Vulnerability Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":June 15, 2026, 6 p.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
258511	7.8	危険	オラクル	-	Oracle Database Server の Listener コンポーネントにおける脆弱性	CWE-noinfo 情報不足	CVE-2010-0911	2010-08-2 19:30	2010-07-13	Show	GitHub Exploit DB Packet Storm

258512	5.5	警告	PostgreSQL.org サイバートラスト株式会社サン・マイクロシステムズレッドハット	-	PostgreSQL における任意のパラメータ設定を削除される脆弱性	CWE-264 認可・権限・アクセス制御	CVE-2010-1975	2010-08-2 17:13	2010-05-19	Show	GitHub Exploit DB Packet Storm

258513	5	警告	MySQL AB	-	MySQL の mysql_uninstall_plugin 関数における任意のプラグインを削除される脆弱性	CWE-264 認可・権限・アクセス制御	CVE-2010-1621	2010-08-2 17:13	2010-04-6	Show	GitHub Exploit DB Packet Storm

258514	3.5	注意	オラクル	-	Oracle Fusion Middleware の Application Server Control コンポーネントにおける脆弱性	CWE-noinfo 情報不足	CVE-2010-2381	2010-07-30 17:43	2010-07-13	Show	GitHub Exploit DB Packet Storm

258515	3.5	注意	オラクル	-	Oracle Fusion Middleware の Application Server Control コンポーネントにおける脆弱性	CWE-noinfo 情報不足	CVE-2010-0081	2010-07-30 17:42	2010-07-13	Show	GitHub Exploit DB Packet Storm

258516	4.3	警告	オラクル	-	Oracle Fusion Middleware の Wireless コンポーネントにおける脆弱性	CWE-noinfo 情報不足	CVE-2010-0835	2010-07-30 17:42	2010-07-13	Show	GitHub Exploit DB Packet Storm

258517	6.4	警告	オラクル	-	Oracle Fusion Middleware の WebLogic Server コンポーネントにおける脆弱性	CWE-noinfo 情報不足	CVE-2010-2375	2010-07-30 17:42	2010-07-13	Show	GitHub Exploit DB Packet Storm

258518	9.3	危険	マイクロソフト	-	Microsoft Office Outlook における任意のコードを実行される脆弱性	CWE-94 コード・インジェクション	CVE-2010-0266	2010-07-30 17:42	2010-07-13	Show	GitHub Exploit DB Packet Storm

258519	9.3	危険	マイクロソフト	-	Microsoft Office Access の FieldList の ActiveX コントロールにおける任意のコードを実行される脆弱性	CWE-94 コード・インジェクション	CVE-2010-1881	2010-07-30 17:41	2010-07-13	Show	GitHub Exploit DB Packet Storm

258520	9.3	危険	マイクロソフト	-	Microsoft Office Access の Microsoft Access Wizard Controls における任意のコードを実行される脆弱性	CWE-94 コード・インジェクション	CVE-2010-0814	2010-07-30 17:41	2010-07-13	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:June 15, 2026, 4:10 a.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
246141	9.8	CRITICAL Network	enalean	tuleap	An issue was discovered in Enalean Tuleap before 10.5. Reset password links are not invalidated after a user changes its password.	CWE-640 Weak Password Recovery Mechanism for Forgotten Password	CVE-2018-17298	2024-11-21 12:54	2018-09-21	Show	GitHub Exploit DB Packet Storm

246142	7.5	HIGH Network	hutool	hutool	The unzip function in ZipUtil.java in Hutool before 4.1.12 allows remote attackers to overwrite arbitrary files via directory traversal sequences in a filename within a ZIP archive.	CWE-22 Path Traversal	CVE-2018-17297	2024-11-21 12:54	2018-09-21	Show	GitHub Exploit DB Packet Storm

246143	6.5	MEDIUM Network	liblouis canonical opensuse	liblouis ubuntu_linux leap	The matchCurrentInput function inside lou_translateString.c of Liblouis prior to 3.7 does not check the input string's length, allowing attackers to cause a denial of service (application crash via o…	CWE-125 Out-of-bounds Read	CVE-2018-17294	2024-11-21 12:54	2018-09-21	Show	GitHub Exploit DB Packet Storm

246144	8.8	HIGH Network	webassembly_virtual_machine_project	webassembly_virtual_machine	An issue was discovered in WAVM before 2018-09-16. The run function in Programs/wavm/wavm.cpp does not check whether there is Emscripten memory to store the command-line arguments passed by the input…	CWE-476 NULL Pointer Dereference	CVE-2018-17293	2024-11-21 12:54	2018-09-21	Show	GitHub Exploit DB Packet Storm

246145	6.5	MEDIUM Network	webassembly_virtual_machine_project	webassembly_virtual_machine	An issue was discovered in WAVM before 2018-09-16. The loadModule function in Include/Inline/CLI.h lacks checking of the file length before a file magic comparison, allowing attackers to cause a Deni…	CWE-125 Out-of-bounds Read	CVE-2018-17292	2024-11-21 12:54	2018-09-21	Show	GitHub Exploit DB Packet Storm

246146	7.5	HIGH Network	zohocorp	manageengine_opmanager	Zoho ManageEngine OpManager before 12.3 Build 123196 does not require authentication for /oputilsServlet requests, as demonstrated by a /oputilsServlet?action=getAPIKey request that can be leveraged …	CWE-89 SQL Injection	CVE-2018-17283	2024-11-21 12:54	2018-09-21	Show	GitHub Exploit DB Packet Storm

246147	6.5	MEDIUM Network	exiv2	exiv2	An issue was discovered in Exiv2 v0.26. The function Exiv2::DataValue::copy in value.cpp has a NULL pointer dereference.	CWE-476 NULL Pointer Dereference	CVE-2018-17282	2024-11-21 12:54	2018-09-21	Show	GitHub Exploit DB Packet Storm

246148	9.8	CRITICAL Network	arkextensions	jck_editor	The JCK Editor component 6.4.4 for Joomla! allows SQL Injection via the jtreelink/dialogs/links.php parent parameter.	CWE-89 SQL Injection	CVE-2018-17254	2024-11-21 12:54	2018-09-20	Show	GitHub Exploit DB Packet Storm

246149	9.8	CRITICAL Network	zohocorp	manageengine_opmanager	Global Search in Zoho ManageEngine OpManager before 12.3 123205 allows SQL Injection.	CWE-89 SQL Injection	CVE-2018-17243	2024-11-21 12:54	2018-09-20	Show	GitHub Exploit DB Packet Storm

246150	6.5	MEDIUM Network	hdfgroup	hdf5	A SIGFPE signal is raised in the function H5D__chunk_set_info_real() of H5Dchunk.c in the HDF HDF5 1.10.3 library during an attempted parse of a crafted HDF file, because of incorrect protection agai…	CWE-369 Divide By Zero	CVE-2018-17237	2024-11-21 12:54	2018-09-20	Show	GitHub Exploit DB Packet Storm

Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed