Vulnerability Search Top

Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

Vulnerability Information Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":June 21, 2026, noon

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
253661	9.3	危険	VideoLAN	-	VideoLAN VLC Media Player の libdirectx_plugin.dll における任意のコードを実行される脆弱性	CWE-119 バッファエラー	CVE-2010-3275	2012-03-27 18:42	2011-03-28	Show	GitHub Exploit DB Packet Storm

253662	4.3	警告	Zoho Corporation	-	ZOHO ManageEngine ADSelfService Plus の Employee Search Engine におけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2010-3274	2012-03-27 18:42	2011-02-17	Show	GitHub Exploit DB Packet Storm

253663	5	警告	Zoho Corporation	-	ZOHO ManageEngine ADSelfService Plus における任意のユーザアカウントへのアクセスを取得される脆弱性	CWE-20 不適切な入力確認	CVE-2010-3273	2012-03-27 18:42	2011-02-17	Show	GitHub Exploit DB Packet Storm

253664	4.3	警告	Zoho Corporation	-	ZOHO ManageEngine ADSelfService Plus の security-questions 実装における任意のユーザアカウントへのアクセスを取得される脆弱性	CWE-20 不適切な入力確認	CVE-2010-3272	2012-03-27 18:42	2011-02-17	Show	GitHub Exploit DB Packet Storm

253665	6.8	警告	IBM	-	IBM WAS の Integrated Solutions Console におけるクロスサイトリクエストフォージェリの脆弱性	CWE-352 同一生成元ポリシー違反	CVE-2010-3271	2012-03-27 18:42	2011-07-18	Show	GitHub Exploit DB Packet Storm

253666	6.8	警告	シスコシステムズ	-	Cisco WebEx Meeting Center T27LB におけるスタックベースのバッファオーバーフローの脆弱性	CWE-119 バッファエラー	CVE-2010-3270	2012-03-27 18:42	2011-02-1	Show	GitHub Exploit DB Packet Storm

253667	9.3	危険	シスコシステムズ	-	Cisco WRF および ARF Player T27LB におけるスタックベースのバッファオーバーフローの脆弱性	CWE-119 バッファエラー	CVE-2010-3269	2012-03-27 18:42	2011-02-1	Show	GitHub Exploit DB Packet Storm

253668	6.4	警告	orbeon	-	Orbeon Forms の XForms サービスの xforms-server コンポーネントにおけるイントラネットサーバへ HTTP リクエストを送信される脆弱性	CWE-264 認可・権限・アクセス制御	CVE-2010-3260	2012-03-27 18:42	2011-04-26	Show	GitHub Exploit DB Packet Storm

253669	5	警告	シマンテックインテル	-	Symantec Antivirus Corporate Edition などで使用される Intel AMS の GetStringAMSHandler 関数におけるサービス運用妨害 (DoS) の脆弱性	CWE-20 不適切な入力確認	CVE-2010-3268	2012-03-27 18:42	2010-12-22	Show	GitHub Exploit DB Packet Storm

253670	6.5	警告	ifdefined	-	BugTracker.NET における SQL インジェクションの脆弱性	CWE-89 SQLインジェクション	CVE-2010-3267	2012-03-27 18:42	2010-12-2	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:June 21, 2026, 4:01 a.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
245901	9.8	CRITICAL Network	thinkphp	thinkphp	ThinkPHP 3.2.4 has SQL Injection via the count parameter because the Library/Think/Db/Driver/Mysql.class.php parseKey function mishandles the key variable. NOTE: a backquote character is not required…	CWE-89 SQL Injection	CVE-2018-18529	2024-11-21 12:56	2018-10-20	Show	GitHub Exploit DB Packet Storm

245902	9.8	CRITICAL Network	owndms	ownticket	OwnTicket 2018-05-23 allows SQL Injection via the showTicketId or editTicketStatusId parameter.	CWE-89 SQL Injection	CVE-2018-18527	2024-11-21 12:56	2018-10-20	Show	GitHub Exploit DB Packet Storm

245903	5.5	MEDIUM Local	elfutils_project debian redhat opensuse canonical	elfutils debian_linux enterprise_linux_desktop enterprise_linux_workstation enterprise_linux_server leap ubuntu_linux	Divide-by-zero vulnerabilities in the function arlib_add_symbols() in arlib.c in elfutils 0.174 allow remote attackers to cause a denial of service (application crash) with a crafted ELF file, as dem…	CWE-369 Divide By Zero	CVE-2018-18521	2024-11-21 12:56	2018-10-20	Show	GitHub Exploit DB Packet Storm

245904	6.5	MEDIUM Network	elfutils_project debian canonical opensuse redhat	elfutils debian_linux ubuntu_linux leap enterprise_linux_desktop enterprise_linux_workstation enterprise_linux_server	An Invalid Memory Address Dereference exists in the function elf_end in libelf in elfutils through v0.174. Although eu-size is intended to support ar files inside ar files, handle_ar in size.c closes…	CWE-119 Incorrect Access of Indexable Resource ('Range Error')	CVE-2018-18520	2024-11-21 12:56	2018-10-20	Show	GitHub Exploit DB Packet Storm

245905	9.8	CRITICAL Network	gxlcms	gxlcms	In \lib\admin\action\dataaction.class.php in Gxlcms v2.0, SQL Injection exists via the ids[] parameter.	CWE-89 SQL Injection	CVE-2018-18488	2024-11-21 12:56	2018-10-19	Show	GitHub Exploit DB Packet Storm

245906	7.5	HIGH Network	gxlcms	gxlcms	In \lib\admin\action\dataaction.class.php in Gxlcms v2.0, the database backup filename generation uses mt_rand() unsafely, resulting in predictable database backup file locations.	CWE-200 Information Exposure	CVE-2018-18487	2024-11-21 12:56	2018-10-19	Show	GitHub Exploit DB Packet Storm

245907	9.8	CRITICAL Network	phpshe	phpshe	An issue was discovered in PHPSHE 1.7. SQL injection exists via the admin.php?mod=user&act=del user_id[] parameter.	CWE-89 SQL Injection	CVE-2018-18486	2024-11-21 12:56	2018-10-19	Show	GitHub Exploit DB Packet Storm

245908	7.5	HIGH Network	phpshe	phpshe	An issue was discovered in PHPSHE 1.7. admin.php?mod=db&act=del allows remote attackers to delete arbitrary files via directory traversal sequences in the dbname parameter. This can be leveraged to r…	CWE-22 Path Traversal	CVE-2018-18485	2024-11-21 12:56	2018-10-19	Show	GitHub Exploit DB Packet Storm

245909	5.5	MEDIUM Local	gnu	binutils	An issue was discovered in cp-demangle.c in GNU libiberty, as distributed in GNU Binutils 2.31. Stack Exhaustion occurs in the C++ demangling functions provided by libiberty, and there is a stack con…	CWE-674 Uncontrolled Recursion	CVE-2018-18484	2024-11-21 12:56	2018-10-19	Show	GitHub Exploit DB Packet Storm

245910	7.8	HIGH Local	gnu	binutils	The get_count function in cplus-dem.c in GNU libiberty, as distributed in GNU Binutils 2.31, allows remote attackers to cause a denial of service (malloc called with the result of an integer-overflow…	CWE-190 Integer Overflow or Wraparound	CVE-2018-18483	2024-11-21 12:56	2018-10-19	Show	GitHub Exploit DB Packet Storm