Vulnerability Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":June 30, 2026, 6 p.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
256431	4.3	警告	MailEnable	-	MailEnable の ForgottenPassword.aspx におけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2012-0389	2012-01-27 11:01	2012-01-24	Show	GitHub Exploit DB Packet Storm

256432	7.5	危険	Batavi	-	Batavi の ajax.php における SQL インジェクションの脆弱性	CWE-89 SQLインジェクション	CVE-2012-0069	2012-01-27 10:55	2012-01-24	Show	GitHub Exploit DB Packet Storm

256433	10	危険	日立	-	日立の複数の COBOL2002 製品における任意のコードを実行される脆弱性	CWE-noinfo 情報不足	CVE-2012-0918	2012-01-26 16:54	2012-01-20	Show	GitHub Exploit DB Packet Storm

256434	4.3	警告	日立	-	Hitachi IT Operations Director におけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2012-0919	2012-01-26 16:53	2012-01-10	Show	GitHub Exploit DB Packet Storm

256435	4.3	警告	日立	-	Hitachi IT Operations Analyzer におけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2012-0917	2012-01-26 16:49	2012-01-10	Show	GitHub Exploit DB Packet Storm

256436	7.5	危険	Google	-	Google Chrome で使用される Skia におけるサービス運用妨害 (DoS) の脆弱性	CWE-DesignError	CVE-2011-3927	2012-01-25 16:09	2012-01-23	Show	GitHub Exploit DB Packet Storm

256437	7.5	危険	Google	-	Google Chrome の Safe Browsing 機能におけるサービス運用妨害 (ヒープメモリ破損) の脆弱性	CWE-399 リソース管理の問題	CVE-2011-3925	2012-01-25 16:07	2012-01-23	Show	GitHub Exploit DB Packet Storm

256438	4.3	警告	SimpleSAMLphp	-	SimpleSAMLphp の modules/core/www/no_cookie.php におけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2012-0040	2012-01-25 14:16	2012-01-24	Show	GitHub Exploit DB Packet Storm

256439	7.5	危険	Stoneware	-	Stoneware webNetwork における SQL インジェクションの脆弱性	CWE-89 SQLインジェクション	CVE-2012-0912	2012-01-25 14:15	2012-01-23	Show	GitHub Exploit DB Packet Storm

256440	6.8	警告	Stoneware	-	Stoneware webNetwork におけるクロスサイトリクエストフォージェリの脆弱性	CWE-352 同一生成元ポリシー違反	CVE-2012-0286	2012-01-25 14:14	2012-01-23	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:June 30, 2026, 4:22 a.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
246101	6.5	MEDIUM Network	opensuse canonical	libsolv ubuntu_linux	There is an illegal address access at ext/testcase.c in libsolv.a in libsolv through 0.7.2 that will cause a denial of service. NOTE: third parties dispute this issue stating that the issue affects t…	CWE-119 Incorrect Access of Indexable Resource ('Range Error')	CVE-2018-20534	2024-11-21 13:01	2018-12-29	Show	GitHub Exploit DB Packet Storm

246102	6.5	MEDIUM Network	opensuse canonical	libsolv ubuntu_linux	There is a NULL pointer dereference at ext/testcase.c (function testcase_str2dep_complex) in libsolvext.a in libsolv through 0.7.2 that will cause a denial of service.	CWE-476 NULL Pointer Dereference	CVE-2018-20533	2024-11-21 13:01	2018-12-29	Show	GitHub Exploit DB Packet Storm

246103	6.5	MEDIUM Network	opensuse canonical	libsolv ubuntu_linux	There is a NULL pointer dereference at ext/testcase.c (function testcase_read) in libsolvext.a in libsolv through 0.7.2 that will cause a denial of service.	CWE-476 NULL Pointer Dereference	CVE-2018-20532	2024-11-21 13:01	2018-12-29	Show	GitHub Exploit DB Packet Storm

246104	5.4	MEDIUM Network	website_seller_script_project	website_seller_script	PHP Scripts Mall Website Seller Script 2.0.5 has XSS via a Profile field such as Company Address, a related issue to CVE-2018-15896.	CWE-79 Cross-site Scripting	CVE-2018-20530	2024-11-21 13:01	2018-12-29	Show	GitHub Exploit DB Packet Storm

246105	6.5	MEDIUM Network	jeecms	jeecms	JEECMS 9 has SSRF via the ueditor/getRemoteImage.jspx upfile parameter.	CWE-918 Server-Side Request Forgery (SSRF)	CVE-2018-20528	2024-11-21 13:01	2018-12-29	Show	GitHub Exploit DB Packet Storm

246106	6.1	MEDIUM Network	urlchatbox	chat_anywhere	The Chat Anywhere extension 2.4.0 for Chrome allows XSS via crafted use of <<a> in a message, because a danmuWrapper DIV element in chatbox-only\danmu.js is outside the scope of a Content Security Po…	CWE-79 Cross-site Scripting	CVE-2018-20524	2024-11-21 13:01	2018-12-28	Show	GitHub Exploit DB Packet Storm

246107	6.1	MEDIUM Network	1234n	minicms	MiniCMS V1.10 has XSS via the mc-admin/post-edit.php query string, a related issue to CVE-2018-10296 and CVE-2018-16233.	CWE-79 Cross-site Scripting	CVE-2018-20520	2024-11-21 13:01	2018-12-28	Show	GitHub Exploit DB Packet Storm

246108	8.1	HIGH Network	74cms	74cms	An issue was discovered in 74cms v4.2.111. It allows remote authenticated users to read or modify arbitrary resumes by changing a job-search intention, as demonstrated by the index.php?c=Personal&a=a…	CWE-20 Improper Input Validation	CVE-2018-20519	2024-11-21 13:01	2018-12-28	Show	GitHub Exploit DB Packet Storm

246109	5.5	MEDIUM Local	linux debian	linux_kernel debian_linux	An issue was discovered in the Linux kernel before 4.18.11. The ipddp_ioctl function in drivers/net/appletalk/ipddp.c allows local users to obtain sensitive kernel address information by leveraging C…	CWE-200 Information Exposure	CVE-2018-20511	2024-11-21 13:01	2018-12-27	Show	GitHub Exploit DB Packet Storm

246110	9.8	CRITICAL Network	crashfix_project	crashfix	CrashFix 1.0.4 has SQL Injection via the User[status] parameter. This is related to actionIndex in UserController.php, and the protected\models\User.php search() function.	CWE-89 SQL Injection	CVE-2018-20508	2024-11-21 13:01	2018-12-27	Show	GitHub Exploit DB Packet Storm

Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed