Vulnerability Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":June 14, 2026, 6 p.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
256861	4.9	警告	サイバートラスト株式会社 Linux レッドハット	-	Linux Kernel の __scm_destroy 関数におけるサービス運用妨害 (DoS) の脆弱性	CWE-DesignError	CVE-2008-5029	2011-03-18 15:29	2008-11-10	Show	GitHub Exploit DB Packet Storm

256862	5	警告	マイクロソフト	-	Microsoft Malware Protection Engine の一時ファイル作成に関するサービス運用妨害 (DoS) の脆弱性	CWE-399 リソース管理の問題	CVE-2008-1438	2011-03-18 15:24	2008-05-13	Show	GitHub Exploit DB Packet Storm

256863	-	-	マイクロソフト	-	Microsoft Windows の RtlQueryRegistryValues() 関数におけるレジストリデータ検証不備の脆弱性	-	CVE-2010-4398	2011-03-17 17:48	2010-11-29	Show	GitHub Exploit DB Packet Storm

256864	7.5	危険	レッドハット Wireshark オラクル	-	Wireshark の LDSS 解析部の dissect_ldss_transfer 関数におけるヒープベースのバッファオーバーフローの脆弱性	CWE-119 バッファエラー	CVE-2010-4300	2011-03-17 17:43	2010-11-18	Show	GitHub Exploit DB Packet Storm

256865	2.1	注意	VMware	-	VMware vCenter Server の vCenter Tomcat Management Application における権限を取得される脆弱性	CWE-255 証明書・パスワード管理	CVE-2010-2928	2011-03-17 16:27	2011-02-10	Show	GitHub Exploit DB Packet Storm

256866	5	警告	OpenBSD	-	OpenSSH の key_certify 関数におけるスタックメモリ領域の重要なコンテンツ情報を取得される脆弱性	CWE-264 認可・権限・アクセス制御	CVE-2011-0539	2011-03-17 16:24	2011-02-10	Show	GitHub Exploit DB Packet Storm

256867	9.3	危険	リアルネットワークス	-	RealNetworks RealPlayer における任意のコードを実行される脆弱性	CWE-Other その他	CVE-2011-0694	2011-03-17 16:22	2011-02-8	Show	GitHub Exploit DB Packet Storm

256868	5	警告	レッドハット MIT Kerberos オラクル	-	Kerberos の do_standalone 関数におけるサービス運用妨害 (DoS) の脆弱性	CWE-20 不適切な入力確認	CVE-2010-4022	2011-03-17 15:51	2011-02-8	Show	GitHub Exploit DB Packet Storm

256869	4.3	警告	アドビシステムズ	-	Adobe ColdFusion における Web セッションをハイジャックされる脆弱性	CWE-Other その他	CVE-2011-0584	2011-03-17 15:47	2011-02-8	Show	GitHub Exploit DB Packet Storm

256870	4.3	警告	アドビシステムズ	-	Adobe ColdFusion におけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2011-0583	2011-03-17 15:45	2011-02-8	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:June 14, 2026, 4:12 a.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
246231	5.4	MEDIUM Network	modx	evolution_cms	Evolution CMS 1.4.x allows XSS via the page weblink title parameter to the manager/ URI.	CWE-79 Cross-site Scripting	CVE-2018-16637	2024-11-21 12:53	2018-12-29	Show	GitHub Exploit DB Packet Storm

246232	4.8	MEDIUM Network	jupo	mezzanine	Mezzanine CMS v4.3.1 allows XSS via the /admin/blog/blogcategory/add/?_to_field=id&_popup=1 title parameter at admin/blog/blogpost/add/.	CWE-79 Cross-site Scripting	CVE-2018-16632	2024-11-21 12:53	2018-12-29	Show	GitHub Exploit DB Packet Storm

246233	4.8	MEDIUM Network	getkirby	kirby	Kirby v2.5.12 allows XSS by using the "site files" Add option to upload an SVG file.	CWE-79 Cross-site Scripting	CVE-2018-16630	2024-11-21 12:53	2018-12-29	Show	GitHub Exploit DB Packet Storm

246234	6.1	MEDIUM Network	jenzabar	jenzabar	Cross-site scripting (XSS) vulnerability in Jenzabar v8.2.1 through 9.2.0 allows remote attackers to inject arbitrary web script or HTML via the query parameter (aka the Search Field).	CWE-79 Cross-site Scripting	CVE-2018-16778	2024-11-21 12:53	2018-12-22	Show	GitHub Exploit DB Packet Storm

246235	6.1	MEDIUM Network	getkirby	kirby	panel/login in Kirby v2.5.12 allows Host header injection via the "forget password" feature.	CWE-74 Injection	CVE-2018-16627	2024-11-21 12:53	2018-12-21	Show	GitHub Exploit DB Packet Storm

246236	5.5	MEDIUM Local	fedoraproject	sssd	sssd versions from 1.13.0 to before 2.0.0 did not properly restrict access to the infopipe according to the "allowed_uids" configuration parameter. If sensitive information were stored in the user di…	CWE-200 Information Exposure	CVE-2018-16883	2024-11-21 12:53	2018-12-19	Show	GitHub Exploit DB Packet Storm

246237	8.0	HIGH Adjacent	linux redhat debian canonical	linux_kernel enterprise_linux enterprise_mrg debian_linux ubuntu_linux	A flaw was found in the Linux kernel's NFS41+ subsystem. NFS41+ shares mounted in different network namespaces at the same time can make bc_svc_process() use wrong back-channel IDs and cause a use-af…	-	CVE-2018-16884	2024-11-21 12:53	2018-12-19	Show	GitHub Exploit DB Packet Storm

246238	7.5	HIGH Adjacent	swisscom	internet-box_standard_firmware internet-box_light_firmware internet-box_plus_firmware internet-box_2_firmware	A stack-based buffer overflow in the LAN UPnP service running on UDP port 1900 of Swisscom Internet-Box (2, Standard, and Plus) prior to v09.04.00 and Internet-Box light prior to v08.05.02 allows rem…	CWE-787 Out-of-bounds Write	CVE-2018-16596	2024-11-21 12:53	2018-12-18	Show	GitHub Exploit DB Packet Storm

246239	7.5	HIGH Network	golang opensuse	go leap	The crypto/x509 package of Go before 1.10.6 and 1.11.x before 1.11.3 does not limit the amount of work performed for each chain verification, which might allow attackers to craft pathological inputs …	CWE-295 Improper Certificate Validation	CVE-2018-16875	2024-11-21 12:53	2018-12-14	Show	GitHub Exploit DB Packet Storm

246240	8.1	HIGH Network	golang opensuse suse debian	go leap linux_enterprise_server backports_sle debian_linux	In Go before 1.10.6 and 1.11.x before 1.11.3, the "go get" command is vulnerable to directory traversal when executed with the import path of a malicious Go package which contains curly braces (both …	-	CVE-2018-16874	2024-11-21 12:53	2018-12-14	Show	GitHub Exploit DB Packet Storm

Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed