Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":June 11, 2026, 2 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
252011 7.2 危険 kernel.org - Linux-PAM の pam_env モジュールにおける意図しない環境でプログラムを実行される脆弱性 CWE-DesignError
CVE-2010-4708 2012-03-27 18:42 2011-01-24 Show GitHub Exploit DB Packet Storm
252012 4.9 警告 kernel.org - Linux-PAM の check_acl 関数におけるサービス運用妨害 (DoS) の脆弱性 CWE-399
リソース管理の問題 		CVE-2010-4707 2012-03-27 18:42 2011-01-24 Show GitHub Exploit DB Packet Storm
252013 4.9 警告 kernel.org - Linux-PAM の pam_sm_close_session 関数における意図しないファイルを削除する脆弱性 CWE-DesignError
CVE-2010-4706 2012-03-27 18:42 2011-01-24 Show GitHub Exploit DB Packet Storm
252014 9.3 危険 FFmpeg - FFmpeg の vorbis_residue_decode_internal 関数における整数オーバーフローの脆弱性 CWE-189
数値処理の問題 		CVE-2010-4705 2012-03-27 18:42 2011-01-22 Show GitHub Exploit DB Packet Storm
252015 4.3 警告 FFmpeg - FFmpeg の libavcodec/vorbis_dec.c におけるサービス運用妨害 (DoS) の脆弱性 CWE-20
不適切な入力確認 		CVE-2010-4704 2012-03-27 18:42 2011-01-22 Show GitHub Exploit DB Packet Storm
252016 7.5 危険 hotwebscripts - HotWebScripts HotWeb Rentals の default.asp における SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2010-4703 2012-03-27 18:42 2011-01-20 Show GitHub Exploit DB Packet Storm
252017 7.5 危険 fxwebdesign - Joomla! の JRadio (com_jradio) コンポーネントにおける SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2010-4702 2012-03-27 18:42 2011-01-20 Show GitHub Exploit DB Packet Storm
252018 5 警告 catb
レッドハット		 - gif2png の特定の Fedora パッチにおける想定しない PNG ファイルを作成される脆弱性 CWE-119
バッファエラー 		CVE-2010-4695 2012-03-27 18:42 2011-01-14 Show GitHub Exploit DB Packet Storm
252019 6.8 警告 catb - gif2png の gif2png.c におけるバッファオーバーフローの脆弱性 CWE-119
バッファエラー 		CVE-2010-4694 2012-03-27 18:42 2011-01-14 Show GitHub Exploit DB Packet Storm
252020 4.3 警告 Coppermine Photo Gallery - CPG におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2010-4693 2012-03-27 18:42 2011-01-10 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:June 11, 2026, 5:13 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
246321 8.8 HIGH
Network 		icmsdev icms An issue was discovered in admincp.php in idreamsoft iCMS 7.0.11. When verifying CSRF_TOKEN, if CSRF_TOKEN does not exist, only the Referer header is validated, which can be bypassed via an admincp.p… CWE-352
 Origin Validation Error 		CVE-2018-16314 2024-11-21 12:52 2018-09-2 Show GitHub Exploit DB Packet Storm
246322 6.1 MEDIUM
Network 		bludit bludit Bludit 2.3.4 allows XSS via a user name. CWE-79
Cross-site Scripting 		CVE-2018-16313 2024-11-21 12:52 2018-09-2 Show GitHub Exploit DB Packet Storm
246323 8.6 HIGH
Local 		ninjaforms ninja_forms The Ninja Forms plugin before 3.3.14.1 for WordPress allows CSV injection. CWE-1236
 Improper Neutralization of Formula Elements in a CSV File 		CVE-2018-16308 2024-11-21 12:52 2018-09-2 Show GitHub Exploit DB Packet Storm
246324 7.5 HIGH
Network 		tracker-software pdf-xchange_editor PDF-XChange Editor through 7.0.326.1 allows remote attackers to cause a denial of service (resource consumption) via a crafted x:xmpmeta structure, a related issue to CVE-2003-1564. CWE-611
XXE 		CVE-2018-16303 2024-11-21 12:52 2018-09-1 Show GitHub Exploit DB Packet Storm
246325 7.8 HIGH
Local 		mc1soft zip-n-go MediaComm Zip-n-Go before 4.95 has a Buffer Overflow via a crafted file. CWE-119
Incorrect Access of Indexable Resource ('Range Error')  		CVE-2018-16302 2024-11-21 12:52 2018-09-1 Show GitHub Exploit DB Packet Storm
246326 6.1 MEDIUM
Network 		1234n minicms An issue was discovered in MiniCMS 1.10. There is an mc-admin/post.php?tag= XSS vulnerability for a state=delete, state=draft, or state=publish request. CWE-79
Cross-site Scripting 		CVE-2018-16298 2024-11-21 12:52 2018-09-1 Show GitHub Exploit DB Packet Storm
246327 9.8 CRITICAL
Network 		phpkaiyuancms phpopensourcecms phpkaiyuancms PhpOpenSourceCMS (POSCMS) V3.2.0 allows an unauthenticated user to execute arbitrary SQL commands via the diy/module/member/controllers/Api.php ajax_save_draft function with the dir par… CWE-89
SQL Injection 		CVE-2018-16278 2024-11-21 12:52 2018-09-1 Show GitHub Exploit DB Packet Storm
246328 7.8 HIGH
Local 		linux
debian
canonical 		linux_kernel
debian_linux
ubuntu_linux 		An issue was discovered in yurex_read in drivers/usb/misc/yurex.c in the Linux kernel before 4.17.7. Local attackers could use user access read/writes with incorrect bounds checking in the yurex USB … CWE-787
 Out-of-bounds Write 		CVE-2018-16276 2024-11-21 12:52 2018-09-1 Show GitHub Exploit DB Packet Storm
246329 7.8 HIGH
Local 		opswat metadefender OPSWAT MetaDefender before v4.11.2 allows CSV injection. CWE-1236
 Improper Neutralization of Formula Elements in a CSV File 		CVE-2018-16275 2024-11-21 12:52 2018-08-31 Show GitHub Exploit DB Packet Storm
246330 9.8 CRITICAL
Network 		damicms damicms An issue was discovered in damiCMS V6.0.1. It relies on the PHP time() function for cookies, which makes it possible to determine the cookie for an existing admin session via 10800 guesses. CWE-330
 Use of Insufficiently Random Values 		CVE-2018-16239 2024-11-21 12:52 2018-08-31 Show GitHub Exploit DB Packet Storm