Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":July 1, 2026, 6 p.m.

No CVSS Level
Attach Vector
Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show
Exploit
PoC
Search
252491 6.8 警告 Drupal - Drupal の XML パーサにおけるクロスサイトスクリプティングの脆弱性 - CVE-2006-5475 2012-06-26 15:37 2006-10-18 Show GitHub Exploit DB Packet Storm
252492 2.1 注意 Avahi - Avahi における Avahi へのネットワーク変更を傍受される脆弱性 - CVE-2006-5461 2012-06-26 15:37 2006-11-14 Show GitHub Exploit DB Packet Storm
252493 7.5 危険 alex - Download-Engine における PHP リモートファイルインクルージョンの脆弱性 - CVE-2006-5459 2012-06-26 15:37 2006-10-23 Show GitHub Exploit DB Packet Storm
252494 4.3 警告 casinosoft - Casinosoft Casino Script の登録フォームにおけるクロスサイトスクリプティングの脆弱性 - CVE-2006-5457 2012-06-26 15:37 2006-10-23 Show GitHub Exploit DB Packet Storm
252495 4.3 警告 dev - DEV WMS の index.php におけるクロスサイトスクリプティングの脆弱性 - CVE-2006-5447 2012-06-26 15:37 2006-10-23 Show GitHub Exploit DB Packet Storm
252496 5.1 警告 casinosoft - Casinosoft Casino Script の lobby/config.php における SQL インジェクションの脆弱性 - CVE-2006-5446 2012-06-26 15:37 2006-10-23 Show GitHub Exploit DB Packet Storm
252497 7.8 危険 Digium - Asterisk の SIP チャネルドライバ (channels/chan_sip.c) におけるサービス運用妨害 (DoS) の脆弱性 - CVE-2006-5445 2012-06-26 15:37 2006-10-23 Show GitHub Exploit DB Packet Storm
252498 7.5 危険 Digium - Cisco SCCP 電話機で使用される Asterisk の Skinny チャネルドライバにおける整数オーバーフローの脆弱性 - CVE-2006-5444 2012-06-26 15:37 2006-10-23 Show GitHub Exploit DB Packet Storm
252499 7.5 危険 comdev - Comdev Web Blogger の adminfoot.php における PHP リモートファイルインクルージョンの脆弱性 - CVE-2006-5441 2012-06-26 15:37 2006-10-20 Show GitHub Exploit DB Packet Storm
252500 7.5 危険 comdev - Comdev Form Designer の adminfoot.php における PHP リモートファイルインクルージョンの脆弱性 - CVE-2006-5440 2012-06-26 15:37 2006-10-20 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:July 1, 2026, 4:27 a.m.

No CVSS Level
Attach Vector
Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
246481 6.5 MEDIUM
Network
graphicsmagick
debian
graphicsmagick
debian_linux
In GraphicsMagick 1.4 snapshot-20181209 Q8, there is a heap-based buffer overflow in the WriteTGAImage function of tga.c, which allows attackers to cause a denial of service via a crafted image file,… CWE-787
 Out-of-bounds Write
CVE-2018-20184 2024-11-21 13:01 2018-12-18 Show GitHub Exploit DB Packet Storm
246482 6.1 MEDIUM
Network
nagios nagios_xi An issue was discovered in Nagios XI before 5.5.8. The rss_url parameter of rss_dashlet/magpierss/scripts/magpie_slashbox.php is not filtered, resulting in an XSS vulnerability. CWE-79
Cross-site Scripting
CVE-2018-20172 2024-11-21 13:01 2018-12-18 Show GitHub Exploit DB Packet Storm
246483 6.1 MEDIUM
Network
nagios nagios_xi An issue was discovered in Nagios XI before 5.5.8. The url parameter of rss_dashlet/magpierss/scripts/magpie_simple.php is not filtered, resulting in an XSS vulnerability. CWE-79
Cross-site Scripting
CVE-2018-20171 2024-11-21 13:01 2018-12-18 Show GitHub Exploit DB Packet Storm
246484 9.8 CRITICAL
Network
zohocorp manageengine_opmanager Zoho ManageEngine OpManager 12.3 before 123238 allows SQL injection via the getGraphData API. CWE-89
SQL Injection
CVE-2018-20173 2024-11-21 13:01 2018-12-17 Show GitHub Exploit DB Packet Storm
246485 5.3 MEDIUM
Network
openstack keystone OpenStack Keystone through 14.0.1 has a user enumeration vulnerability because invalid usernames have much faster responses than valid ones for a POST /v3/auth/tokens request. NOTE: the vendor's posi… CWE-200
Information Exposure
CVE-2018-20170 2024-11-21 13:01 2018-12-17 Show GitHub Exploit DB Packet Storm
246486 6.8 MEDIUM
Physics
linux
canonical
debian
linux_kernel
ubuntu_linux
debian_linux
An issue was discovered in the Linux kernel before 4.19.9. The USB subsystem mishandles size checks during the reading of an extra descriptor, related to __usb_get_extra_descriptor in drivers/usb/cor… CWE-400
 Uncontrolled Resource Consumption
CVE-2018-20169 2024-11-21 13:01 2018-12-17 Show GitHub Exploit DB Packet Storm
246487 2.3 LOW
Local
ibm qradar_security_information_and_event_manager IBM QRadar SIEM 7.3 and 7.4 n a multi tenant configuration could be vulnerable to information disclosure. IBM X-Force ID: 147440. NVD-CWE-noinfo
CVE-2018-1725 2024-11-21 13:00 2020-11-6 Show GitHub Exploit DB Packet Storm
246488 4.4 MEDIUM
Local
ibm security_rapport IBM Trusteer Rapport/Apex 3.6.1908.22 contains an unused legacy driver which could allow a user with administrator privileges to cause a buffer overflow that would result in a kernel panic. IBM X-For… CWE-120
Classic Buffer Overflow
CVE-2018-1985 2024-11-21 13:00 2020-08-25 Show GitHub Exploit DB Packet Storm
246489 5.5 MEDIUM
Local
yast2-rmt_project
opensuse
suse
yast2-rmt
leap
suse_linux_enterprise_server
A Inclusion of Sensitive Information in Log Files vulnerability in yast2-rmt of SUSE Linux Enterprise Server 15; openSUSE Leap allows local attackers to learn the password if they can access the log … CWE-532
 Inclusion of Sensitive Information in Log Files
CVE-2018-20105 2024-11-21 13:00 2020-01-27 Show GitHub Exploit DB Packet Storm
246490 5.3 MEDIUM
Network
ibm watston_studio_local IBM Watson Studio Local 1.2.3 could disclose sensitive information over the network that an attacked could use in further attacks against the system. IBM X-Force ID: 145238. CWE-200
Information Exposure
CVE-2018-1682 2024-11-21 13:00 2019-12-31 Show GitHub Exploit DB Packet Storm