Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":July 1, 2026, 6 p.m.

No CVSS Level
Attach Vector
Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show
Exploit
PoC
Search
256721 4.3 警告 InsaneVisions - OneCMS の index.php におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS)
CVE-2010-4877 2012-01-19 10:31 2011-10-7 Show GitHub Exploit DB Packet Storm
256722 7.5 危険 got milk - mBlogger の viewpost.php における SQL インジェクションの脆弱性 CWE-89
SQLインジェクション
CVE-2010-4876 2012-01-19 10:30 2011-10-7 Show GitHub Exploit DB Packet Storm
256723 4.3 警告 Xondie - WordPress 用 Vodpod Video Gallery プラグインにおけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS)
CVE-2010-4875 2012-01-19 10:30 2011-10-7 Show GitHub Exploit DB Packet Storm
256724 4.3 警告 NinkoBB - NinkoBB の users.php におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS)
CVE-2010-4874 2012-01-19 10:28 2011-10-7 Show GitHub Exploit DB Packet Storm
256725 4.3 警告 WeBid Support - WeBid におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS)
CVE-2010-4873 2012-01-19 10:27 2011-10-7 Show GitHub Exploit DB Packet Storm
256726 7.5 危険 PilotCart - ASPilot Pilot Cart の newsroom.asp における SQL インジェクションの脆弱性 CWE-89
SQLインジェクション
CVE-2010-4872 2012-01-19 10:27 2011-10-7 Show GitHub Exploit DB Packet Storm
256727 10 危険 SmartSoft - SmartFTP における詳細不明な脆弱性 CWE-noinfo
情報不足
CVE-2010-4871 2012-01-19 10:26 2011-10-7 Show GitHub Exploit DB Packet Storm
256728 7.5 危険 bloofox - BloofoxCMS における SQL インジェクションの脆弱性 CWE-89
SQLインジェクション
CVE-2010-4870 2012-01-19 10:25 2011-10-7 Show GitHub Exploit DB Packet Storm
256729 10 危険 アドビシステムズ - Adobe Reader および Acrobat の PRC コンポーネントにおける任意のコードを実行される脆弱性 CWE-noinfo
情報不足
CVE-2011-4369 2012-01-17 18:13 2011-12-16 Show GitHub Exploit DB Packet Storm
256730 4.3 警告 CourseForum Technologies - ProjectForum におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS)
CVE-2011-4277 2012-01-17 17:44 2011-10-3 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:July 1, 2026, 4:27 a.m.

No CVSS Level
Attach Vector
Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
246141 7.5 HIGH
Network
gitlab gitlab GitLab Community and Enterprise Edition before 11.3.14, 11.4.x before 11.4.12, and 11.5.x before 11.5.5 allows Directory Traversal. CWE-22
Path Traversal
CVE-2018-20229 2024-11-21 13:01 2019-04-5 Show GitHub Exploit DB Packet Storm
246142 5.5 MEDIUM
Local
linux
netapp
linux_kernel
element_software_management_node
The hidma_chan_stats function in drivers/dma/qcom/hidma_dbg.c in the Linux kernel 4.14.90 allows local users to obtain sensitive address information by reading "callback=" lines in a debugfs file. CWE-200
Information Exposure
CVE-2018-20449 2024-11-21 13:01 2019-04-5 Show GitHub Exploit DB Packet Storm
246143 9.8 CRITICAL
Network
airsonic_project airsonic XXE issue in Airsonic before 10.1.2 during parse. CWE-611
XXE
CVE-2018-20222 2024-11-21 13:01 2019-04-5 Show GitHub Exploit DB Packet Storm
246144 8.1 HIGH
Network
sqlite
apple
opensuse
sqlite
iphone_os
mac_os_x
watchos
tvos
icloud
itunes
leap
SQLite before 3.25.3, when the FTS3 extension is enabled, encounters an integer overflow (and resultant buffer overflow) for FTS3 queries in a "merge" operation that occurs after crafted changes to F… CWE-190
 Integer Overflow or Wraparound
CVE-2018-20506 2024-11-21 13:01 2019-04-4 Show GitHub Exploit DB Packet Storm
246145 7.5 HIGH
Network
sqlite
apple
sqlite
iphone_os
watchos
mac_os_x
icloud
itunes
SQLite 3.25.2, when queries are run on a table with a malformed PRIMARY KEY, allows remote attackers to cause a denial of service (application crash) by leveraging the ability to run arbitrary SQL st… CWE-89
SQL Injection
CVE-2018-20505 2024-11-21 13:01 2019-04-4 Show GitHub Exploit DB Packet Storm
246146 7.5 HIGH
Adjacent
opensynergy blue_sdk The L2CAP signaling channel implementation and SDP server implementation in OpenSynergy Blue SDK 3.2 through 6.0 allow remote, unauthenticated attackers to execute arbitrary code or cause a denial of… CWE-20
 Improper Input Validation 
CVE-2018-20378 2024-11-21 13:01 2019-03-30 Show GitHub Exploit DB Packet Storm
246147 8.8 HIGH
Network
librenms librenms LibreNMS through 1.47 allows SQL injection via the html/ajax_table.php sort[hostname] parameter, exploitable by authenticated users during a search. CWE-89
SQL Injection
CVE-2018-20678 2024-11-21 13:01 2019-03-29 Show GitHub Exploit DB Packet Storm
246148 7.8 HIGH
Local
linux
canonical
netapp
linux_kernel
ubuntu_linux
solidfire
hci_management_node
snapprotect
cn1610_firmware
An issue where a provided address with access_ok() is not checked was discovered in i915_gem_execbuffer2_ioctl in drivers/gpu/drm/i915/i915_gem_execbuffer.c in the Linux kernel through 4.19.13. A loc… CWE-20
 Improper Input Validation 
CVE-2018-20669 2024-11-21 13:01 2019-03-22 Show GitHub Exploit DB Packet Storm
246149 8.8 HIGH
Network
car_rental_script_project car_rental_script PHP Scripts Mall Car Rental Script 2.0.8 has Cross-Site Request Forgery (CSRF) via accountedit.php. CWE-352
 Origin Validation Error
CVE-2018-20648 2024-11-21 13:01 2019-03-22 Show GitHub Exploit DB Packet Storm
246150 6.5 MEDIUM
Network
car_rental_script_project car_rental_script PHP Scripts Mall Car Rental Script 2.0.8 has directory traversal via a direct request for a listing of an image directory such as an images/ directory. CWE-22
Path Traversal
CVE-2018-20647 2024-11-21 13:01 2019-03-22 Show GitHub Exploit DB Packet Storm