Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":May 18, 2026, 6 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
256081 10 危険 マイクロソフト - Microsoft Windows の TCP/IP 実装における任意のコードを実行される脆弱性 CWE-94
コード・インジェクション 		CVE-2010-0240 2010-03-1 11:36 2010-02-9 Show GitHub Exploit DB Packet Storm
256082 10 危険 マイクロソフト - Microsoft Windows の TCP/IP 実装における任意のコードを実行される脆弱性 CWE-94
コード・インジェクション 		CVE-2010-0239 2010-03-1 11:36 2010-02-9 Show GitHub Exploit DB Packet Storm
256083 9.3 危険 マイクロソフト - Microsoft Windows の SMB クライアント実装における権限昇格の脆弱性 CWE-362
競合状態 		CVE-2010-0017 2010-03-1 11:35 2010-02-9 Show GitHub Exploit DB Packet Storm
256084 9.3 危険 マイクロソフト - Microsoft Windows の SMB クライアント実装における任意のコードを実行される脆弱性 CWE-20
不適切な入力確認 		CVE-2010-0016 2010-03-1 11:35 2010-02-9 Show GitHub Exploit DB Packet Storm
256085 5 警告 日立 - uCosminexus Portal Framework におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		- 2010-02-26 11:36 2010-01-29 Show GitHub Exploit DB Packet Storm
256086 2.6 注意 tDiary開発プロジェクト - tDiary 付属のプラグイン tb-send.rb におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2010-0726 2010-02-25 15:03 2010-02-25 Show GitHub Exploit DB Packet Storm
256087 4.3 警告 サン・マイクロシステムズ - Sun ONE/iPlanet Web Server における HTTP リクエストを非表示にされる脆弱性 CWE-Other
その他 		CVE-2003-1578 2010-02-25 12:36 2003-11-14 Show GitHub Exploit DB Packet Storm
256088 2.6 注意 サン・マイクロシステムズ - Sun ONE/iPlanet Web Server におけるログファイルに任意のテキストを挿入される脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2003-1577 2010-02-25 12:36 2003-11-14 Show GitHub Exploit DB Packet Storm
256089 5 警告 IBM - IBM WebSphere Application Server の Single Sign-on 機能における重要な情報を取得される脆弱性 CWE-200
情報漏えい 		CVE-2010-0563 2010-02-25 12:35 2010-02-5 Show GitHub Exploit DB Packet Storm
256090 5 警告 アップル - Apple Safari の WebKit における任意の Web サイトにリクエストされる脆弱性 CWE-Other
その他 		CVE-2009-2841 2010-02-25 12:33 2009-11-11 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:May 18, 2026, 4:12 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
11 8.2 HIGH
Network 		- - Zechat 1.5 contains a SQL injection vulnerability in the hashtag parameter that allows unauthenticated attackers to extract database information using union-based techniques. Attackers can exploit th… New CWE-89
SQL Injection 		CVE-2018-25338 2026-05-17 22:16 2026-05-17 Show GitHub Exploit DB Packet Storm
12 4.3 MEDIUM
Network 		- - Joomla JoomOCShop 1.0 contains a cross-site request forgery vulnerability that allows attackers to perform unauthorized actions on behalf of authenticated users. Attackers can craft malicious HTML fo… New CWE-352
 Origin Validation Error 		CVE-2018-25337 2026-05-17 22:16 2026-05-17 Show GitHub Exploit DB Packet Storm
13 5.3 MEDIUM
Network 		- - Joomla jCart for OpenCart 2.3.0.2 contains a cross-site request forgery vulnerability that allows attackers to modify user account information without authentication. Attackers can craft malicious HT… New CWE-352
 Origin Validation Error 		CVE-2018-25336 2026-05-17 22:16 2026-05-17 Show GitHub Exploit DB Packet Storm
14 9.8 CRITICAL
Network 		- - WordPress Plugin Peugeot Music 1.0 contains an arbitrary file upload vulnerability that allows unauthenticated attackers to upload malicious files by sending POST requests to the upload.php endpoint.… New CWE-306
Missing Authentication for Critical Function 		CVE-2018-25335 2026-05-17 22:16 2026-05-17 Show GitHub Exploit DB Packet Storm
15 5.4 MEDIUM
Network 		- - Zechat 1.5 contains a Cross-Site Request Forgery (CSRF) vulnerability that allows an attacker to change a user's information by bypassing anti-CSRF protections. The application uses a CSRF token, but… New CWE-352
 Origin Validation Error 		CVE-2018-25334 2026-05-17 22:16 2026-05-17 Show GitHub Exploit DB Packet Storm
16 8.2 HIGH
Network 		- - Nordex N149/4.0-4.5 Wind Turbine Web Server 4.0 contains an SQL injection vulnerability that allows unauthenticated attackers to execute arbitrary SQL queries by injecting malicious code through the … New CWE-89
SQL Injection 		CVE-2018-25333 2026-05-17 22:16 2026-05-17 Show GitHub Exploit DB Packet Storm
17 9.8 CRITICAL
Network 		- - GitBucket 4.23.1 contains an unauthenticated remote code execution vulnerability that allows attackers to execute arbitrary commands by exploiting weak secret token generation and insecure file uploa… New CWE-306
Missing Authentication for Critical Function 		CVE-2018-25332 2026-05-17 22:16 2026-05-17 Show GitHub Exploit DB Packet Storm
18 6.1 MEDIUM
Network 		- - Zenar Content Management System contains a cross-site scripting vulnerability that allows unauthenticated attackers to inject malicious scripts by manipulating form parameters in POST requests. Attac… New CWE-79
Cross-site Scripting 		CVE-2018-25331 2026-05-17 22:16 2026-05-17 Show GitHub Exploit DB Packet Storm
19 8.2 HIGH
Network 		- - Joomla! extension EkRishta 2.10 contains persistent cross-site scripting and SQL injection vulnerabilities that allow attackers to inject malicious code through profile fields and POST parameters. At… New CWE-89
SQL Injection 		CVE-2018-25330 2026-05-17 22:16 2026-05-17 Show GitHub Exploit DB Packet Storm
20 7.5 HIGH
Network 		- - WordPress Plugin WP with Spritz 1.0 contains a remote file inclusion vulnerability that allows unauthenticated attackers to read arbitrary files by injecting file paths into the url parameter. Attack… New CWE-98
 Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') 		CVE-2018-25329 2026-05-17 22:16 2026-05-17 Show GitHub Exploit DB Packet Storm