Vulnerability Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":June 18, 2026, 6 p.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
256641	7.5	危険	Google	-	Google Chrome におけるサービス運用妨害 (DoS) の脆弱性	CWE-399 リソース管理の問題	CVE-2011-2346	2011-07-20 10:51	2011-06-28	Show	GitHub Exploit DB Packet Storm

256642	5	警告	Google	-	Google Chrome の NPAPI 実装におけるサービス運用妨害 (out-of-bounds read) の脆弱性	CWE-119 バッファエラー	CVE-2011-2345	2011-07-20 10:50	2011-06-28	Show	GitHub Exploit DB Packet Storm

256643	7.5	危険	Google	-	Google Chrome の DOM 実装における同一生成元ポリシーを回避される脆弱性	CWE-264 認可・権限・アクセス制御	CVE-2011-2342	2011-07-20 10:49	2011-06-7	Show	GitHub Exploit DB Packet Storm

256644	7.5	危険	Google	-	Google Chrome にて使用される Google V8 における同一生成元ポリシーを回避される脆弱性	CWE-264 認可・権限・アクセス制御	CVE-2011-2332	2011-07-20 10:48	2011-06-7	Show	GitHub Exploit DB Packet Storm

256645	5	警告	Google	-	Google Chrome におけるタブページにスクリプトを挿入される脆弱性	CWE-noinfo 情報不足	CVE-2011-1815	2011-07-19 10:03	2011-06-7	Show	GitHub Exploit DB Packet Storm

256646	5	警告	Google	-	Google Chrome におけるサービス運用妨害 (DoS) の脆弱性	CWE-20 CWE-399	CVE-2011-1814	2011-07-19 10:02	2011-06-7	Show	GitHub Exploit DB Packet Storm

256647	7.5	危険	Google	-	Google Chrome におけるサービス運用妨害 (DoS) の脆弱性	CWE-20 不適切な入力確認	CVE-2011-1813	2011-07-19 10:01	2011-06-7	Show	GitHub Exploit DB Packet Storm

256648	5	警告	Google	-	Google Chrome におけるサービス運用妨害 (アプリケーションクラッシュ) の脆弱性	CWE-20 不適切な入力確認	CVE-2011-1811	2011-07-19 10:00	2011-06-7	Show	GitHub Exploit DB Packet Storm

256649	7.5	危険	Google	-	Google Chrome におけるアクセス制限を回避される脆弱性	CWE-264 認可・権限・アクセス制御	CVE-2011-1812	2011-07-19 09:59	2011-06-7	Show	GitHub Exploit DB Packet Storm

256650	4.3	警告	マイクロソフト	-	ASP.NET におけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	-	2011-07-15 12:02	2011-07-15	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:June 19, 2026, 4:01 a.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
245901	9.8	CRITICAL Network	thinkphp	thinkphp	ThinkPHP 3.2.4 has SQL Injection via the count parameter because the Library/Think/Db/Driver/Mysql.class.php parseKey function mishandles the key variable. NOTE: a backquote character is not required…	CWE-89 SQL Injection	CVE-2018-18529	2024-11-21 12:56	2018-10-20	Show	GitHub Exploit DB Packet Storm

245902	9.8	CRITICAL Network	owndms	ownticket	OwnTicket 2018-05-23 allows SQL Injection via the showTicketId or editTicketStatusId parameter.	CWE-89 SQL Injection	CVE-2018-18527	2024-11-21 12:56	2018-10-20	Show	GitHub Exploit DB Packet Storm

245903	5.5	MEDIUM Local	elfutils_project debian redhat opensuse canonical	elfutils debian_linux enterprise_linux_desktop enterprise_linux_workstation enterprise_linux_server leap ubuntu_linux	Divide-by-zero vulnerabilities in the function arlib_add_symbols() in arlib.c in elfutils 0.174 allow remote attackers to cause a denial of service (application crash) with a crafted ELF file, as dem…	CWE-369 Divide By Zero	CVE-2018-18521	2024-11-21 12:56	2018-10-20	Show	GitHub Exploit DB Packet Storm

245904	6.5	MEDIUM Network	elfutils_project debian canonical opensuse redhat	elfutils debian_linux ubuntu_linux leap enterprise_linux_desktop enterprise_linux_workstation enterprise_linux_server	An Invalid Memory Address Dereference exists in the function elf_end in libelf in elfutils through v0.174. Although eu-size is intended to support ar files inside ar files, handle_ar in size.c closes…	CWE-119 Incorrect Access of Indexable Resource ('Range Error')	CVE-2018-18520	2024-11-21 12:56	2018-10-20	Show	GitHub Exploit DB Packet Storm

245905	9.8	CRITICAL Network	gxlcms	gxlcms	In \lib\admin\action\dataaction.class.php in Gxlcms v2.0, SQL Injection exists via the ids[] parameter.	CWE-89 SQL Injection	CVE-2018-18488	2024-11-21 12:56	2018-10-19	Show	GitHub Exploit DB Packet Storm

245906	7.5	HIGH Network	gxlcms	gxlcms	In \lib\admin\action\dataaction.class.php in Gxlcms v2.0, the database backup filename generation uses mt_rand() unsafely, resulting in predictable database backup file locations.	CWE-200 Information Exposure	CVE-2018-18487	2024-11-21 12:56	2018-10-19	Show	GitHub Exploit DB Packet Storm

245907	9.8	CRITICAL Network	phpshe	phpshe	An issue was discovered in PHPSHE 1.7. SQL injection exists via the admin.php?mod=user&act=del user_id[] parameter.	CWE-89 SQL Injection	CVE-2018-18486	2024-11-21 12:56	2018-10-19	Show	GitHub Exploit DB Packet Storm

245908	7.5	HIGH Network	phpshe	phpshe	An issue was discovered in PHPSHE 1.7. admin.php?mod=db&act=del allows remote attackers to delete arbitrary files via directory traversal sequences in the dbname parameter. This can be leveraged to r…	CWE-22 Path Traversal	CVE-2018-18485	2024-11-21 12:56	2018-10-19	Show	GitHub Exploit DB Packet Storm

245909	5.5	MEDIUM Local	gnu	binutils	An issue was discovered in cp-demangle.c in GNU libiberty, as distributed in GNU Binutils 2.31. Stack Exhaustion occurs in the C++ demangling functions provided by libiberty, and there is a stack con…	CWE-674 Uncontrolled Recursion	CVE-2018-18484	2024-11-21 12:56	2018-10-19	Show	GitHub Exploit DB Packet Storm

245910	7.8	HIGH Local	gnu	binutils	The get_count function in cplus-dem.c in GNU libiberty, as distributed in GNU Binutils 2.31, allows remote attackers to cause a denial of service (malloc called with the result of an integer-overflow…	CWE-190 Integer Overflow or Wraparound	CVE-2018-18483	2024-11-21 12:56	2018-10-19	Show	GitHub Exploit DB Packet Storm

Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed