Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":June 15, 2026, 2 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
258001 9.3 危険 マイクロソフト - Microsoft Word および Microsoft Office における任意のコードを実行される脆弱性 CWE-94
コード・インジェクション 		CVE-2010-3216 2010-10-26 15:35 2010-10-12 Show GitHub Exploit DB Packet Storm
258002 9.3 危険 マイクロソフト - Microsoft Word および Microsoft Office における任意のコードを実行される脆弱性 CWE-94
コード・インジェクション 		CVE-2010-3215 2010-10-26 15:34 2010-10-12 Show GitHub Exploit DB Packet Storm
258003 9.3 危険 マイクロソフト - Microsoft Word および Microsoft Office における任意のコードを実行される脆弱性 CWE-94
コード・インジェクション 		CVE-2010-2750 2010-10-26 15:33 2010-10-12 Show GitHub Exploit DB Packet Storm
258004 9.3 危険 マイクロソフト - Microsoft Word および Microsoft Office における任意のコードを実行される脆弱性 CWE-94
コード・インジェクション 		CVE-2010-2748 2010-10-26 15:33 2010-10-12 Show GitHub Exploit DB Packet Storm
258005 9.3 危険 マイクロソフト - Microsoft Word および Microsoft Office における任意のコードを実行される脆弱性 CWE-94
コード・インジェクション 		CVE-2010-2747 2010-10-26 15:32 2010-10-12 Show GitHub Exploit DB Packet Storm
258006 7.2 危険 マイクロソフト - 複数の Microsoft 製品の OpenType Font フォーマットドライバにおける権限を取得される脆弱性 CWE-264
認可・権限・アクセス制御 		CVE-2010-2741 2010-10-26 15:31 2010-10-12 Show GitHub Exploit DB Packet Storm
258007 7.2 危険 マイクロソフト - 複数の Microsoft 製品の OpenType Font フォーマットドライバにおける権限を取得される脆弱性 CWE-264
認可・権限・アクセス制御 		CVE-2010-2740 2010-10-26 15:29 2010-10-12 Show GitHub Exploit DB Packet Storm
258008 7.2 危険 マイクロソフト - 複数の Microsoft 製品のカーネルモードドライバにおける権限昇格の脆弱性 CWE-264
認可・権限・アクセス制御 		CVE-2010-2744 2010-10-26 15:28 2010-10-12 Show GitHub Exploit DB Packet Storm
258009 4.9 警告 マイクロソフト - 複数の Microsoft 製品のカーネルモードドライバにおける権限昇格の脆弱性 CWE-399
リソース管理の問題 		CVE-2010-2549 2010-10-26 15:28 2010-10-12 Show GitHub Exploit DB Packet Storm
258010 6.5 警告 IBM - Linux 上で稼働する IBM DB2 におけるバッファオーバーフローの脆弱性 CWE-119
バッファエラー 		CVE-2010-0462 2010-10-26 15:24 2010-01-28 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:June 15, 2026, 4:10 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
250281 8.8 HIGH
Adjacent 		vgate icar_2_wi-fi_obd2_firmware An issue was discovered on Vgate iCar 2 Wi-Fi OBD2 Dongle devices. The OBD port is used to receive measurement data and debug information from the car. This on-board diagnostics feature can also be u… CWE-287
Improper Authentication 		CVE-2018-11478 2024-11-21 12:43 2018-05-31 Show GitHub Exploit DB Packet Storm
250282 3.3 LOW
Local 		amazon echo_show_firmware
echo_plus_firmware
echo_dot_firmware
echo_spot_firmware
echo_firmware 		Prior to 2018-04-27, the reprompt feature in Amazon Echo devices could be misused by a custom Alexa skill. The reprompt feature is designed so that if Alexa does not receive an input within 8 seconds… CWE-384
 Session Fixation 		CVE-2018-11567 2024-11-21 12:43 2018-05-31 Show GitHub Exploit DB Packet Storm
250283 6.5 MEDIUM
Adjacent 		vgate icar_2_wi-fi_obd2_firmware An issue was discovered on Vgate iCar 2 Wi-Fi OBD2 Dongle devices. The data packets that are sent between the iOS or Android application and the OBD dongle are not encrypted. The combination of this … CWE-319
Cleartext Transmission of Sensitive Information 		CVE-2018-11477 2024-11-21 12:43 2018-05-31 Show GitHub Exploit DB Packet Storm
250284 8.8 HIGH
Adjacent 		vgate icar_2_wi-fi_obd2_firmware An issue was discovered on Vgate iCar 2 Wi-Fi OBD2 Dongle devices. The dongle opens an unprotected wireless LAN that cannot be configured with encryption or a password. This enables anyone within the… CWE-306
Missing Authentication for Critical Function 		CVE-2018-11476 2024-11-21 12:43 2018-05-31 Show GitHub Exploit DB Packet Storm
250285 6.1 MEDIUM
Network 		misp misp An issue was discovered in MISP 2.4.91. A vulnerability in app/View/Elements/eventattribute.ctp allows reflected XSS if a user clicks on a malicious link for an event view and then clicks on the dele… CWE-79
Cross-site Scripting 		CVE-2018-11562 2024-11-21 12:43 2018-05-31 Show GitHub Exploit DB Packet Storm
250286 6.5 MEDIUM
Network 		taglib
debian 		taglib
debian_linux 		The TagLib::Ogg::FLAC::File::scan function in oggflacfile.cpp in TagLib 1.11.1 allows remote attackers to cause information disclosure (heap-based buffer over-read) via a crafted audio file. CWE-125
Out-of-bounds Read 		CVE-2018-11439 2024-11-21 12:43 2018-05-30 Show GitHub Exploit DB Packet Storm
250287 8.8 HIGH
Network 		libmobi_project libmobi The mobi_decompress_lz77 function in compression.c in Libmobi 0.3 allows remote attackers to cause remote code execution (heap-based buffer overflow) via a crafted mobi file. CWE-787
 Out-of-bounds Write 		CVE-2018-11438 2024-11-21 12:43 2018-05-30 Show GitHub Exploit DB Packet Storm
250288 6.5 MEDIUM
Network 		libmobi_project libmobi The mobi_reconstruct_parts function in parse_rawml.c in Libmobi 0.3 allows remote attackers to cause information disclosure (read access violation) via a crafted mobi file. CWE-200
Information Exposure 		CVE-2018-11437 2024-11-21 12:43 2018-05-30 Show GitHub Exploit DB Packet Storm
250289 6.5 MEDIUM
Network 		libmobi_project libmobi The buffer_addraw function in buffer.c in Libmobi 0.3 allows remote attackers to cause information disclosure (heap-based buffer over-read) via a crafted mobi file. CWE-125
Out-of-bounds Read 		CVE-2018-11436 2024-11-21 12:43 2018-05-30 Show GitHub Exploit DB Packet Storm
250290 8.1 HIGH
Network 		hcltech legacy_ivr_firmware A vulnerability allows a phreaking attack on HCL legacy IVR systems that do not use VoIP. These IVR systems rely on various frequencies of audio signals; based on the frequency, certain commands and … CWE-20
 Improper Input Validation  		CVE-2018-11518 2024-11-21 12:43 2018-05-31 Show GitHub Exploit DB Packet Storm