Vulnerability Search Top

Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

Vulnerability Information Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":June 19, 2026, 6 p.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
257111	9.3	危険	サン・マイクロシステムズサイバートラスト株式会社 Mozilla Foundation レッドハットオラクル	-	Mozilla NSS の正規表現の解析における任意のコードを実行される脆弱性	CWE-119 バッファエラー	CVE-2009-2404	2011-05-9 11:11	2009-08-1	Show	GitHub Exploit DB Packet Storm

257112	7.5	危険	アップルサイバートラスト株式会社 xmlsoft.org レッドハットオラクル	-	libxslt の pattern.c におけるバッファオーバーフローの脆弱性	CWE-119 バッファエラー	CVE-2008-1767	2011-05-9 11:07	2008-05-21	Show	GitHub Exploit DB Packet Storm

257113	9.3	危険	レッドハット GNOME Project オラクル	-	Evolution の iCalendar 添付ファイルの処理に関するヒープベースのバッファオーバーフローの脆弱性	CWE-119 バッファエラー	CVE-2008-1109	2011-05-9 11:04	2008-06-4	Show	GitHub Exploit DB Packet Storm

257114	7.6	危険	レッドハット GNOME Project オラクル	-	Evolution のタイムゾーン処理に関するバッファーオーバーフローの脆弱性	CWE-119 バッファエラー	CVE-2008-1108	2011-05-9 10:51	2008-06-4	Show	GitHub Exploit DB Packet Storm

257115	2.6	注意	レッドハットオラクル	-	gedit の不正なファイル名の処理によるフォーマットストリングの脆弱性	-	CVE-2005-1686	2011-05-9 10:49	2005-05-24	Show	GitHub Exploit DB Packet Storm

257116	7.8	危険	シスコシステムズ	-	Cisco IOS におけるサービス運用妨害 (DoS) の脆弱性	CWE-399 リソース管理の問題	CVE-2010-4683	2011-05-9 10:22	2011-01-7	Show	GitHub Exploit DB Packet Storm

257117	7.2	危険	マイクロソフト	-	Microsoft Windows の win32k.sys における権限昇格の脆弱性	CWE-399 リソース管理の問題	CVE-2011-1234	2011-05-6 11:28	2011-04-12	Show	GitHub Exploit DB Packet Storm

257118	7.2	危険	マイクロソフト	-	Microsoft Windows の win32k.sys における権限昇格の脆弱性	CWE-399 リソース管理の問題	CVE-2011-0675	2011-05-6 11:27	2011-04-12	Show	GitHub Exploit DB Packet Storm

257119	7.2	危険	マイクロソフト	-	Microsoft Windows の win32k.sys における権限昇格の脆弱性	CWE-399 リソース管理の問題	CVE-2011-0674	2011-05-6 11:27	2011-04-12	Show	GitHub Exploit DB Packet Storm

257120	7.2	危険	マイクロソフト	-	Microsoft Windows の win32k.sys における権限昇格の脆弱性	CWE-399 リソース管理の問題	CVE-2011-0672	2011-05-6 11:26	2011-04-12	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:June 19, 2026, 4:01 a.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
246161	9.8	CRITICAL Network	orange	airbox_firmware	goform/getProfileList in Orange AirBox Y858_FL_01.16_04 allows attackers to extract APN data (name, number, username, and password) via the rand parameter.	CWE-330 Use of Insufficiently Random Values	CVE-2018-18375	2024-11-21 12:55	2018-10-16	Show	GitHub Exploit DB Packet Storm

246162	5.4	MEDIUM Network	metinfo	metinfo	XSS exists in the MetInfo 6.1.2 admin/index.php page via the anyid parameter.	CWE-79 Cross-site Scripting	CVE-2018-18374	2024-11-21 12:55	2018-10-16	Show	GitHub Exploit DB Packet Storm

246163	6.1	MEDIUM Network	tuzitio	camaleon_cms	In the 2.4 version of Camaleon CMS, Stored XSS has been discovered. The profile image in the User settings section can be run in the update / upload area via /admin/media/upload?actions=false. NOTE: …	CWE-79 Cross-site Scripting	CVE-2018-18260	2024-11-21 12:55	2018-10-16	Show	GitHub Exploit DB Packet Storm

246164	6.1	MEDIUM Network	luya	luya_cms	Stored XSS has been discovered in version 1.0.12 of the LUYA CMS software via /admin/api-cms-nav/create-page.	CWE-79 Cross-site Scripting	CVE-2018-18259	2024-11-21 12:55	2018-10-16	Show	GitHub Exploit DB Packet Storm

246165	7.8	HIGH Local	nomachine	nomachine	NoMachine before 5.3.27 and 6.x before 6.3.6 allows attackers to gain privileges via a Trojan horse wintab32.dll file located in the same directory as a .nxs file, as demonstrated by a scenario where…	CWE-426 Untrusted Search Path	CVE-2018-17980	2024-11-21 12:55	2018-10-16	Show	GitHub Exploit DB Packet Storm

246166	6.3	MEDIUM Local	artifex debian canonical redhat	ghostscript debian_linux ubuntu_linux enterprise_linux_desktop enterprise_linux_workstation enterprise_linux_server enterprise_linux_server_tus enterprise_linux_server_eus ent…	Artifex Ghostscript allows attackers to bypass a sandbox protection mechanism by leveraging exposure of system operators in the saved execution stack in an error object.	CWE-200 Information Exposure	CVE-2018-18073	2024-11-21 12:55	2018-10-16	Show	GitHub Exploit DB Packet Storm

246167	8.6	HIGH Local	artifex debian canonical redhat	ghostscript debian_linux ubuntu_linux enterprise_linux_desktop enterprise_linux_workstation enterprise_linux_server enterprise_linux_server_tus enterprise_linux_server_eus ent…	Artifex Ghostscript 9.25 and earlier allows attackers to bypass a sandbox protection mechanism via vectors involving errorhandler setup. NOTE: this issue exists because of an incomplete fix for CVE-2…	CWE-209 Information Exposure Through an Error Message	CVE-2018-17961	2024-11-21 12:55	2018-10-16	Show	GitHub Exploit DB Packet Storm

246168	6.1	MEDIUM Network	nconsulting	nc-cms	An issue was discovered in nc-cms through 2017-03-10. index.php?action=edit_html allows XSS via the name parameter, as demonstrated by a value beginning with home_content and containing a crafted SRC…	CWE-79 Cross-site Scripting	CVE-2018-18361	2024-11-21 12:55	2018-10-16	Show	GitHub Exploit DB Packet Storm

246169	6.1	MEDIUM Network	control-webpanel	webpanel	CentOS-WebPanel.com (aka CWP) CentOS Web Panel 0.9.8.480 has XSS via the admin/fileManager2.php fm_current_dir parameter, or the admin/index.php module, service_start, service_fullstatus, service_res…	CWE-79 Cross-site Scripting	CVE-2018-18324	2024-11-21 12:55	2018-10-15	Show	GitHub Exploit DB Packet Storm

246170	7.5	HIGH Network	control-webpanel	webpanel	CentOS-WebPanel.com (aka CWP) CentOS Web Panel 0.9.8.480 has Local File Inclusion via directory traversal with an admin/index.php?module=file_editor&file=/../ URI.	CWE-22 Path Traversal	CVE-2018-18323	2024-11-21 12:55	2018-10-15	Show	GitHub Exploit DB Packet Storm