Vulnerability Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":June 4, 2026, 4 p.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
257721	10	危険	アップル VMware サン・マイクロシステムズ	-	Sun Java SE の Provider クラスにおける詳細不明な脆弱性	CWE-noinfo 情報不足	CVE-2009-2722	2010-01-4 14:56	2009-08-10	Show	GitHub Exploit DB Packet Storm

257722	10	危険	アップル VMware サン・マイクロシステムズ	-	Sun Java SE の Provider クラスにおける詳細不明な脆弱性	CWE-noinfo 情報不足	CVE-2009-2723	2010-01-4 14:55	2009-08-10	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:June 4, 2026, 4:17 a.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
249251	7.0	HIGH Local	microsoft	windows_10 windows_server_2016	AppContainer in Windows 10 Gold, 1511, 1607, 1703 and 1709, Windows Server 2016 and Windows Server, version 1709 allows an elevation of privilege vulnerability due to the way constrained impersonatio…	CWE-269 Improper Privilege Management	CVE-2018-0821	2024-11-21 12:39	2018-02-15	Show	GitHub Exploit DB Packet Storm

249252	7.8	HIGH Local	microsoft	windows_rt_8.1 windows_server_2012 windows_server_2016 windows_7 windows_10 windows_8.1 windows_server_2008	The Windows kernel in Windows 7 SP1, Windows 8.1 and RT 8.1, Windows Server 2008 SP2 and R2 SP1, Windows Server 2012 and R2, Windows 10 Gold, 1511, 1607, 1703 and 1709, Windows Server 2016 and Window…	NVD-CWE-noinfo	CVE-2018-0820	2024-11-21 12:39	2018-02-15	Show	GitHub Exploit DB Packet Storm

249253	4.4	MEDIUM Network	wondercms	wondercms	WonderCMS version 2.4.0 contains a Stored Cross-Site Scripting on File Upload through SVG vulnerability in uploadFileAction(), 'svg' => 'image/svg+xml' that can result in An attacker can execute arbi…	CWE-79 Cross-site Scripting	CVE-2018-1000062	2024-11-21 12:39	2018-02-10	Show	GitHub Exploit DB Packet Storm

249254	9.8	CRITICAL Network	validformbuilder	validform_builder	ValidFormBuilder version 4.5.4 contains a PHP Object Injection vulnerability in Valid Form unserialize method that can result in Possible to execute unauthorised system commands remotely and disclose…	CWE-502 Deserialization of Untrusted Data	CVE-2018-1000059	2024-11-21 12:39	2018-02-10	Show	GitHub Exploit DB Packet Storm

249255	4.3	MEDIUM Network	jenkins	credentials_binding	Jenkins Credentials Binding Plugin 1.14 and earlier masks passwords it provides to build processes in their build logs. Jenkins however transforms provided password values, e.g. replacing environment…	CWE-522 Insufficiently Protected Credentials	CVE-2018-1000057	2024-11-21 12:39	2018-02-10	Show	GitHub Exploit DB Packet Storm

249256	9.8	CRITICAL Network	sensu	sensu_core	Sensu, Inc. Sensu Core version Before 1.2.0 & before commit 46ff10023e8cbf1b6978838f47c51b20b98fe30b contains a CWE-522 vulnerability in Sensu::Utilities.redact_sensitive() that can result in sensiti…	CWE-532 Inclusion of Sensitive Information in Log Files	CVE-2018-1000060	2024-11-21 12:39	2018-02-10	Show	GitHub Exploit DB Packet Storm

249257	8.8	HIGH Network	jenkins	pipeline_supporting_apis	Jenkins Pipeline: Supporting APIs Plugin 2.17 and earlier have an arbitrary code execution due to incomplete sandbox protection: Methods related to Java deserialization like readResolve implemented i…	CWE-502 Deserialization of Untrusted Data	CVE-2018-1000058	2024-11-21 12:39	2018-02-10	Show	GitHub Exploit DB Packet Storm

249258	8.3	HIGH Network	jenkins	junit	Jenkins JUnit Plugin 1.23 and earlier processes XML external entities in files it parses as part of the build process, allowing attackers with user permissions in Jenkins to extract secrets from the …	CWE-611 CWE-918 XXE Server-Side Request Forgery (SSRF)	CVE-2018-1000056	2024-11-21 12:39	2018-02-10	Show	GitHub Exploit DB Packet Storm

249259	8.3	HIGH Network	jenkins	android_lint	Jenkins Android Lint Plugin 2.5 and earlier processes XML external entities in files it parses as part of the build process, allowing attackers with user permissions in Jenkins to extract secrets fro…	CWE-611 CWE-918 XXE Server-Side Request Forgery (SSRF)	CVE-2018-1000055	2024-11-21 12:39	2018-02-10	Show	GitHub Exploit DB Packet Storm

249260	8.3	HIGH Network	jenkins	ccm	Jenkins CCM Plugin 3.1 and earlier processes XML external entities in files it parses as part of the build process, allowing attackers with user permissions in Jenkins to extract secrets from the Jen…	CWE-611 CWE-918 XXE Server-Side Request Forgery (SSRF)	CVE-2018-1000054	2024-11-21 12:39	2018-02-10	Show	GitHub Exploit DB Packet Storm

Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed