Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":June 2, 2026, 6 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
251931 7.5 危険 Joostina CMS - Joomla! 用 Joostina コンポーネントにおける SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2010-4929 2012-02-28 14:09 2011-10-9 Show GitHub Exploit DB Packet Storm
251932 4.3 警告 PhotoIndochina - Joomla! 用 Restaurant Guide コンポーネントにおけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2010-4928 2012-02-28 14:07 2011-10-9 Show GitHub Exploit DB Packet Storm
251933 7.5 危険 PhotoIndochina - Joomla! 用 Restaurant Guide コンポーネントにおける SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2010-4927 2012-02-28 13:57 2011-10-9 Show GitHub Exploit DB Packet Storm
251934 7.5 危険 TimeTrack - Joomla! 用 TimeTrack コンポーネントにおける SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2010-4926 2012-02-28 13:53 2011-10-9 Show GitHub Exploit DB Packet Storm
251935 7.5 危険 Nuked-Klan - Nuked-Klan 用 Partenaires モジュールにおける SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2010-4925 2012-02-28 13:40 2011-10-9 Show GitHub Exploit DB Packet Storm
251936 7.5 危険 Virtue Netz - Virtue Netz Virtue Book Store における SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2010-4923 2012-02-28 13:39 2011-10-9 Show GitHub Exploit DB Packet Storm
251937 7.5 危険 Allinta - Allinta CMS における SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2010-4922 2012-02-28 11:20 2011-10-9 Show GitHub Exploit DB Packet Storm
251938 7.5 危険 DMXReady - DMXReady Polling Booth Manager における SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2010-4921 2012-02-28 11:18 2011-10-8 Show GitHub Exploit DB Packet Storm
251939 7.5 危険 Micronetsoft - Micronetsoft Rental Property Management Website の detail.asp における SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2010-4920 2012-02-28 11:04 2011-10-8 Show GitHub Exploit DB Packet Storm
251940 7.5 危険 Micronetsoft - Micronetsoft RV Dealer Website の detail.asp における SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2010-4919 2012-02-28 10:55 2011-10-8 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:June 3, 2026, 4:18 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
246701 8.8 HIGH
Network 		libbpg_project libbpg The restore_tqb_pixels function in hevc_filter.c in libavcodec, as used in libbpg 0.9.8 and other products, has an integer overflow that leads to a heap-based buffer overflow and remote code executio… CWE-787
CWE-190
 Out-of-bounds Write
 Integer Overflow or Wraparound 		CVE-2018-12447 2024-11-21 12:45 2018-06-15 Show GitHub Exploit DB Packet Storm
246702 4.7 MEDIUM
Local 		google boringssl BoringSSL through 2018-06-14 allows a memory-cache side-channel attack on DSA signatures, aka the Return Of the Hidden Number Problem or ROHNP. To discover a DSA key, the attacker needs access to eit… CWE-200
Information Exposure 		CVE-2018-12440 2024-11-21 12:45 2018-06-15 Show GitHub Exploit DB Packet Storm
246703 4.7 MEDIUM
Local 		matrixssl matrixssl MatrixSSL through 3.9.5 Open allows a memory-cache side-channel attack on ECDSA signatures, aka the Return Of the Hidden Number Problem or ROHNP. To discover an ECDSA key, the attacker needs access t… CWE-200
Information Exposure 		CVE-2018-12439 2024-11-21 12:45 2018-06-15 Show GitHub Exploit DB Packet Storm
246704 4.9 MEDIUM
Physics 		libsunec_project libsunec The Elliptic Curve Cryptography library (aka sunec or libsunec) allows a memory-cache side-channel attack on ECDSA signatures, aka the Return Of the Hidden Number Problem or ROHNP. To discover an ECD… CWE-200
CWE-320
Information Exposure
 Key Management Errors 		CVE-2018-12438 2024-11-21 12:45 2018-06-15 Show GitHub Exploit DB Packet Storm
246705 4.9 MEDIUM
Physics 		libtom
linaro 		libtomcrypt
op-tee 		LibTomCrypt through 1.18.1 allows a memory-cache side-channel attack on ECDSA signatures, aka the Return Of the Hidden Number Problem or ROHNP. To discover an ECDSA key, the attacker needs access to … CWE-200
Information Exposure 		CVE-2018-12437 2024-11-21 12:45 2018-06-15 Show GitHub Exploit DB Packet Storm
246706 4.7 MEDIUM
Local 		wolfssl wolfssl wolfcrypt/src/ecc.c in wolfSSL before 3.15.1.patch allows a memory-cache side-channel attack on ECDSA signatures, aka the Return Of the Hidden Number Problem or ROHNP. To discover an ECDSA key, the a… CWE-200
Information Exposure 		CVE-2018-12436 2024-11-21 12:45 2018-06-15 Show GitHub Exploit DB Packet Storm
246707 5.9 MEDIUM
Local 		botan_project botan Botan 2.5.0 through 2.6.0 before 2.7.0 allows a memory-cache side-channel attack on ECDSA signatures, aka the Return Of the Hidden Number Problem or ROHNP, related to dsa/dsa.cpp, ec_group/ec_group.c… CWE-200
Information Exposure 		CVE-2018-12435 2024-11-21 12:45 2018-06-15 Show GitHub Exploit DB Packet Storm
246708 4.7 MEDIUM
Local 		openbsd libressl LibreSSL before 2.6.5 and 2.7.x before 2.7.4 allows a memory-cache side-channel attack on DSA and ECDSA signatures, aka the Return Of the Hidden Number Problem or ROHNP. To discover a key, the attack… CWE-200
Information Exposure 		CVE-2018-12434 2024-11-21 12:45 2018-06-15 Show GitHub Exploit DB Packet Storm
246709 4.9 MEDIUM
Physics 		cryptlib cryptlib cryptlib through 3.4.4 allows a memory-cache side-channel attack on DSA and ECDSA signatures, aka the Return Of the Hidden Number Problem or ROHNP. To discover a key, the attacker needs access to eit… CWE-200
CWE-320
Information Exposure
 Key Management Errors 		CVE-2018-12433 2024-11-21 12:45 2018-06-15 Show GitHub Exploit DB Packet Storm
246710 6.1 MEDIUM
Network 		javamelody_project javamelody JavaMelody through 1.60.0 has XSS via the counter parameter in a clear_counter action to the /monitoring URI. CWE-79
Cross-site Scripting 		CVE-2018-12432 2024-11-21 12:45 2018-06-15 Show GitHub Exploit DB Packet Storm