Vulnerability Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":June 12, 2026, 6 p.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
258561	4	警告	富士通九州システムズ	-	e-Pares におけるセッション固定の脆弱性	CWE-Other その他	CVE-2010-2149	2010-06-2 15:05	2010-06-2	Show	GitHub Exploit DB Packet Storm

258562	2.6	注意	富士通九州システムズ	-	e-Pares におけるクロスサイトリクエストフォージェリの脆弱性	CWE-352 同一生成元ポリシー違反	CVE-2010-2151	2010-06-2 15:04	2010-06-2	Show	GitHub Exploit DB Packet Storm

258563	4.3	警告	富士通九州システムズ	-	e-Pares におけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2010-2150	2010-06-2 15:02	2010-06-2	Show	GitHub Exploit DB Packet Storm

258564	2.1	注意	アドビシステムズ	-	Adobe ColdFusion における重要な情報を取得される脆弱性	CWE-200 CWE-noinfo	CVE-2010-1294	2010-06-2 12:14	2010-05-11	Show	GitHub Exploit DB Packet Storm

258565	4.3	警告	アドビシステムズ	-	Adobe ColdFusion の Administrator ページにおけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2010-1293	2010-06-2 12:14	2010-05-11	Show	GitHub Exploit DB Packet Storm

258566	4.3	警告	アドビシステムズ	-	Adobe ColdFusion におけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2009-3467	2010-06-2 12:13	2010-05-11	Show	GitHub Exploit DB Packet Storm

258567	9.3	危険	アドビシステムズ	-	Adobe Shockwave Player の pami RIFF chunk 構文解析における任意のコードを実行される脆弱性	CWE-20 不適切な入力確認	CVE-2010-1292	2010-06-2 12:13	2010-05-11	Show	GitHub Exploit DB Packet Storm

258568	9.3	危険	アドビシステムズ	-	Adobe Shockwave Player における任意のコードを実行される脆弱性	CWE-119 バッファエラー	CVE-2010-1291	2010-06-2 12:13	2010-05-11	Show	GitHub Exploit DB Packet Storm

258569	9.3	危険	アドビシステムズ	-	Adobe Shockwave Player における任意のコードを実行される脆弱性	CWE-119 バッファエラー	CVE-2010-1290	2010-06-2 12:13	2010-05-11	Show	GitHub Exploit DB Packet Storm

258570	9.3	危険	ジャストシステム	-	一太郎シリーズにおける任意のコードが実行される脆弱性	CWE-noinfo 情報不足	CVE-2010-2152	2010-06-1 16:01	2010-06-1	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:June 12, 2026, 4:20 a.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
248961	8.8	HIGH Network	ocsinventory-ng	ocsinventory_ng	OCS Inventory 2.4.1 is prone to a remote command-execution vulnerability. Specifically, this issue occurs because the content of the ipdiscover_analyser rzo GET parameter is concatenated to a string …	CWE-78 OS Command	CVE-2018-12483	2024-11-21 12:45	2018-08-4	Show	GitHub Exploit DB Packet Storm

248962	8.8	HIGH Network	ocsinventory-ng	ocsinventory_ng	OCS Inventory 2.4.1 contains multiple SQL injections in the search engine. Authentication is needed in order to exploit the issues.	CWE-89 SQL Injection	CVE-2018-12482	2024-11-21 12:45	2018-08-4	Show	GitHub Exploit DB Packet Storm

248963	5.4	MEDIUM Network	gitlab	gitlab	An issue was discovered in GitLab Community Edition and Enterprise Edition before 10.7.6, 10.8.x before 10.8.5, and 11.x before 11.0.1. The charts feature contained a persistent XSS issue due to a la…	CWE-79 Cross-site Scripting	CVE-2018-12607	2024-11-21 12:45	2018-08-4	Show	GitHub Exploit DB Packet Storm

248964	5.4	MEDIUM Network	gitlab	gitlab	An issue was discovered in GitLab Community Edition and Enterprise Edition before 10.7.6, 10.8.x before 10.8.5, and 11.x before 11.0.1. The wiki contains a persistent XSS issue due to a lack of outpu…	CWE-79 Cross-site Scripting	CVE-2018-12606	2024-11-21 12:45	2018-08-4	Show	GitHub Exploit DB Packet Storm

248965	5.4	MEDIUM Network	gitlab	gitlab	An issue was discovered in GitLab Community Edition and Enterprise Edition 10.7.x before 10.7.6. The usage of 'url_for' contained a XSS issue due to it allowing arbitrary protocols as a parameter.	CWE-79 Cross-site Scripting	CVE-2018-12605	2024-11-21 12:45	2018-08-4	Show	GitHub Exploit DB Packet Storm

248966	5.3	MEDIUM Network	navercorp	whale	Whale Browser before 1.3.48.4 displays no URL information but only a title of a web page on the browser's address bar when visiting a non-http page, which allows an attacker to display a malicious we…	CWE-20 Improper Input Validation	CVE-2018-12448	2024-11-21 12:45	2018-08-2	Show	GitHub Exploit DB Packet Storm

248967	7.2	HIGH Network	microfocus	groupwise	A vulnerability in the administration console of Micro Focus GroupWise prior to version 18.0.2 may allow a remote attacker authenticated as an administrator to upload files to an arbitrary path on th…	CWE-434 Unrestricted Upload of File with Dangerous Type	CVE-2018-12468	2024-11-21 12:45	2018-08-2	Show	GitHub Exploit DB Packet Storm

248968	6.5	MEDIUM Network	opensuse	open_build_service	Authorized users of the openbuildservice before 2.9.4 could delete packages by using a malicious request against projects having the OBS:InitializeDevelPackage attribute, a similar issue to CVE-2018-…	CWE-732 Incorrect Permission Assignment for Critical Resource	CVE-2018-12467	2024-11-21 12:45	2018-08-2	Show	GitHub Exploit DB Packet Storm

248969	6.5	MEDIUM Network	opensuse	open_build_service	openSUSE openbuildservice before 9.2.4 allowed authenticated users to delete packages on specific projects with project links.	CWE-732 Incorrect Permission Assignment for Critical Resource	CVE-2018-12466	2024-11-21 12:45	2018-08-2	Show	GitHub Exploit DB Packet Storm

248970	9.8	CRITICAL Network	adobe	acrobat_dc acrobat_reader_dc	Adobe Acrobat and Reader 2018.011.20040 and earlier, 2017.011.30080 and earlier, and 2015.006.30418 and earlier versions have a Use-after-free vulnerability. Successful exploitation could lead to arb…	CWE-416 Use After Free	CVE-2018-12815	2024-11-21 12:45	2018-07-21	Show	GitHub Exploit DB Packet Storm

Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed