Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":June 2, 2026, 4 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
251901 7.5 危険 Prado Portal - Prado Portal の index.php における SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2010-4958 2012-02-29 14:23 2011-10-9 Show GitHub Exploit DB Packet Storm
251902 7.5 危険 php-programs - APBoard Developers APBoard の board/board.php における SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2010-4955 2012-02-29 14:06 2011-10-9 Show GitHub Exploit DB Packet Storm
251903 7.5 危険 Gambio - xt:Commerce Gambio 2008 の product_reviews_info.php における SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2010-4954 2012-02-29 14:05 2011-10-9 Show GitHub Exploit DB Packet Storm
251904 10 危険 Jens Witt - TYPO3 用 JW Calendar エクステンションにおける任意のコードを実行される脆弱性 CWE-noinfo
情報不足 		CVE-2010-4953 2012-02-29 11:55 2011-10-9 Show GitHub Exploit DB Packet Storm
251905 7.5 危険 Joachim Ruhs - TYPO3 用 FE user statistic エクステンションにおける SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2010-4952 2012-02-29 11:51 2011-10-9 Show GitHub Exploit DB Packet Storm
251906 5 警告 Thomas Mammitzsch - TYPO3 用 xaJax Shoutbox エクステンションにおけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2010-4951 2012-02-29 11:48 2011-10-9 Show GitHub Exploit DB Packet Storm
251907 7.5 危険 Joachim Ruhs - TYPO3 用 Event エクステンションにおける SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2010-4950 2012-02-29 11:42 2011-10-9 Show GitHub Exploit DB Packet Storm
251908 4.3 警告 Codologic.com - Joomla! 用 FreiChat および FreiChatPure におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2010-4949 2012-02-29 11:21 2011-10-9 Show GitHub Exploit DB Packet Storm
251909 7.5 危険 Phpgalleryscript - PHP Free Photo Gallery script における PHP リモートファイルインクルージョンの脆弱性 CWE-94
コード・インジェクション 		CVE-2010-4948 2012-02-29 11:19 2011-10-9 Show GitHub Exploit DB Packet Storm
251910 4.3 警告 Allpcscript - ALLPC の advanced_search_result.php におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2010-4947 2012-02-29 11:17 2011-10-9 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:June 2, 2026, 4:18 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
246711 5.3 MEDIUM
Adjacent 		eminent-online em4544 An issue was discovered on Eminent EM4544 9.10 devices. The device does not require the user's current password to set a new one within the web interface. Therefore, it is possible to exploit this is… CWE-79
Cross-site Scripting 		CVE-2018-12073 2024-11-21 12:44 2018-06-18 Show GitHub Exploit DB Packet Storm
246712 9.8 CRITICAL
Network 		cloudmedia popcorn_a-200_firmware An issue was discovered in Cloud Media Popcorn A-200 03-05-130708-21-POP-411-000 firmware. It is configured to provide TELNET remote access (without a password) that pops a shell as root. If an attac… NVD-CWE-noinfo
CVE-2018-12072 2024-11-21 12:44 2018-06-18 Show GitHub Exploit DB Packet Storm
246713 9.8 CRITICAL
Network 		codeigniter codeigniter A Session Fixation issue exists in CodeIgniter before 3.1.9 because session.use_strict_mode in the Session Library was mishandled. CWE-384
 Session Fixation 		CVE-2018-12071 2024-11-21 12:44 2018-06-18 Show GitHub Exploit DB Packet Storm
246714 7.0 HIGH
Local 		phusion
debian 		passenger
debian_linux 		A race condition in the nginx module in Phusion Passenger 3.x through 5.x before 5.3.2 allows local escalation of privileges when a non-standard passenger_instance_registry_dir with insufficiently st… CWE-362
Race Condition 		CVE-2018-12029 2024-11-21 12:44 2018-06-18 Show GitHub Exploit DB Packet Storm
246715 7.8 HIGH
Local 		phusion passenger An Incorrect Access Control vulnerability in SpawningKit in Phusion Passenger 5.3.x before 5.3.2 allows a Passenger-managed malicious application, upon spawning a child process, to report an arbitrar… CWE-732
 Incorrect Permission Assignment for Critical Resource 		CVE-2018-12028 2024-11-21 12:44 2018-06-18 Show GitHub Exploit DB Packet Storm
246716 8.8 HIGH
Network 		phusion passenger An Insecure Permissions vulnerability in SpawningKit in Phusion Passenger 5.3.x before 5.3.2 causes information disclosure in the following situation: given a Passenger-spawned application process th… CWE-200
CWE-732
Information Exposure
 Incorrect Permission Assignment for Critical Resource 		CVE-2018-12027 2024-11-21 12:44 2018-06-18 Show GitHub Exploit DB Packet Storm
246717 9.8 CRITICAL
Network 		phusion passenger During the spawning of a malicious Passenger-managed application, SpawningKit in Phusion Passenger 5.3.x before 5.3.2 allows such applications to replace key files or directories in the spawning comm… CWE-59
Link Following 		CVE-2018-12026 2024-11-21 12:44 2018-06-18 Show GitHub Exploit DB Packet Storm
246718 8.4 HIGH
Local 		redislabs redis Buffer overflow in redis-cli of Redis before 4.0.10 and 5.x before 5.0 RC3 allows an attacker to achieve code execution and escalate to higher privileges via a crafted command line. NOTE: It is uncle… CWE-119
Incorrect Access of Indexable Resource ('Range Error')  		CVE-2018-12326 2024-11-21 12:44 2018-06-17 Show GitHub Exploit DB Packet Storm
246719 7.8 HIGH
Local 		virustotal yara In YARA 3.7.1 and prior, parsing a specially crafted compiled rule file can cause an out of bounds write vulnerability in yr_execute_code in libyara/exec.c. CWE-787
 Out-of-bounds Write 		CVE-2018-12035 2024-11-21 12:44 2018-06-16 Show GitHub Exploit DB Packet Storm
246720 7.8 HIGH
Local 		virustotal yara In YARA 3.7.1 and prior, parsing a specially crafted compiled rule file can cause an out of bounds read vulnerability in yr_execute_code in libyara/exec.c. CWE-125
Out-of-bounds Read 		CVE-2018-12034 2024-11-21 12:44 2018-06-16 Show GitHub Exploit DB Packet Storm