Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":June 3, 2026, 2:01 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
251901 7.5 危険 PreProject.com - Pre Projects Pre Podcast Portal の login 機能における SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2010-4959 2012-02-29 14:35 2011-10-9 Show GitHub Exploit DB Packet Storm
251902 7.5 危険 Prado Portal - Prado Portal の index.php における SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2010-4958 2012-02-29 14:23 2011-10-9 Show GitHub Exploit DB Packet Storm
251903 7.5 危険 php-programs - APBoard Developers APBoard の board/board.php における SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2010-4955 2012-02-29 14:06 2011-10-9 Show GitHub Exploit DB Packet Storm
251904 7.5 危険 Gambio - xt:Commerce Gambio 2008 の product_reviews_info.php における SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2010-4954 2012-02-29 14:05 2011-10-9 Show GitHub Exploit DB Packet Storm
251905 10 危険 Jens Witt - TYPO3 用 JW Calendar エクステンションにおける任意のコードを実行される脆弱性 CWE-noinfo
情報不足 		CVE-2010-4953 2012-02-29 11:55 2011-10-9 Show GitHub Exploit DB Packet Storm
251906 7.5 危険 Joachim Ruhs - TYPO3 用 FE user statistic エクステンションにおける SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2010-4952 2012-02-29 11:51 2011-10-9 Show GitHub Exploit DB Packet Storm
251907 5 警告 Thomas Mammitzsch - TYPO3 用 xaJax Shoutbox エクステンションにおけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2010-4951 2012-02-29 11:48 2011-10-9 Show GitHub Exploit DB Packet Storm
251908 7.5 危険 Joachim Ruhs - TYPO3 用 Event エクステンションにおける SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2010-4950 2012-02-29 11:42 2011-10-9 Show GitHub Exploit DB Packet Storm
251909 4.3 警告 Codologic.com - Joomla! 用 FreiChat および FreiChatPure におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2010-4949 2012-02-29 11:21 2011-10-9 Show GitHub Exploit DB Packet Storm
251910 7.5 危険 Phpgalleryscript - PHP Free Photo Gallery script における PHP リモートファイルインクルージョンの脆弱性 CWE-94
コード・インジェクション 		CVE-2010-4948 2012-02-29 11:19 2011-10-9 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:June 3, 2026, 4:18 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
246681 7.4 HIGH
Network 		ecos system_management_appliance Authentication Bypass by Spoofing vulnerability in ECOS System Management Appliance (aka SMA) 5.2.68 allows a man-in-the-middle attacker to compromise authentication keys and configurations via IP sp… CWE-290
 Authentication Bypass by Spoofing 		CVE-2018-12331 2024-11-21 12:45 2018-06-18 Show GitHub Exploit DB Packet Storm
246682 8.1 HIGH
Network 		ecos secure_boot_stick_firmware Protection Mechanism Failure in ECOS Secure Boot Stick (aka SBS) 5.6.5 allows an attacker to compromise authentication and encryption keys via compromised firmware. NVD-CWE-noinfo
CVE-2018-12330 2024-11-21 12:45 2018-06-18 Show GitHub Exploit DB Packet Storm
246683 5.9 MEDIUM
Network 		ecos secure_boot_stick_firmware Protection Mechanism Failure in ECOS Secure Boot Stick (aka SBS) 5.6.5 allows a local attacker to duplicate an authentication factor via cloning. CWE-200
Information Exposure 		CVE-2018-12329 2024-11-21 12:45 2018-06-18 Show GitHub Exploit DB Packet Storm
246684 7.5 HIGH
Network 		1000guess 1000_guess The _addguess function of a simplelottery smart contract implementation for 1000 Guess, an Ethereum gambling game, generates a random value with publicly readable variables such as the current block … CWE-338
 Use of Cryptographically Weak Pseudo-Random Number Generator (PRNG) 		CVE-2018-12454 2024-11-21 12:45 2018-06-17 Show GitHub Exploit DB Packet Storm
246685 7.5 HIGH
Network 		redislabs redis Type confusion in the xgroupCommand function in t_stream.c in redis-server in Redis before 5.0 allows remote attackers to cause denial-of-service via an XGROUP command in which the key is not a strea… CWE-704
 Incorrect Type Conversion or Cast 		CVE-2018-12453 2024-11-21 12:45 2018-06-17 Show GitHub Exploit DB Packet Storm
246686 7.5 HIGH
Network 		tinyexr_project tinyexr tinyexr 0.9.5 has an assertion failure in ComputeChannelLayout in tinyexr.h. CWE-617
 Reachable Assertion 		CVE-2018-12504 2024-11-21 12:45 2018-06-17 Show GitHub Exploit DB Packet Storm
246687 9.8 CRITICAL
Network 		tinyexr_project tinyexr tinyexr 0.9.5 has a heap-based buffer over-read in LoadEXRImageFromMemory in tinyexr.h. CWE-125
Out-of-bounds Read 		CVE-2018-12503 2024-11-21 12:45 2018-06-17 Show GitHub Exploit DB Packet Storm
246688 6.1 MEDIUM
Network 		nagios fusion Nagios Fusion before 4.1.4 has XSS, aka TPS#13332-13335. CWE-79
Cross-site Scripting 		CVE-2018-12501 2024-11-21 12:45 2018-06-16 Show GitHub Exploit DB Packet Storm
246689 9.8 CRITICAL
Network 		icmsdev icms spider.admincp.php in iCMS v7.0.8 has SQL Injection via the id parameter in an app=spider&do=batch request to admincp.php. CWE-89
SQL Injection 		CVE-2018-12498 2024-11-21 12:45 2018-06-16 Show GitHub Exploit DB Packet Storm
246690 5.5 MEDIUM
Local 		discount_project
debian 		discount
debian_linux 		The quoteblock function in markdown.c in libmarkdown.a in DISCOUNT 2.2.3a allows remote attackers to cause a denial of service (heap-based buffer over-read) via a crafted file. CWE-125
Out-of-bounds Read 		CVE-2018-12495 2024-11-21 12:45 2018-06-16 Show GitHub Exploit DB Packet Storm