Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":June 27, 2026, 6 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
254351 7.5 危険 jurpo - Jurpopage の index.php における SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2010-4359 2012-03-27 18:42 2010-12-1 Show GitHub Exploit DB Packet Storm
254352 4.3 警告 mrcgiguy - MCG Guestbook の gb.cgi におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2010-4358 2012-03-27 18:42 2010-12-1 Show GitHub Exploit DB Packet Storm
254353 7.5 危険 boka - SiteEngine の comments.php における SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2010-4357 2012-03-27 18:42 2010-12-1 Show GitHub Exploit DB Packet Storm
254354 7.5 危険 site2nite - Site2Nite Big Truck Broker の news_default.asp における SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2010-4356 2012-03-27 18:42 2010-12-1 Show GitHub Exploit DB Packet Storm
254355 3.5 注意 dadabik - DaDaBIK におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2010-4355 2012-03-27 18:42 2010-12-1 Show GitHub Exploit DB Packet Storm
254356 5.1 警告 MantisBT Group - MantisBT の admin/upgrade_unattended.php におけるディレクトリトラバーサルの脆弱性 CWE-22
パス・トラバーサル 		CVE-2010-4350 2012-03-27 18:42 2010-12-14 Show GitHub Exploit DB Packet Storm
254357 5 警告 MantisBT Group - MantisBT の admin/upgrade_unattended.php における重要な情報を取得される脆弱性 CWE-200
情報漏えい 		CVE-2010-4349 2012-03-27 18:42 2010-12-14 Show GitHub Exploit DB Packet Storm
254358 4.3 警告 MantisBT Group - MantisBT の admin/upgrade_unattended.php におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2010-4348 2012-03-27 18:42 2010-12-14 Show GitHub Exploit DB Packet Storm
254359 7.1 危険 Linux - Linux kernel の aun_incoming 関数におけるサービス運用妨害 (DoS) の脆弱性 CWE-399
リソース管理の問題 		CVE-2010-4342 2012-03-27 18:42 2010-12-30 Show GitHub Exploit DB Packet Storm
254360 5 警告 collectd - collectd の cu_rrd_create_file 関数 (src/utils_rrdcreate.c) におけるサービス運用妨害 (DoS) の脆弱性 CWE-399
リソース管理の問題 		CVE-2010-4336 2012-03-27 18:42 2010-11-27 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:June 28, 2026, 4:01 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
246111 5.5 MEDIUM
Local 		qemu
canonical
fedoraproject 		qemu
ubuntu_linux
fedora 		pvrdma_realize in hw/rdma/vmw/pvrdma_main.c in QEMU has a Memory leak after an initialisation error. CWE-772
 Missing Release of Resource after Effective Lifetime 		CVE-2018-20123 2024-11-21 13:00 2018-12-18 Show GitHub Exploit DB Packet Storm
246112 7.5 HIGH
Network 		ptc thingworx_platform PTC ThingWorx Platform through 8.3.0 is vulnerable to a directory traversal attack on ZIP files via a POST request. CWE-22
Path Traversal 		CVE-2018-20092 2024-11-21 13:00 2018-12-18 Show GitHub Exploit DB Packet Storm
246113 5.4 MEDIUM
Network 		ibm security_guardium IBM Security Guardium 10 and 10.5 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality pote… CWE-79
Cross-site Scripting 		CVE-2018-1891 2024-11-21 13:00 2018-12-18 Show GitHub Exploit DB Packet Storm
246114 5.4 MEDIUM
Network 		ibm security_guardium IBM Security Guardium 10.0 and 10.5 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality po… CWE-79
Cross-site Scripting 		CVE-2018-1889 2024-11-21 13:00 2018-12-18 Show GitHub Exploit DB Packet Storm
246115 9.8 CRITICAL
Network 		lisa-lab pylearn2 The yaml_parse.load method in Pylearn2 allows code injection. CWE-94
Code Injection 		CVE-2018-20027 2024-11-21 13:00 2018-12-18 Show GitHub Exploit DB Packet Storm
246116 5.5 MEDIUM
Local 		google gvisor Google gVisor before 2018-08-22 reuses a pagetable in a different level with the paging-structure cache intact, which allows attackers to cause a denial of service ("physical address not valid" panic… CWE-20
 Improper Input Validation  		CVE-2018-20168 2024-11-21 13:00 2018-12-17 Show GitHub Exploit DB Packet Storm
246117 6.5 MEDIUM
Adjacent 		blinkforhome sync_module A design flaw in the BlinkForHome (aka Blink For Home) Sync Module 2.10.4 and earlier allows attackers to disable cameras via Wi-Fi, because incident clips (triggered by the motion sensor) are not sa… NVD-CWE-noinfo
CVE-2018-20161 2024-11-21 13:00 2018-12-15 Show GitHub Exploit DB Packet Storm
246118 7.5 HIGH
Network 		openrefine openrefine The data import functionality in OpenRefine through 3.1 allows an XML External Entity (XXE) attack through a crafted (zip) file, allowing attackers to read arbitrary files. CWE-611
XXE 		CVE-2018-20157 2024-11-21 13:00 2018-12-15 Show GitHub Exploit DB Packet Storm
246119 7.8 HIGH
Local 		enlightenment terminology Terminology before 1.3.1 allows Remote Code Execution because popmedia is mishandled, as demonstrated by an unsafe "cat README.md" command when \e}pn is used. A popmedia control sequence can allow th… CWE-74
Injection 		CVE-2018-20167 2024-11-21 13:00 2018-12-17 Show GitHub Exploit DB Packet Storm
246120 7.2 HIGH
Network 		i-doit i-doit i-doit open 1.11.2 allows Remote Code Execution because ZIP archives are mishandled. It has an upload feature that allows an authenticated user with the administrator role to upload arbitrary files t… CWE-20
 Improper Input Validation  		CVE-2018-20159 2024-11-21 13:00 2018-12-15 Show GitHub Exploit DB Packet Storm