Vulnerability Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":June 10, 2026, 6 p.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
258761	9.3	危険	マイクロソフト	-	Microsoft Windows の Web Services on Devices API (WSDAPI) における任意のコードを実行される脆弱性	CWE-94 コード・インジェクション	CVE-2009-2512	2010-01-4 15:23	2009-11-10	Show	GitHub Exploit DB Packet Storm

258762	10	危険	アップル VMware サン・マイクロシステムズ	-	Sun Java SE の Provider クラスにおける詳細不明な脆弱性	CWE-noinfo 情報不足	CVE-2009-2722	2010-01-4 14:56	2009-08-10	Show	GitHub Exploit DB Packet Storm

258763	10	危険	アップル VMware サン・マイクロシステムズ	-	Sun Java SE の Provider クラスにおける詳細不明な脆弱性	CWE-noinfo 情報不足	CVE-2009-2723	2010-01-4 14:55	2009-08-10	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:June 10, 2026, 5 a.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
248011	9.8	CRITICAL Network	godoc	go_doc_dot_org	In Go Doc Dot Org (gddo) through 2018-06-27, an attacker could use specially crafted <go-import> tags in packages being fetched by gddo to cause a directory traversal and remote code execution.	CWE-22 Path Traversal	CVE-2018-12976	2024-11-21 12:46	2018-07-6	Show	GitHub Exploit DB Packet Storm

248012	9.8	CRITICAL Network	gnome canonical debian redhat opensuse	libsoup ubuntu_linux debian_linux enterprise_linux_desktop enterprise_linux_workstation enterprise_linux_server openshift_container_platform ansible_tower leap	The get_cookies function in soup-cookie-jar.c in libsoup 2.63.2 allows attackers to have unspecified impact via an empty hostname.	CWE-125 Out-of-bounds Read	CVE-2018-12910	2024-11-21 12:46	2018-07-6	Show	GitHub Exploit DB Packet Storm

248013	8.1	HIGH Network	ffmpeg	ffmpeg	In FFmpeg 4.0.1, due to a missing check for negative values of the mquant variable, the vc1_put_blocks_clamped function in libavcodec/vc1_block.c may trigger an out-of-array access while converting a…	CWE-125 Out-of-bounds Read	CVE-2018-13305	2024-11-21 12:46	2018-07-6	Show	GitHub Exploit DB Packet Storm

248014	6.5	MEDIUM Network	ffmpeg	ffmpeg	In libavcodec in FFmpeg 4.0.1, improper maintenance of the consistency between the context profile field and studio_profile in libavcodec may trigger an assertion failure while converting a crafted A…	CWE-617 Reachable Assertion	CVE-2018-13304	2024-11-21 12:46	2018-07-6	Show	GitHub Exploit DB Packet Storm

248015	6.5	MEDIUM Network	ffmpeg	ffmpeg	In FFmpeg 4.0.1, a missing check for failure of a call to init_get_bits8() in the avpriv_ac3_parse_header function in libavcodec/ac3_parser.c may trigger a NULL pointer dereference while converting a…	CWE-476 NULL Pointer Dereference	CVE-2018-13303	2024-11-21 12:46	2018-07-6	Show	GitHub Exploit DB Packet Storm

248016	8.8	HIGH Network	ffmpeg debian	ffmpeg debian_linux	In FFmpeg 4.0.1, improper handling of frame types (other than EAC3_FRAME_TYPE_INDEPENDENT) that have multiple independent substreams in the handle_eac3 function in libavformat/movenc.c may trigger an…	CWE-129 Improper Validation of Array Index	CVE-2018-13302	2024-11-21 12:46	2018-07-6	Show	GitHub Exploit DB Packet Storm

248017	6.5	MEDIUM Network	ffmpeg	ffmpeg	In FFmpeg 4.0.1, due to a missing check of a profile value before setting it, the ff_mpeg4_decode_picture_header function in libavcodec/mpeg4videodec.c may trigger a NULL pointer dereference while co…	CWE-476 NULL Pointer Dereference	CVE-2018-13301	2024-11-21 12:46	2018-07-6	Show	GitHub Exploit DB Packet Storm

248018	8.1	HIGH Network	ffmpeg debian	ffmpeg debian_linux	In FFmpeg 3.2 and 4.0.1, an improper argument (AVCodecParameters) passed to the avpriv_request_sample function in the handle_eac3 function in libavformat/movenc.c may trigger an out-of-array read whi…	CWE-125 Out-of-bounds Read	CVE-2018-13300	2024-11-21 12:46	2018-07-6	Show	GitHub Exploit DB Packet Storm

248019	6.1	MEDIUM Network	entrustdatacard	syntera_customization_suite	Entrust Datacard Syntera CS 5.x has XSS via the name field of "Domain or Computer Name" in the login page.	CWE-79 Cross-site Scripting	CVE-2018-13252	2024-11-21 12:46	2018-07-6	Show	GitHub Exploit DB Packet Storm

248020	6.5	MEDIUM Network	libming	libming	In libming 0.4.8, there is an excessive memory allocation attempt in the readBytes function of the util/read.c file, related to parseSWF_DEFINEBITSJPEG2. Remote attackers could leverage this vulnerab…	CWE-400 Uncontrolled Resource Consumption	CVE-2018-13251	2024-11-21 12:46	2018-07-5	Show	GitHub Exploit DB Packet Storm

Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed