Vulnerability Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":May 31, 2026, 6 p.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
252101	9.3	危険	マイクロソフト AB Team	-	Microsoft Windows XP で利用される Indeo コーデックにおける権限昇格の脆弱性	CWE-Other その他	CVE-2010-3138	2012-02-16 16:14	2010-08-27	Show	GitHub Exploit DB Packet Storm

252102	4.4	警告	マイクロソフト	-	Microsoft Windows Server 2008 の colorcpl.exe における権限昇格の脆弱性	CWE-Other その他	CVE-2010-5082	2012-02-16 16:04	2012-01-17	Show	GitHub Exploit DB Packet Storm

252103	9.3	危険	アップルマイクロソフト	-	Microsoft Windows 7 Professional 64-bit におけるサービス運用妨害 (DoS) の脆弱性	CWE-20 不適切な入力確認	CVE-2011-5046	2012-02-16 11:40	2011-12-30	Show	GitHub Exploit DB Packet Storm

252104	4.3	警告	アドビシステムズ	-	Adobe RoboHelp for Word におけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2012-0765	2012-02-16 11:27	2012-02-14	Show	GitHub Exploit DB Packet Storm

252105	10	危険	アドビシステムズ	-	Adobe Shockwave Player の Shockwave 3D Asset コンポーネントにおける任意のコードを実行される脆弱性	CWE-119 バッファエラー	CVE-2012-0766	2012-02-16 11:23	2012-02-14	Show	GitHub Exploit DB Packet Storm

252106	10	危険	アドビシステムズ	-	Adobe Shockwave Player の Shockwave 3D Asset コンポーネントにおける任意のコードを実行される脆弱性	CWE-119 バッファエラー	CVE-2012-0764	2012-02-16 11:23	2012-02-14	Show	GitHub Exploit DB Packet Storm

252107	10	危険	アドビシステムズ	-	Adobe Shockwave Player の Shockwave 3D Asset コンポーネントにおける任意のコードを実行される脆弱性	CWE-119 バッファエラー	CVE-2012-0763	2012-02-16 11:21	2012-02-14	Show	GitHub Exploit DB Packet Storm

252108	10	危険	アドビシステムズ	-	Adobe Shockwave Player の Shockwave 3D Asset コンポーネントにおける任意のコードを実行される脆弱性	CWE-119 バッファエラー	CVE-2012-0762	2012-02-16 11:13	2012-02-14	Show	GitHub Exploit DB Packet Storm

252109	10	危険	アドビシステムズ	-	Adobe Shockwave Player の Shockwave 3D Asset コンポーネントにおける任意のコードを実行される脆弱性	CWE-119 バッファエラー	CVE-2012-0761	2012-02-16 11:09	2012-02-14	Show	GitHub Exploit DB Packet Storm

252110	10	危険	アドビシステムズ	-	Adobe Shockwave Player の Shockwave 3D Asset コンポーネントにおける任意のコードを実行される脆弱性	CWE-119 バッファエラー	CVE-2012-0760	2012-02-16 11:06	2012-02-14	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:May 31, 2026, 4:16 a.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
246731	6.5	MEDIUM Network	libmobi_project	libmobi	The mobi_parse_index_entry function in index.c in Libmobi 0.3 allows remote attackers to cause an information disclosure (heap-based buffer over-read) via a crafted mobi file.	CWE-125 Out-of-bounds Read	CVE-2018-11725	2024-11-21 12:43	2018-06-20	Show	GitHub Exploit DB Packet Storm

246732	8.8	HIGH Network	libmobi_project	libmobi	The mobi_pk1_decrypt function in encryption.c in Libmobi 0.3 allows remote attackers to cause a denial of service (heap-based buffer overflow) or possibly have unspecified other impact via a crafted …	CWE-125 Out-of-bounds Read	CVE-2018-11724	2024-11-21 12:43	2018-06-20	Show	GitHub Exploit DB Packet Storm

246733	5.5	MEDIUM Local	libpff_project	libpff	The libpff_name_to_id_map_entry_read function in libpff_name_to_id_map.c in libyal libpff through 2018-04-28 allows remote attackers to cause an information disclosure (heap-based buffer over-read) v…	CWE-125 Out-of-bounds Read	CVE-2018-11723	2024-11-21 12:43	2018-06-20	Show	GitHub Exploit DB Packet Storm

246734	6.5	MEDIUM Network	auth0	angular-jwt	Auth0 angular-jwt before 0.1.10 treats whiteListedDomains entries as regular expressions, which allows remote attackers with knowledge of the jwtInterceptorProvider.whiteListedDomains setting to bypa…	CWE-20 Improper Input Validation	CVE-2018-11537	2024-11-21 12:43	2018-06-20	Show	GitHub Exploit DB Packet Storm

246735	7.8	HIGH Local	webtoffee	wordpress_comments_import_and_export	The plugin "WordPress Comments Import & Export" for WordPress (v2.0.4 and before) is vulnerable to CSV Injection.	CWE-1236 Improper Neutralization of Formula Elements in a CSV File	CVE-2018-11526	2024-11-21 12:43	2018-06-20	Show	GitHub Exploit DB Packet Storm

246736	7.8	HIGH Local	algolplus	advanced_order_export_for_woocommerce	The plugin "Advanced Order Export For WooCommerce" for WordPress (v1.5.4 and before) is vulnerable to CSV Injection.	CWE-1236 Improper Neutralization of Formula Elements in a CSV File	CVE-2018-11525	2024-11-21 12:43	2018-06-20	Show	GitHub Exploit DB Packet Storm

246737	6.1	MEDIUM Network	oauth2orize-fprm_project	oauth2orize-fprm	index.js in oauth2orize-fprm before 0.2.1 has XSS via a crafted URL.	CWE-79 Cross-site Scripting	CVE-2018-11647	2024-11-21 12:43	2018-06-18	Show	GitHub Exploit DB Packet Storm

246738	6.1	MEDIUM Network	balbooa	gridbox	The Balbooa Gridbox extension version 2.4.0 and previous versions for Joomla! is vulnerable to cross-site scripting, caused by improper validation of user-supplied input. A remote attacker could expl…	CWE-79 Cross-site Scripting	CVE-2018-11690	2024-11-21 12:43	2018-06-15	Show	GitHub Exploit DB Packet Storm

246739	6.1	MEDIUM Network	samsung hanwha-security	smartviewer hrd-1642_firmware hrd-842_firmware hrd-442_firmware hrd-1641_firmware hrd-841_firmware hrd-840_firmware hrd-440_firmware hrd-443_firmware srd-1694u_firmware	Web Viewer for Hanwha DVR 2.17 and Smart Viewer in Samsung Web Viewer for Samsung DVR are vulnerable to XSS via the /cgi-bin/webviewer_login_page data3 parameter. (The same Web Viewer codebase was tr…	CWE-79 Cross-site Scripting	CVE-2018-11689	2024-11-21 12:43	2018-06-15	Show	GitHub Exploit DB Packet Storm

246740	9.8	CRITICAL Network	point-to-point_protocol_project canonical	point-to-point_protocol ubuntu_linux	Improper input validation together with an integer overflow in the EAP-TLS protocol implementation in PPPD may cause a crash, information disclosure, or authentication bypass. This implementation is …	CWE-20 CWE-190 Improper Input Validation Integer Overflow or Wraparound	CVE-2018-11574	2024-11-21 12:43	2018-06-15	Show	GitHub Exploit DB Packet Storm

Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed