Vulnerability Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":June 17, 2026, 6 p.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
253061	10	危険	CMS Made Simple	-	CMSMS のNews モジュールにおける詳細不明な脆弱性	CWE-noinfo 情報不足	CVE-2010-4663	2012-03-27 18:42	2011-06-8	Show	GitHub Exploit DB Packet Storm

253062	4.3	警告	Hastymail	-	Hastymail2 におけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2010-4646	2012-03-27 18:42	2011-01-18	Show	GitHub Exploit DB Packet Storm

253063	10	危険	Novell	-	Novell GroupWise の IMAP サーバコンポーネンにおけるメモリ二重解放の脆弱性	CWE-399 リソース管理の問題	CVE-2010-4711	2012-03-27 18:42	2010-11-4	Show	GitHub Exploit DB Packet Storm

253064	4.3	警告	Yahoo!	-	YUI のメニューウィジェットにおけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2010-4710	2012-03-27 18:42	2010-12-16	Show	GitHub Exploit DB Packet Storm

253065	7.5	危険	Joomla!	-	Joomla! における SQL インジェクションの脆弱性	CWE-89 SQLインジェクション	CVE-2010-4696	2012-03-27 18:42	2010-11-4	Show	GitHub Exploit DB Packet Storm

253066	4.3	警告	XWiki	-	XWiki Enterprise におけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2010-4642	2012-03-27 18:42	2010-12-30	Show	GitHub Exploit DB Packet Storm

253067	7.5	危険	XWiki	-	XWiki Enterprise における SQL インジェクションの脆弱性	CWE-89 SQLインジェクション	CVE-2010-4641	2012-03-27 18:42	2010-12-30	Show	GitHub Exploit DB Packet Storm

253068	4.3	警告	XWiki	-	XWiki Watch におけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2010-4640	2012-03-27 18:42	2010-12-30	Show	GitHub Exploit DB Packet Storm

253069	7.5	危険	intendance	-	MySource Matrix の index.php における SQL インジェクションの脆弱性	CWE-89 SQLインジェクション	CVE-2010-4639	2012-03-27 18:42	2010-12-30	Show	GitHub Exploit DB Packet Storm

253070	6.8	警告	iptechinside	-	JQuarks4s コンポーネントの submitSurvey 関数における SQL インジェクションの脆弱性	CWE-89 SQLインジェクション	CVE-2010-4638	2012-03-27 18:42	2010-12-30	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:June 17, 2026, 4:19 a.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
245981	5.5	MEDIUM Local	intel	graphics_driver	Multiple out of bounds read in igdkm64.sys in Intel(R) Graphics Driver for Windows* before versions 10.18.x.5059 (aka 15.33.x.5059), 10.18.x.5057 (aka 15.36.x.5057), 20.19.x.5063 (aka 15.40.x.5063) 2…	CWE-125 Out-of-bounds Read	CVE-2018-18089	2024-11-21 12:55	2019-03-15	Show	GitHub Exploit DB Packet Storm

245982	8.8	HIGH Adjacent	gpsd_project microjson_project debian	gpsd microjson debian_linux	gpsd versions 2.90 to 3.17 and microjson versions 1.0 to 1.3, an open source project, allow a stack-based buffer overflow, which may allow remote attackers to execute arbitrary code on embedded platf…	-	CVE-2018-17937	2024-11-21 12:55	2019-03-14	Show	GitHub Exploit DB Packet Storm

245983	4.9	MEDIUM Network	lexmark	cx725h_firmware cx820_firmware cx825_firmware cx860_firmware xc4150_firmware xc6152_firmware xc8155_firmware xc8160_firmware	On certain Lexmark devices that communicate with an LDAP or SMTP server, a malicious administrator can discover LDAP or SMTP credentials by changing that server's hostname to one that they control, a…	CWE-200 Information Exposure	CVE-2018-17944	2024-11-21 12:55	2019-03-13	Show	GitHub Exploit DB Packet Storm

245984	8.8	HIGH Network	phome	empirecms	EmpireCMS 7.5 allows CSRF for adding a user account via an enews=AddUser action to e/admin/user/ListUser.php, a similar issue to CVE-2018-16339.	CWE-352 Origin Validation Error	CVE-2018-18449	2024-11-21 12:55	2019-03-8	Show	GitHub Exploit DB Packet Storm

245985	9.8	CRITICAL Network	layerbb	layerbb	LayerBB 1.1.1 and 1.1.3 has SQL Injection via the search.php search_query parameter.	CWE-89 SQL Injection	CVE-2018-17988	2024-11-21 12:55	2019-03-8	Show	GitHub Exploit DB Packet Storm

245986	7.3	HIGH Local	symantec	ghost_solution_suite	Symantec Ghost Solution Suite (GSS) versions prior to 3.3 RU1 may be susceptible to a DLL hijacking vulnerability, which is a type of issue whereby a potential attacker attempts to execute unexpected…	CWE-426 Untrusted Search Path	CVE-2018-18364	2024-11-21 12:55	2019-02-9	Show	GitHub Exploit DB Packet Storm

245987	7.5	HIGH Network	trendmicro	dr._safety	A vulnerability in the Private Browser of Trend Micro Dr. Safety for Android (Consumer) versions below 3.0.1478 could allow an remote attacker to bypass the Same Origin Policy (SOP) and obtain sensit…	CWE-200 Information Exposure	CVE-2018-18334	2024-11-21 12:55	2019-02-6	Show	GitHub Exploit DB Packet Storm

245988	7.8	HIGH Local	trendmicro	antivirus_\+_security internet_security maximum_security premium_security	A DLL hijacking vulnerability in Trend Micro Security 2019 (Consumer) versions below 15.0.0.1163 and below could allow an attacker to manipulate a specific DLL and escalate privileges on vulnerable i…	CWE-426 Untrusted Search Path	CVE-2018-18333	2024-11-21 12:55	2019-02-6	Show	GitHub Exploit DB Packet Storm

245989	6.5	MEDIUM Adjacent	abb	cms-770_firmware	The product CMS-770 (Software Versions 1.7.1 and prior)is vulnerable that an attacker can read sensitive configuration files by bypassing the user authentication mechanism.	CWE-287 Improper Authentication	CVE-2018-17928	2024-11-21 12:55	2019-02-1	Show	GitHub Exploit DB Packet Storm

245990	4.3	MEDIUM Adjacent	abb	eth-fw_firmware fw_firmware	The product M2M ETHERNET (FW Versions 2.22 and prior, ETH-FW Versions 1.01 and prior) is vulnerable in that an attacker can upload a malicious language file by bypassing the user authentication mecha…	CWE-287 Improper Authentication	CVE-2018-17926	2024-11-21 12:55	2019-02-1	Show	GitHub Exploit DB Packet Storm

Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed