Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":July 1, 2026, 6 p.m.

No CVSS Level
Attach Vector
Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show
Exploit
PoC
Search
257141 7.5 危険 Miniwork - Joomla! 用 Canteen コンポーネントの menu.php における SQL インジェクションの脆弱性 CWE-89
SQLインジェクション
CVE-2010-4977 2011-12-9 14:39 2011-11-1 Show GitHub Exploit DB Packet Storm
257142 4.3 警告 Nicholas Berry - CANDID の image/view.php におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS)
CVE-2010-4978 2011-12-9 14:39 2011-11-1 Show GitHub Exploit DB Packet Storm
257143 7.5 危険 Nicholas Berry - CANDID の image/view.php における SQL インジェクションの脆弱性 CWE-89
SQLインジェクション
CVE-2010-4979 2011-12-9 14:38 2011-11-1 Show GitHub Exploit DB Packet Storm
257144 7.5 危険 iScripts - iScripts ReserveLogic の packagedetails.php における SQL インジェクションの脆弱性 CWE-89
SQLインジェクション
CVE-2010-4980 2011-12-9 14:38 2011-11-1 Show GitHub Exploit DB Packet Storm
257145 7.5 危険 YourFreeWorld.com - YourFreeWorld Banner Management における SQL インジェクションの脆弱性 CWE-89
SQLインジェクション
CVE-2010-4981 2011-12-9 14:37 2011-11-1 Show GitHub Exploit DB Packet Storm
257146 7.5 危険 My Kazaam - My Kazaam Address & Contact Organizer における SQL インジェクションの脆弱性 CWE-89
SQLインジェクション
CVE-2010-4982 2011-12-9 14:36 2011-11-1 Show GitHub Exploit DB Packet Storm
257147 7.5 危険 iScripts - iScripts CyberMatch における SQL インジェクションの脆弱性 CWE-89
SQLインジェクション
CVE-2010-4983 2011-12-9 14:36 2011-11-1 Show GitHub Exploit DB Packet Storm
257148 7.5 危険 My Kazaam - My Kazaam Notes Management System における SQL インジェクションの脆弱性 CWE-89
SQLインジェクション
CVE-2010-4984 2011-12-9 14:35 2011-11-1 Show GitHub Exploit DB Packet Storm
257149 4.3 警告 My Kazaam - My Kazaam Notes Management System におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS)
CVE-2010-4985 2011-12-9 14:35 2011-11-1 Show GitHub Exploit DB Packet Storm
257150 7.5 危険 Cafuego - Simple Document Management System における SQL インジェクションの脆弱性 CWE-89
SQLインジェクション
CVE-2010-4986 2011-12-9 14:34 2011-11-1 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:July 1, 2026, 4:27 a.m.

No CVSS Level
Attach Vector
Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
253911 6.5 MEDIUM
Network
hdfgroup hdf5 A division by zero was discovered in H5D__btree_decode_key in H5Dbtree.c in the HDF HDF5 1.10.2 library. It could allow a remote denial of service attack. CWE-369
 Divide By Zero
CVE-2018-11203 2024-11-21 12:42 2018-05-17 Show GitHub Exploit DB Packet Storm
253912 6.5 MEDIUM
Network
hdfgroup hdf5 A NULL pointer dereference was discovered in H5S_hyper_make_spans in H5Shyper.c in the HDF HDF5 1.10.2 library. It could allow a remote denial of service attack. CWE-476
 NULL Pointer Dereference
CVE-2018-11202 2024-11-21 12:42 2018-05-17 Show GitHub Exploit DB Packet Storm
253913 6.1 MEDIUM
Network
livezilla livezilla chat/mobile/index.php in LiveZilla Live Chat 7.0.9.5 and prior is affected by Cross-Site Scripting via the Accept-Language HTTP header. CWE-79
Cross-site Scripting
CVE-2018-10810 2024-11-21 12:42 2018-05-16 Show GitHub Exploit DB Packet Storm
253914 9.8 CRITICAL
Network
intelbras ncloud_300_firmware An issue was discovered on Intelbras NCLOUD 300 1.0 devices. /cgi-bin/ExportSettings.sh, /goform/updateWPS, /goform/RebootSystem, and /goform/vpnBasicSettings do not require authentication. For examp… CWE-798
 Use of Hard-coded Credentials
CVE-2018-11094 2024-11-21 12:42 2018-05-16 Show GitHub Exploit DB Packet Storm
253915 6.5 MEDIUM
Network
e107 e107 e107 2.1.7 has CSRF resulting in arbitrary user deletion. CWE-352
 Origin Validation Error
CVE-2018-11127 2024-11-21 12:42 2018-05-16 Show GitHub Exploit DB Packet Storm
253916 8.8 HIGH
Network
doorgets doorgets dg-user/?controller=users&action=add in doorGets 7.0 has CSRF that results in adding an administrator account. CWE-352
 Origin Validation Error
CVE-2018-11126 2024-11-21 12:42 2018-05-16 Show GitHub Exploit DB Packet Storm
253917 6.1 MEDIUM
Network
3cx live_chat There is stored cross site scripting in the wp-live-chat-support plugin before 8.0.08 for WordPress via the "name" (aka wplc_name) and "email" (aka wplc_email) input fields to wp-json/wp_live_chat_su… CWE-79
Cross-site Scripting
CVE-2018-11105 2024-11-21 12:42 2018-05-16 Show GitHub Exploit DB Packet Storm
253918 5.3 MEDIUM
Adjacent
mimobaby mimo_baby_2_firmware Mimo Baby 2 devices do not use authentication or encryption for the Bluetooth Low Energy (BLE) communication from a Turtle to a Lilypad, which allows attackers to inject fake information about the po… CWE-287
CWE-311
Improper Authentication
Missing Encryption of Sensitive Data
CVE-2018-10825 2024-11-21 12:42 2018-05-15 Show GitHub Exploit DB Packet Storm
253919 7.5 HIGH
Network
libav libav An issue was discovered in Libav 12.3. A read access violation in the mov_probe function in libavformat/mov.c allows remote attackers to cause a denial of service (application crash), as demonstrated… CWE-119
Incorrect Access of Indexable Resource ('Range Error') 
CVE-2018-11102 2024-11-21 12:42 2018-05-15 Show GitHub Exploit DB Packet Storm
253920 8.8 HIGH
Network
libming libming The decompileSETTARGET function in decompile.c in libming through 0.4.8 mishandles cases where the header indicates a file size greater than the actual size, which allows remote attackers to cause a … CWE-119
Incorrect Access of Indexable Resource ('Range Error') 
CVE-2018-11100 2024-11-21 12:42 2018-05-15 Show GitHub Exploit DB Packet Storm