Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":July 1, 2026, 6 p.m.

No CVSS Level
Attach Vector
Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show
Exploit
PoC
Search
251681 4.3 警告 deskpro - DeskPRO の faq.php におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS)
CVE-2007-1012 2012-06-26 15:46 2007-02-21 Show GitHub Exploit DB Packet Storm
251682 2.6 注意 アップル - Apple iTunes におけるサービス運用妨害 (DoS) の脆弱性 - CVE-2007-1008 2012-06-26 15:46 2007-02-19 Show GitHub Exploit DB Packet Storm
251683 7.8 危険 CA Technologies - CA eTrust Intrusion Detection の SW3eng.exe におけるヒープベースのバッファオーバーフローの脆弱性 - CVE-2007-1005 2012-06-26 15:46 2007-02-27 Show GitHub Exploit DB Packet Storm
251684 7.5 危険 aspcode.net - PollMentor の admin_poll.asp における SQL インジェクションの脆弱性 CWE-89
SQLインジェクション
CVE-2007-0984 2012-06-26 15:46 2007-02-16 Show GitHub Exploit DB Packet Storm
251685 6.8 警告 ansatheus - AT Contenator の _admin/nav.php における PHP リモートファイルインクルージョンの脆弱性 CWE-94
コード・インジェクション
CVE-2007-0983 2012-06-26 15:46 2007-02-16 Show GitHub Exploit DB Packet Storm
251686 10 危険 activex soft - ActSoft DVD-Tools ActiveX コントロールにおけるバッファオーバーフローの脆弱性 - CVE-2007-0976 2012-06-26 15:46 2007-02-15 Show GitHub Exploit DB Packet Storm
251687 5 警告 apache stats - Ian Bezanson Apache Stats における重要な変数を上書きされる脆弱性 - CVE-2007-0975 2012-06-26 15:46 2007-02-15 Show GitHub Exploit DB Packet Storm
251688 9 危険 シスコシステムズ - Cisco FWSM における特定の ACL 保護を回避される脆弱性 - CVE-2007-0968 2012-06-26 15:46 2007-02-14 Show GitHub Exploit DB Packet Storm
251689 7.8 危険 シスコシステムズ - Cisco FWSM におけるサービス運用妨害 (DoS) の脆弱性 - CVE-2007-0967 2012-06-26 15:46 2007-02-14 Show GitHub Exploit DB Packet Storm
251690 7.8 危険 シスコシステムズ - Cisco FWSM におけるサービス運用妨害 (DoS) の脆弱性 - CVE-2007-0966 2012-06-26 15:46 2007-02-14 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:July 1, 2026, 4:27 a.m.

No CVSS Level
Attach Vector
Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
246921 5.3 MEDIUM
Network
is-my-json-valid_project is-my-json-valid It was discovered that the is-my-json-valid JavaScript library used an inefficient regular expression to validate JSON fields defined to have email format. A specially crafted JSON file could cause i… - CVE-2018-1107 2024-11-21 12:59 2021-03-30 Show GitHub Exploit DB Packet Storm
246922 7.5 HIGH
Network
ibm security_guardium IBM Security Guardium 10.5, 10.6, and 11.0 could allow an unauthorized user to obtain sensitive information due to missing security controls. IBM X-Force ID: 141226. CWE-306
Missing Authentication for Critical Function
CVE-2018-1501 2024-11-21 12:59 2020-08-27 Show GitHub Exploit DB Packet Storm
246923 9.8 CRITICAL
Network
apache
fedoraproject
oracle
netapp
log4net
fedora
application_testing_suite
hospitality_simphony
hospitality_opera_5
snapcenter
manageability_software_development_kit
Apache log4net versions before 2.0.10 do not disable XML external entities when parsing log4net configuration files. This allows for XXE-based attacks in applications that accept attacker-controlled … CWE-611
XXE
CVE-2018-1285 2024-11-21 12:59 2020-05-12 Show GitHub Exploit DB Packet Storm
246924 8.1 HIGH
Network
apache
redhat
debian
oracle
fedoraproject
xerces-c\+\+
enterprise_linux_desktop
enterprise_linux_workstation
enterprise_linux_server
enterprise_linux_server_aus
enterprise_linux_server_tus
enterprise_linux_eus
debian_lin…
The Apache Xerces-C 3.0.0 to 3.2.3 XML parser contains a use-after-free error triggered during the scanning of external DTDs. This flaw has not been addressed in the maintained version of the library… CWE-416
 Use After Free
CVE-2018-1311 2024-11-21 12:59 2019-12-19 Show GitHub Exploit DB Packet Storm
246925 8.1 HIGH
Network
fortinet fortimanager A cleartext transmission of sensitive information vulnerability in Fortinet FortiManager 5.2.0 through 5.2.7, 5.4.0 and 5.4.1 may allow an unauthenticated attacker in a man in the middle position to … CWE-319
Cleartext Transmission of Sensitive Information
CVE-2018-1360 2024-11-21 12:59 2019-04-26 Show GitHub Exploit DB Packet Storm
246926 6.1 MEDIUM
Network
apache zeppelin Apache Zeppelin prior to 0.8.0 had a stored XSS issue via Note permissions. Issue reported by "Josna Joseph". CWE-79
Cross-site Scripting
CVE-2018-1328 2024-11-21 12:59 2019-04-24 Show GitHub Exploit DB Packet Storm
246927 8.8 HIGH
Network
apache zeppelin In Apache Zeppelin prior to 0.8.0 the cron scheduler was enabled by default and could allow users to run paragraphs as other users without authentication. CWE-287
Improper Authentication
CVE-2018-1317 2024-11-21 12:59 2019-04-24 Show GitHub Exploit DB Packet Storm
246928 6.1 MEDIUM
Network
fortinet fortisandbox A reflected Cross-Site-Scripting (XSS) vulnerability in Fortinet FortiSandbox before 3.0 may allow an attacker to execute unauthorized code or commands via the back_url parameter in the file scan com… CWE-79
Cross-site Scripting
CVE-2018-1356 2024-11-21 12:59 2019-04-10 Show GitHub Exploit DB Packet Storm
246929 9.8 CRITICAL
Network
fortinet fortios A format string vulnerability in Fortinet FortiOS 5.6.0 allows attacker to execute unauthorized code or commands via the SSH username variable. CWE-134
Use of Externally-Controlled Format String
CVE-2018-1352 2024-11-21 12:59 2019-02-9 Show GitHub Exploit DB Packet Storm
246930 7.5 HIGH
Network
apache guacamole Prior to 1.0.0, Apache Guacamole used a cookie for client-side storage of the user's session token. This cookie lacked the "secure" flag, which could allow an attacker eavesdropping on the network to… CWE-311
Missing Encryption of Sensitive Data
CVE-2018-1340 2024-11-21 12:59 2019-02-8 Show GitHub Exploit DB Packet Storm