Vulnerability Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":June 11, 2026, 12:01 p.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
258281	9.3	危険	アップル	-	Windows 上で稼働する Apple QuickTime における任意のコードを実行される脆弱性	CWE-119 バッファエラー	CVE-2010-0536	2010-04-26 16:59	2010-03-31	Show	GitHub Exploit DB Packet Storm

258282	9.3	危険	アップル	-	Windows 上で稼働する Apple QuickTime の QuickTime.qts における任意のコードを実行される脆弱性	CWE-119 バッファエラー	CVE-2010-0529	2010-04-26 16:59	2010-03-31	Show	GitHub Exploit DB Packet Storm

258283	9.3	危険	アップル	-	Windows 上で稼働する Apple QuickTime における任意のコードを実行される脆弱性	CWE-119 バッファエラー	CVE-2010-0528	2010-04-26 16:58	2010-03-31	Show	GitHub Exploit DB Packet Storm

258284	9.3	危険	アップル	-	Apple QuickTime における整数オーバーフローの脆弱性	CWE-189 数値処理の問題	CVE-2010-0527	2010-04-26 16:58	2010-03-31	Show	GitHub Exploit DB Packet Storm

258285	5	警告	アップルサイバートラスト株式会社 Ruby-lang.org レッドハット	-	Ruby の BigDecimal ライブラリにおけるサービス運用妨害 (DoS) の脆弱性	CWE-189 数値処理の問題	CVE-2009-1904	2010-04-26 16:46	2009-06-9	Show	GitHub Exploit DB Packet Storm

258286	6.9	警告	アップル Vim	-	Vim の Python インターフェースの src/if_python.c における信頼性のない検索パスの脆弱性	CWE-Other その他	CVE-2009-0316	2010-04-26 16:45	2009-01-28	Show	GitHub Exploit DB Packet Storm

258287	9.3	危険	アップルサイバートラスト株式会社 Vim レッドハット	-	Vim におけるエスケープ文字を適切に処理しないことに関する任意のコマンドを実行される脆弱性	CWE-20 不適切な入力確認	CVE-2008-4101	2010-04-26 16:45	2008-10-9	Show	GitHub Exploit DB Packet Storm

258288	9.3	危険	アップルサイバートラスト株式会社 Vim レッドハット	-	Vim における適切に入力をサニタイズしないことに関する任意のコードを実行される脆弱性	CWE-20 不適切な入力確認	CVE-2008-2712	2010-04-26 16:45	2008-10-9	Show	GitHub Exploit DB Packet Storm

258289	4.3	警告	VMware	-	VMware Server の WebAccess におけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2010-1193	2010-04-21 17:54	2010-03-29	Show	GitHub Exploit DB Packet Storm

258290	7.5	危険	VMware	-	複数の VMware 製品の WebAccess におけるリクエストの発信元を偽装される脆弱性	CWE-20 不適切な入力確認	CVE-2010-0686	2010-04-21 17:53	2010-03-29	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:June 11, 2026, 5:13 a.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
247811	9.8	CRITICAL Network	icanstudioz	firebase_push_notification_on_ios_\/_fcm_\+_advance_admin_panel	The "Firebase Cloud Messaging (FCM) + Advance Admin Panel" component supporting Firebase Push Notification on iOS (through 2017-10-26) allows SQL injection via the /advance_push/public/login username…	CWE-89 SQL Injection	CVE-2018-13850	2024-11-21 12:48	2018-07-11	Show	GitHub Exploit DB Packet Storm

247812	6.1	MEDIUM Network	instagram-clone_project	instagram-clone	edit_requests.php in yTakkar Instagram-clone through 2018-04-23 has XSS via an onmouseover payload because of an inadequate XSS protection mechanism based on preg_replace.	CWE-79 Cross-site Scripting	CVE-2018-13849	2024-11-21 12:48	2018-07-11	Show	GitHub Exploit DB Packet Storm

247813	7.5	HIGH Network	axiosys	bento4	An issue has been found in Bento4 1.5.1-624. It is a SEGV in AP4_StszAtom::GetSampleSize in Core/Ap4StszAtom.cpp.	CWE-119 Incorrect Access of Indexable Resource ('Range Error')	CVE-2018-13848	2024-11-21 12:48	2018-07-11	Show	GitHub Exploit DB Packet Storm

247814	7.5	HIGH Network	axiosys	bento4	An issue has been found in Bento4 1.5.1-624. It is a SEGV in AP4_StcoAtom::AdjustChunkOffsets in Core/Ap4StcoAtom.cpp.	CWE-119 Incorrect Access of Indexable Resource ('Range Error')	CVE-2018-13847	2024-11-21 12:48	2018-07-11	Show	GitHub Exploit DB Packet Storm

247815	9.8	CRITICAL Network	axiosys	bento4	An issue has been found in Bento4 1.5.1-624. AP4_Mpeg2TsVideoSampleStream::WriteSample in Core/Ap4Mpeg2Ts.cpp has a heap-based buffer over-read after a call from Mp42Ts.cpp, a related issue to CVE-20…	CWE-125 Out-of-bounds Read	CVE-2018-13846	2024-11-21 12:48	2018-07-11	Show	GitHub Exploit DB Packet Storm

247816	9.8	CRITICAL Network	htslib	htslib	An issue has been found in HTSlib 1.8. It is a buffer over-read in sam_parse1 in sam.c.	CWE-125 Out-of-bounds Read	CVE-2018-13845	2024-11-21 12:48	2018-07-11	Show	GitHub Exploit DB Packet Storm

247817	7.5	HIGH Network	htslib	htslib	An issue has been found in HTSlib 1.8. It is a memory leak in fai_read in faidx.c. NOTE: This has been disputed with the assertion that this vulnerability exists in the test harness and HTSlib users …	CWE-401 Missing Release of Memory after Effective Lifetime	CVE-2018-13844	2024-11-21 12:48	2018-07-11	Show	GitHub Exploit DB Packet Storm

247818	7.5	HIGH Network	htslib	htslib	An issue has been found in HTSlib 1.8. It is a memory leak in bgzf_getline in bgzf.c. NOTE: the software maintainer's position is that the "failure to free memory" can be fixed in applications that u…	CWE-772 Missing Release of Resource after Effective Lifetime	CVE-2018-13843	2024-11-21 12:48	2018-07-11	Show	GitHub Exploit DB Packet Storm

247819	7.8	HIGH Local	cmft_project	cmft	An issue was discovered in cmft through 2017-09-24. The cmft::rwReadFile function in image.cpp allows remote attackers to cause a denial of service (stack-based buffer overflow and application crash)…	CWE-787 Out-of-bounds Write	CVE-2018-13833	2024-11-21 12:48	2018-07-11	Show	GitHub Exploit DB Packet Storm

247820	9.8	CRITICAL Network	symfony	twig	Twig before 2.4.4 allows Server-Side Template Injection (SSTI) via the search search_key parameter. NOTE: the vendor points out that Twig itself is not a web application and states that it is the res…	CWE-94 Code Injection	CVE-2018-13818	2024-11-21 12:48	2018-07-10	Show	GitHub Exploit DB Packet Storm

Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed