Vulnerability Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":April 29, 2026, 6 p.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
253001	4.3	警告	オラクル	-	Oracle Application Server の J2EE コンポーネントにおける脆弱性	CWE-noinfo 情報不足	CVE-2010-0070	2010-02-15 19:31	2010-01-12	Show	GitHub Exploit DB Packet Storm

253002	5	警告	オラクル	-	Oracle Application Server の J2EE コンポーネントにおける脆弱性	CWE-noinfo 情報不足	CVE-2010-0067	2010-02-15 19:31	2010-01-12	Show	GitHub Exploit DB Packet Storm

253003	5	警告	オラクル	-	Oracle Application Server の Access Manager Identity Server コンポーネントにおける脆弱性	CWE-noinfo 情報不足	CVE-2010-0066	2010-02-15 19:31	2010-01-12	Show	GitHub Exploit DB Packet Storm

253004	7.8	危険	サイバートラスト株式会社 Linux レッドハット	-	Linux kernel の e1000_clean_rx_irq 関数における整数アンダーフローの脆弱性	CWE-189 数値処理の問題	CVE-2009-1385	2010-02-15 11:03	2009-06-4	Show	GitHub Exploit DB Packet Storm

253005	4.6	警告	サイバートラスト株式会社 Todd C. Miller	-	sudo の Perl スクリプト実行時における権限昇格の脆弱性	-	CVE-2005-4158	2010-02-15 11:03	2005-11-8	Show	GitHub Exploit DB Packet Storm

253006	1	注意	オラクル	-	Oracle Database および Oracle Application Server の Unzip コンポーネントにおける脆弱性	CWE-noinfo 情報不足	CVE-2009-3412	2010-02-12 12:22	2010-01-12	Show	GitHub Exploit DB Packet Storm

253007	3.2	注意	オラクル	-	Oracle Database の Oracle Spatial コンポーネントにおける脆弱性	CWE-noinfo 情報不足	CVE-2009-3413	2010-02-12 12:22	2010-01-12	Show	GitHub Exploit DB Packet Storm

253008	3.6	注意	オラクル	-	Oracle Database の RDBMS コンポーネントにおける脆弱性	CWE-noinfo 情報不足	CVE-2009-3410	2010-02-12 12:21	2010-01-12	Show	GitHub Exploit DB Packet Storm

253009	4	警告	オラクル	-	Oracle Database の Logical Standby コンポーネントにおける脆弱性	CWE-noinfo 情報不足	CVE-2009-1996	2010-02-12 12:21	2010-01-12	Show	GitHub Exploit DB Packet Storm

253010	4.9	警告	オラクル	-	Oracle Database の Oracle Spatial コンポーネントにおける脆弱性	CWE-noinfo 情報不足	CVE-2009-3414	2010-02-12 12:21	2010-01-12	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:April 29, 2026, 4:51 a.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
249301	9.8	CRITICAL Network	xv_project opensuse	xv leap	xvpng.c in xv 3.10a has memory corruption (out-of-bounds write) when decoding PNG comment fields, leading to crashes or potentially code execution, because it uses an incorrect length value.	CWE-787 Out-of-bounds Write	CVE-2017-18215	2024-11-21 12:19	2018-03-6	Show	GitHub Exploit DB Packet Storm

249302	7.5	HIGH Network	momentjs tenable	moment nessus	The moment module before 2.19.3 for Node.js is prone to a regular expression denial of service via a crafted date string, a different vulnerability than CVE-2016-4055.	CWE-400 Uncontrolled Resource Consumption	CVE-2017-18214	2024-11-21 12:19	2018-03-5	Show	GitHub Exploit DB Packet Storm

249303	7.2	HIGH Network	exponentcms	exponent_cms	In Exponent CMS before 2.4.1 Patch #6, certain admin users can elevate their privileges.	NVD-CWE-noinfo	CVE-2017-18213	2024-11-21 12:19	2018-03-4	Show	GitHub Exploit DB Packet Storm

249304	9.8	CRITICAL Network	jerryscript	jerryscript	An issue was discovered in JerryScript 1.0. There is a heap-based buffer over-read in the lit_read_code_unit_from_hex function in lit/lit-char-helpers.c via a RegExp("[\x0"); payload.	CWE-125 Out-of-bounds Read	CVE-2017-18212	2024-11-21 12:19	2018-03-2	Show	GitHub Exploit DB Packet Storm

249305	9.8	CRITICAL Network	imagemagick canonical	imagemagick ubuntu_linux	In ImageMagick 7.0.7, a NULL pointer dereference vulnerability was found in the function saveBinaryCLProgram in magick/opencl.c because a program-lookup result is not checked, related to CacheOpenCLK…	CWE-476 NULL Pointer Dereference	CVE-2017-18211	2024-11-21 12:19	2018-03-2	Show	GitHub Exploit DB Packet Storm

249306	9.8	CRITICAL Network	imagemagick	imagemagick	In ImageMagick 7.0.7, a NULL pointer dereference vulnerability was found in the function BenchmarkOpenCLDevices in MagickCore/opencl.c because a memory allocation result is not checked.	CWE-476 NULL Pointer Dereference	CVE-2017-18210	2024-11-21 12:19	2018-03-2	Show	GitHub Exploit DB Packet Storm

249307	8.8	HIGH Network	imagemagick canonical	imagemagick ubuntu_linux	In the GetOpenCLCachedFilesDirectory function in magick/opencl.c in ImageMagick 7.0.7, a NULL pointer dereference vulnerability occurs because a memory allocation result is not checked, related to Ge…	CWE-476 NULL Pointer Dereference	CVE-2017-18209	2024-11-21 12:19	2018-03-2	Show	GitHub Exploit DB Packet Storm

249308	5.5	MEDIUM Local	linux	linux_kernel	The madvise_willneed function in mm/madvise.c in the Linux kernel before 4.14.4 allows local users to cause a denial of service (infinite loop) by triggering use of MADVISE_WILLNEED for a DAX mapping.	CWE-835 Loop with Unreachable Exit Condition ('Infinite Loop')	CVE-2017-18208	2024-11-21 12:19	2018-03-1	Show	GitHub Exploit DB Packet Storm

249309	6.5	MEDIUM Network	python	python	The Wave_read._read_fmt_chunk function in Lib/wave.py in Python through 3.6.4 does not ensure a nonzero channel value, which allows attackers to cause a denial of service (divide-by-zero and exceptio…	CWE-369 Divide By Zero	CVE-2017-18207	2024-11-21 12:19	2018-03-1	Show	GitHub Exploit DB Packet Storm

249310	9.8	CRITICAL Network	zsh canonical	zsh ubuntu_linux	In utils.c in zsh before 5.4, symlink expansion had a buffer overflow.	CWE-119 Incorrect Access of Indexable Resource ('Range Error')	CVE-2017-18206	2024-11-21 12:19	2018-02-28	Show	GitHub Exploit DB Packet Storm

Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed