Vulnerability Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":June 9, 2026, 6 p.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
258011	6.5	警告	オラクル	-	Oracle Database の JavaVM コンポーネントにおける脆弱性	CWE-noinfo 情報不足	CVE-2010-0866	2010-05-12 15:17	2010-04-13	Show	GitHub Exploit DB Packet Storm

258012	7.1	危険	オラクル	-	Oracle Database の Core RDBMS コンポーネントにおける脆弱性	CWE-noinfo 情報不足	CVE-2010-0860	2010-05-12 15:16	2010-04-13	Show	GitHub Exploit DB Packet Storm

258013	7.5	危険	オラクル	-	複数の Oracle 製品の Oracle Internet Directory コンポーネントにおける脆弱性	CWE-noinfo 情報不足	CVE-2010-0853	2010-05-12 15:16	2010-04-13	Show	GitHub Exploit DB Packet Storm

258014	2.6	注意	シックス・アパート株式会社	-	Movable Type におけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2010-1985	2010-05-12 12:01	2010-05-12	Show	GitHub Exploit DB Packet Storm

258015	10	危険	日立	-	複数の EUR Form 製品および EUR 製品における任意のコードが実行される脆弱性	CWE-noinfo 情報不足	-	2010-05-11 15:16	2010-03-31	Show	GitHub Exploit DB Packet Storm

258016	6.4	警告	マイクロソフト	-	Microsoft Windows における ISATAP パケットの処理に関する IPv4 ソースアドレスの制限を回避される脆弱性	CWE-264 認可・権限・アクセス制御	CVE-2010-0812	2010-05-11 15:16	2010-04-13	Show	GitHub Exploit DB Packet Storm

258017	7.6	危険	マイクロソフト	-	Microsoft Office Visio における任意のコードを実行される脆弱性	CWE-94 コード・インジェクション	CVE-2010-0256	2010-05-11 15:16	2010-04-13	Show	GitHub Exploit DB Packet Storm

258018	7.6	危険	マイクロソフト	-	Microsoft Office Visio における任意のコードを実行される脆弱性	CWE-94 コード・インジェクション	CVE-2010-0254	2010-05-11 15:15	2010-04-13	Show	GitHub Exploit DB Packet Storm

258019	5	警告	マイクロソフト	-	Microsoft Windows の SMTP コンポーネントにおける情報漏えいの脆弱性	CWE-200 情報漏えい	CVE-2010-0025	2010-05-11 15:15	2010-04-13	Show	GitHub Exploit DB Packet Storm

258020	5	警告	マイクロソフト	-	Microsoft Windows の SMTP コンポーネントにおけるサービス運用妨害 (DoS) の脆弱性	CWE-20 不適切な入力確認	CVE-2010-0024	2010-05-11 15:15	2010-04-13	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:June 9, 2026, 4:16 a.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
249481	7.5	HIGH Network	matrix	synapse	Matrix Synapse before 0.28.1 is prone to a denial of service flaw where malicious events injected with depth = 2^63 - 1 render rooms unusable, related to federation/federation_base.py and handlers/me…	CWE-20 Improper Input Validation	CVE-2018-10657	2024-11-21 12:41	2018-05-3	Show	GitHub Exploit DB Packet Storm

249482	7.2	HIGH Network	combodo	itop	Command injection vulnerability in Combodo iTop 2.4.1 allows remote authenticated administrators to execute arbitrary commands by changing the platform configuration, because web/env-production/itop-…	CWE-94 Code Injection	CVE-2018-10642	2024-11-21 12:41	2018-05-2	Show	GitHub Exploit DB Packet Storm

249483	9.8	CRITICAL Network	meross	mss110_firmware	Meross MSS110 devices through 1.1.24 contain an unauthenticated admin.htm administrative interface.	CWE-287 Improper Authentication	CVE-2018-10544	2024-11-21 12:41	2018-05-2	Show	GitHub Exploit DB Packet Storm

249484	8.8	HIGH Network	hrsale_project	hrsale	A Local File Inclusion vulnerability was found in HRSALE The Ultimate HRM v1.0.2, exploitable by a low privileged user.	CWE-20 Improper Input Validation	CVE-2018-10260	2024-11-21 12:41	2018-05-2	Show	GitHub Exploit DB Packet Storm

249485	7.8	HIGH Local	safervpn	safervpn	SaferVPN 4.2.5 for Windows suffers from a SYSTEM privilege escalation vulnerability in its "SaferVPN.Service" service. The "SaferVPN.Service" service executes "openvpn.exe" using OpenVPN config files…	CWE-732 Incorrect Permission Assignment for Critical Resource	CVE-2018-10647	2024-11-21 12:41	2018-05-2	Show	GitHub Exploit DB Packet Storm

249486	7.8	HIGH Local	cyberghostvpn	cyberghost	CyberGhost 6.5.0.3180 for Windows suffers from a SYSTEM privilege escalation vulnerability through the "CG6Service" service. This service establishes a NetNamedPipe endpoint that allows arbitrary ins…	CWE-732 Incorrect Permission Assignment for Critical Resource	CVE-2018-10646	2024-11-21 12:41	2018-05-2	Show	GitHub Exploit DB Packet Storm

249487	7.8	HIGH Local	goldenfrog	vyprvpn	Golden Frog VyprVPN 2.12.1.8015 for Windows suffers from a SYSTEM privilege escalation vulnerability through the "VyprVPN" service. This service establishes a NetNamedPipe endpoint that allows applic…	CWE-732 Incorrect Permission Assignment for Critical Resource	CVE-2018-10645	2024-11-21 12:41	2018-05-2	Show	GitHub Exploit DB Packet Storm

249488	5.4	MEDIUM Network	hrsale_project	hrsale	An Authenticated Stored XSS vulnerability was found in HRSALE The Ultimate HRM v1.0.2, exploitable by a low privileged user.	CWE-79 Cross-site Scripting	CVE-2018-10259	2024-11-21 12:41	2018-05-2	Show	GitHub Exploit DB Packet Storm

249489	8.8	HIGH Network	codeslab	shopy_point_of_sale	A CSV Injection vulnerability was discovered in Shopy Point of Sale v1.0 that allows a user with low level privileges to inject a command that will be included in the exported CSV file, leading to po…	CWE-1236 Improper Neutralization of Formula Elements in a CSV File	CVE-2018-10258	2024-11-21 12:41	2018-05-2	Show	GitHub Exploit DB Packet Storm

249490	8.8	HIGH Local	hrsale_project	hrsale	A CSV Injection vulnerability was discovered in HRSALE The Ultimate HRM v1.0.2 that allows a user with low level privileges to inject a command that will be included in the exported CSV file, leading…	CWE-1236 Improper Neutralization of Formula Elements in a CSV File	CVE-2018-10257	2024-11-21 12:41	2018-05-2	Show	GitHub Exploit DB Packet Storm

Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed