Vulnerability Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":June 11, 2026, 6:13 p.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
252411	9.3	危険	Nullsoft	-	Winamp の in_mod プラグインにおけるバッファオーバーフローの脆弱性	CWE-119 バッファエラー	CVE-2010-4371	2012-03-27 18:42	2010-11-27	Show	GitHub Exploit DB Packet Storm

252412	9.3	危険	Nullsoft	-	Winamp の in_midi プラグインにおける整数オーバーフローの脆弱性	CWE-189 数値処理の問題	CVE-2010-4370	2012-03-27 18:42	2010-11-27	Show	GitHub Exploit DB Packet Storm

252413	6.4	警告	Laurent Destailleur	-	AWStats におけるディレクトリトラバーサルの脆弱性	CWE-22 パス・トラバーサル	CVE-2010-4369	2012-03-27 18:42	2010-12-2	Show	GitHub Exploit DB Packet Storm

252414	7.5	危険	Laurent Destailleur	-	AWStats における任意のコマンドを実行される脆弱性	CWE-94 コード・インジェクション	CVE-2010-4368	2012-03-27 18:42	2010-12-2	Show	GitHub Exploit DB Packet Storm

252415	6	警告	Bharat Mediratta	-	Menalto Gallery の modules/gallery/models/item.php における任意コードを実行される脆弱性	CWE-Other その他	CVE-2010-4353	2012-03-27 18:42	2011-01-24	Show	GitHub Exploit DB Packet Storm

252416	4.3	警告	Apache Software Foundation	-	libcloud における証明書偽造の脆弱性	CWE-264 認可・権限・アクセス制御	CVE-2010-4340	2012-03-27 18:42	2011-09-12	Show	GitHub Exploit DB Packet Storm

252417	4.3	警告	hypermail-project	-	Hypermail におけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2010-4339	2012-03-27 18:42	2011-01-14	Show	GitHub Exploit DB Packet Storm

252418	6.2	警告	jwilk	-	ocrodjvu における任意のファイルを変更される脆弱性	CWE-59 リンク解釈の問題	CVE-2010-4338	2012-03-27 18:42	2011-01-20	Show	GitHub Exploit DB Packet Storm

252419	3.3	注意	GNU Project	-	gnash の configure スクリプトにおける任意のファイルを上書きされる脆弱性	CWE-59 リンク解釈の問題	CVE-2010-4337	2012-03-27 18:42	2011-01-14	Show	GitHub Exploit DB Packet Storm

252420	7.5	危険	Cake Software Foundation	-	CakePHP の _validatePost 関数における内部 Cake キャッシュを変更される脆弱性	CWE-20 不適切な入力確認	CVE-2010-4335	2012-03-27 18:42	2011-01-14	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:June 12, 2026, 4:20 a.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
246311	8.1	HIGH Network	ruby-lang canonical debian redhat	ruby ubuntu_linux debian_linux enterprise_linux	An issue was discovered in Ruby before 2.3.8, 2.4.x before 2.4.5, 2.5.x before 2.5.2, and 2.6.x before 2.6.0-preview3. It does not taint strings that result from unpacking tainted strings with some f…	NVD-CWE-noinfo	CVE-2018-16396	2024-11-21 12:52	2018-11-17	Show	GitHub Exploit DB Packet Storm

246312	9.8	CRITICAL Network	ruby-lang canonical debian redhat	ruby openssl ubuntu_linux debian_linux enterprise_linux	An issue was discovered in the OpenSSL library in Ruby before 2.3.8, 2.4.x before 2.4.5, 2.5.x before 2.5.2, and 2.6.x before 2.6.0-preview3. When two OpenSSL::X509::Name objects are compared using =…	NVD-CWE-noinfo	CVE-2018-16395	2024-11-21 12:52	2018-11-17	Show	GitHub Exploit DB Packet Storm

246313	6.5	MEDIUM Network	opendolphin	opendolphin	OpenDolphin 2.7.0 and earlier allows authenticated attackers to bypass authentication to create and/or delete other users accounts via unspecified vectors.	NVD-CWE-noinfo	CVE-2018-16163	2024-11-21 12:52	2018-11-16	Show	GitHub Exploit DB Packet Storm

246314	8.8	HIGH Network	opendolphin	opendolphin	OpenDolphin 2.7.0 and earlier allows authenticated attackers to obtain other users credentials such as a user ID and/or its password via unspecified vectors.	NVD-CWE-noinfo	CVE-2018-16162	2024-11-21 12:52	2018-11-16	Show	GitHub Exploit DB Packet Storm

246315	8.8	HIGH Network	opendolphin	opendolphin	OpenDolphin 2.7.0 and earlier allows authenticated users to gain administrative privileges and perform unintended operations.	NVD-CWE-noinfo	CVE-2018-16161	2024-11-21 12:52	2018-11-16	Show	GitHub Exploit DB Packet Storm

246316	7.8	HIGH Local	ftsafe	securecore	SecureCore Standard Edition Version 2.x allows an attacker to bypass the product 's authentication to log in to a Windows PC.	CWE-287 Improper Authentication	CVE-2018-16160	2024-11-21 12:52	2018-11-16	Show	GitHub Exploit DB Packet Storm

246317	7.5	HIGH Network	rack_project	rack	There is a possible DoS vulnerability in the multipart parser in Rack before 2.0.6. Specially crafted requests can cause the multipart parser to enter a pathological state, causing the parser to use …	CWE-400 Uncontrolled Resource Consumption	CVE-2018-16470	2024-11-21 12:52	2018-11-14	Show	GitHub Exploit DB Packet Storm

246318	6.1	MEDIUM Network	rack_project debian	rack debian_linux	There is a possible XSS vulnerability in Rack before 2.0.6 and 1.6.11. Carefully crafted requests can impact the data returned by the `scheme` method on `Rack::Request`. Applications that expect the …	CWE-79 Cross-site Scripting	CVE-2018-16471	2024-11-21 12:52	2018-11-14	Show	GitHub Exploit DB Packet Storm

246319	5.9	MEDIUM Network	axtls_project	axtls	In sig_verify() in x509.c in axTLS version 2.1.3 and before, the PKCS#1 v1.5 signature verification does not properly verify the ASN.1 metadata. Consequently, a remote attacker can forge signatures w…	CWE-347 Improper Verification of Cryptographic Signature	CVE-2018-16253	2024-11-21 12:52	2018-11-8	Show	GitHub Exploit DB Packet Storm

246320	5.9	MEDIUM Network	axtls_project	axtls	In sig_verify() in x509.c in axTLS version 2.1.3 and before, the PKCS#1 v1.5 signature verification does not reject excess data after the hash value. Consequently, a remote attacker can forge signatu…	CWE-347 Improper Verification of Cryptographic Signature	CVE-2018-16150	2024-11-21 12:52	2018-11-8	Show	GitHub Exploit DB Packet Storm

Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed