Vulnerability Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":June 17, 2026, 6 p.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
259061	6.8	警告	マイクロソフト	-	Microsoft Windows の win32k.sys における任意のコードを実行される脆弱性	CWE-20 不適切な入力確認	CVE-2010-0485	2010-07-1 16:20	2010-06-8	Show	GitHub Exploit DB Packet Storm

259062	6.8	警告	マイクロソフト	-	Microsoft Windows の win32k.sys における任意のコードを実行される脆弱性	CWE-20 不適切な入力確認	CVE-2010-0484	2010-07-1 16:20	2010-06-8	Show	GitHub Exploit DB Packet Storm

259063	4.3	警告	マイクロソフト	-	Microsoft SharePoint Server におけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2010-0817	2010-07-1 16:02	2010-04-29	Show	GitHub Exploit DB Packet Storm

259064	9.3	危険	マイクロソフト	-	Microsoft Windows の Microsoft Data Analyzer ActiveX コントロールにおける任意のコードを実行される脆弱性	CWE-94 コード・インジェクション	CVE-2010-0252	2010-07-1 16:02	2010-02-9	Show	GitHub Exploit DB Packet Storm

259065	9.3	危険	マイクロソフト	-	Microsoft Internet Explorer におけるアクセス制限を回避される脆弱性	CWE-264 認可・権限・アクセス制御	CVE-2010-0255	2010-07-1 16:01	2010-02-3	Show	GitHub Exploit DB Packet Storm

259066	9.3	危険	マイクロソフト	-	Microsoft Internet Explorer における任意のコードを実行される脆弱性	CWE-94 コード・インジェクション	CVE-2010-1262	2010-06-30 18:53	2010-06-8	Show	GitHub Exploit DB Packet Storm

259067	9.3	危険	マイクロソフト	-	Microsoft Internet Explorer における任意のコードを実行される脆弱性	CWE-94 コード・インジェクション	CVE-2010-1259	2010-06-30 18:53	2010-06-8	Show	GitHub Exploit DB Packet Storm

259068	9.3	危険	マイクロソフト	-	Microsoft Internet Explorer における任意のコードを実行される脆弱性	CWE-94 コード・インジェクション	CVE-2010-1261	2010-06-30 18:53	2010-06-8	Show	GitHub Exploit DB Packet Storm

259069	9.3	危険	マイクロソフト	-	Microsoft Internet Explorer における任意のコードを実行される脆弱性	CWE-94 コード・インジェクション	CVE-2010-1260	2010-06-30 18:53	2010-06-8	Show	GitHub Exploit DB Packet Storm

259070	4.3	警告	マイクロソフト	-	複数の Microsoft 製品におけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2010-1257	2010-06-30 18:53	2010-06-8	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:June 18, 2026, 4 a.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
246991	7.8	HIGH Local	mgetty_project	mgetty	An issue was discovered in mgetty before 1.2.1. In fax_notify_mail() in faxrec.c, the mail_to parameter is not sanitized. It could allow for command injection if untrusted input can reach it, because…	CWE-78 NVD-CWE-noinfo OS Command	CVE-2018-16744	2024-11-21 12:53	2018-09-14	Show	GitHub Exploit DB Packet Storm

246992	7.8	HIGH Local	mgetty_project	mgetty	An issue was discovered in mgetty before 1.2.1. In contrib/next-login/login.c, the command-line parameter username is passed unsanitized to strcpy(), which can cause a stack-based buffer overflow.	CWE-787 Out-of-bounds Write	CVE-2018-16743	2024-11-21 12:53	2018-09-14	Show	GitHub Exploit DB Packet Storm

246993	7.8	HIGH Local	mgetty_project	mgetty	An issue was discovered in mgetty before 1.2.1. In contrib/scrts.c, a stack-based buffer overflow can be triggered via a command-line parameter.	CWE-787 Out-of-bounds Write	CVE-2018-16742	2024-11-21 12:53	2018-09-14	Show	GitHub Exploit DB Packet Storm

246994	7.8	HIGH Local	mgetty_project debian	mgetty debian_linux	An issue was discovered in mgetty before 1.2.1. In fax/faxq-helper.c, the function do_activate() does not properly sanitize shell metacharacters to prevent command injection. It is possible to use th…	CWE-78 OS Command	CVE-2018-16741	2024-11-21 12:53	2018-09-14	Show	GitHub Exploit DB Packet Storm

246995	7.2	HIGH Network	squashtest	squash_tm	Squash TM through 1.18.0 presents the cleartext passwords of external services in the administration panel, as demonstrated by a ta-server-password field in the HTML source code.	CWE-522 Insufficiently Protected Credentials	CVE-2018-16987	2024-11-21 12:53	2018-09-14	Show	GitHub Exploit DB Packet Storm

246996	7.5	HIGH Network	lizard_project	lizard	In Lizard (formerly LZ5) 2.0, use of an invalid memory address was discovered in LZ5_compress_continue in lz5_compress.c, related to LZ5_compress_fastSmall and MEM_read32. The vulnerability causes a …	CWE-125 Out-of-bounds Read	CVE-2018-16985	2024-11-21 12:53	2018-09-13	Show	GitHub Exploit DB Packet Storm

246997	9.8	CRITICAL Network	noscript torproject	noscript tor_browser	NoScript Classic before 5.1.8.7, as used in Tor Browser 7.x and other products, allows attackers to bypass script blocking via the text/html;/json Content-Type value.	NVD-CWE-noinfo	CVE-2018-16983	2024-11-21 12:53	2018-09-13	Show	GitHub Exploit DB Packet Storm

246998	5.5	MEDIUM Local	byvoid	open_chinese_convert	Open Chinese Convert (OpenCC) 1.0.5 allows attackers to cause a denial of service (segmentation fault) because BinaryDict::NewFromFile in BinaryDict.cpp may have out-of-bounds keyOffset and valueOffs…	CWE-125 Out-of-bounds Read	CVE-2018-16982	2024-11-21 12:53	2018-09-13	Show	GitHub Exploit DB Packet Storm

246999	8.8	HIGH Network	nothings debian	stb_image.h debian_linux	stb stb_image.h 2.19, as used in catimg, Emscripten, and other products, has a heap-based buffer overflow in the stbi__out_gif_code function.	CWE-787 Out-of-bounds Write	CVE-2018-16981	2024-11-21 12:53	2018-09-13	Show	GitHub Exploit DB Packet Storm

247000	6.1	MEDIUM Network	dotcms	dotcms	dotCMS V5.0.1 has XSS in the /html/portlet/ext/contentlet/image_tools/index.jsp fieldName and inode parameters.	CWE-79 Cross-site Scripting	CVE-2018-16980	2024-11-21 12:53	2018-09-13	Show	GitHub Exploit DB Packet Storm

Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed