-21 12:59 2018-04-26 Show GitHub Exploit DB Packet Storm
246609 8.1 HIGH
Network 		apache tika From Apache Tika versions 1.7 to 1.17, clients could send carefully crafted headers to tika-server that could be used to inject commands into the command line of the server running tika-server. This … NVD-CWE-noinfo
CVE-2018-1335 2024-11-21 12:59 2018-04-26 Show GitHub Exploit DB Packet Storm
246610 5.4 MEDIUM
Network 		ibm jazz_reporting_service IBM Jazz Reporting Service (JRS) 5.0 through 5.0.2 and 6.0 through 6.0.5 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus a… CWE-79
Cross-site Scripting 		CVE-2018-1363 2024-11-21 12:59 2018-04-25 Show GitHub Exploit DB Packet Storm