Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":June 4, 2026, 4 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
257131 7.5 危険 サン・マイクロシステムズ
GNOME Project
レッドハット		 - Evolution Data Server (別名 evolution-data-server) における複数の整数オーバーフローの脆弱性 CWE-189
数値処理の問題 		CVE-2009-0587 2010-05-14 18:37 2009-03-14 Show GitHub Exploit DB Packet Storm
257132 5.8 警告 サン・マイクロシステムズ
GNOME Project
レッドハット		 - Evolution Data Server (別名 evolution-data-server) の ntlm_challenge 関数におけるプロセスメモリ情報の漏洩またはサービス運用妨害 (DoS) の脆弱性 CWE-20
不適切な入力確認 		CVE-2009-0582 2010-05-14 18:37 2009-03-14 Show GitHub Exploit DB Packet Storm
257133 1.2 注意 日本電気
サイバートラスト株式会社
サン・マイクロシステムズ
ターボリナックス
OpenSSL Project
レッドハット		 - RSA key reconstruction vulnerability - CVE-2007-3108 2010-05-14 18:37 2007-08-16 Show GitHub Exploit DB Packet Storm
257134 5 警告 ヒューレット・パッカード
サイバートラスト株式会社
OpenSSL Project
ターボリナックス
レッドハット		 - OpenSSL の zlib_stateful_finish 関数におけるサービス運用妨害 (DoS) の脆弱性 CWE-399
リソース管理の問題 		CVE-2009-4355 2010-05-13 17:21 2010-01-13 Show GitHub Exploit DB Packet Storm
257135 9.3 危険 日立 - XMAP3 における任意のコードが実行される脆弱性 CWE-noinfo
情報不足 		- 2010-05-13 15:14 2010-04-12 Show GitHub Exploit DB Packet Storm
257136 4.3 警告 オラクル - Oracle Industry Product Suite の Retail - Oracle Retail Plan In-Season コンポーネントにおける脆弱性 CWE-noinfo
情報不足 		CVE-2010-0863 2010-05-13 15:13 2010-04-13 Show GitHub Exploit DB Packet Storm
257137 4.3 警告 オラクル - Oracle Industry Product Suite の Retail - Oracle Retail Place In-Season コンポーネントにおける脆弱性 CWE-noinfo
情報不足 		CVE-2010-0864 2010-05-13 15:13 2010-04-13 Show GitHub Exploit DB Packet Storm
257138 4.3 警告 オラクル - Oracle Industry Product Suite の Retail - Oracle Retail Markdown Optimization コンポーネントにおける脆弱性 CWE-noinfo
情報不足 		CVE-2010-0862 2010-05-13 15:13 2010-04-13 Show GitHub Exploit DB Packet Storm
257139 4.3 警告 オラクル - Oracle Industry Product Suite の Life Sciences - Oracle Thesaurus Management System コンポーネントにおける脆弱性 CWE-noinfo
情報不足 		CVE-2010-0875 2010-05-13 15:12 2010-04-13 Show GitHub Exploit DB Packet Storm
257140 4.3 警告 オラクル - Oracle Industry Product Suite の Life Sciences - Oracle Clinical Remote Data Capture Option コンポーネントにおける脆弱性 CWE-noinfo
情報不足 		CVE-2010-0876 2010-05-13 15:12 2010-04-13 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:June 4, 2026, 4:17 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
246911 4.7 MEDIUM
Local 		openbsd libressl LibreSSL before 2.6.5 and 2.7.x before 2.7.4 allows a memory-cache side-channel attack on DSA and ECDSA signatures, aka the Return Of the Hidden Number Problem or ROHNP. To discover a key, the attack… CWE-200
Information Exposure 		CVE-2018-12434 2024-11-21 12:45 2018-06-15 Show GitHub Exploit DB Packet Storm
246912 4.9 MEDIUM
Physics 		cryptlib cryptlib cryptlib through 3.4.4 allows a memory-cache side-channel attack on DSA and ECDSA signatures, aka the Return Of the Hidden Number Problem or ROHNP. To discover a key, the attacker needs access to eit… CWE-200
CWE-320
Information Exposure
 Key Management Errors 		CVE-2018-12433 2024-11-21 12:45 2018-06-15 Show GitHub Exploit DB Packet Storm
246913 6.1 MEDIUM
Network 		javamelody_project javamelody JavaMelody through 1.60.0 has XSS via the counter parameter in a clear_counter action to the /monitoring URI. CWE-79
Cross-site Scripting 		CVE-2018-12432 2024-11-21 12:45 2018-06-15 Show GitHub Exploit DB Packet Storm
246914 4.8 MEDIUM
Network 		seacms seacms SeaCMS V6.61 has XSS via the site name parameter on an adm1n/admin_config.php page (aka a system management page). CWE-79
Cross-site Scripting 		CVE-2018-12431 2024-11-21 12:45 2018-06-15 Show GitHub Exploit DB Packet Storm
246915 9.8 CRITICAL
Network 		simple_password_store_project simple_password_store An issue was discovered in password-store.sh in pass in Simple Password Store 1.7.x before 1.7.2. The signature verification routine parses the output of GnuPG with an incomplete regular expression, … CWE-347
 Improper Verification of Cryptographic Signature 		CVE-2018-12356 2024-11-21 12:45 2018-06-15 Show GitHub Exploit DB Packet Storm
246916 7.5 HIGH
Network 		matrix synapse In Synapse before 0.31.2, unauthorised users can hijack rooms when there is no m.room.power_levels event in force. NVD-CWE-noinfo
CVE-2018-12423 2024-11-21 12:45 2018-06-15 Show GitHub Exploit DB Packet Storm
246917 7.5 HIGH
Network 		icehrm icehrm IceHrm before 23.0.1.OS has a risky usage of a hashed password in a request. CWE-327
 Use of a Broken or Risky Cryptographic Algorithm 		CVE-2018-12420 2024-11-21 12:45 2018-06-15 Show GitHub Exploit DB Packet Storm
246918 9.8 CRITICAL
Network 		ltb-project ldap_tool_box_self_service_password LTB (aka LDAP Tool Box) Self Service Password before 1.3 allows a change to a user password (without knowing the old password) via a crafted POST request, because the ldap_bind return value is mishan… CWE-640
 Weak Password Recovery Mechanism for Forgotten Password 		CVE-2018-12421 2024-11-21 12:45 2018-06-15 Show GitHub Exploit DB Packet Storm
246919 5.5 MEDIUM
Local 		junrar_project junrar Archive.java in Junrar before 1.0.1, as used in Apache Tika and other products, is affected by a denial of service vulnerability due to an infinite loop when handling corrupt RAR files. CWE-835
 Loop with Unreachable Exit Condition ('Infinite Loop') 		CVE-2018-12418 2024-11-21 12:45 2018-06-15 Show GitHub Exploit DB Packet Storm
246920 6.1 MEDIUM
Network 		eng knowage Knowage (formerly SpagoBI) 6.1.1 allows XSS via the name or description field to the "Olap Schemas' Catalogue" catalogue. CWE-79
Cross-site Scripting 		CVE-2018-12355 2024-11-21 12:45 2018-06-14 Show GitHub Exploit DB Packet Storm