Vulnerability Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":June 18, 2026, 10 a.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
259311	4	警告	Squid-cache.org サイバートラスト株式会社ターボリナックスレッドハット	-	Squid の lib/rfc1035.c におけるサービス運用妨害 (DoS) の脆弱性	CWE-20 不適切な入力確認	CVE-2010-0308	2010-04-27 15:20	2010-01-28	Show	GitHub Exploit DB Packet Storm

259312	6.8	警告	アップル	-	Apple Mac OS X の QuickDraw Manager におけるバッファオーバーフローの脆弱性	CWE-119 バッファエラー	CVE-2009-2837	2010-04-27 15:20	2009-11-9	Show	GitHub Exploit DB Packet Storm

259313	5	警告	Squid-cache.org サイバートラスト株式会社ターボリナックスレッドハット	-	Squid の strListGetItem 関数におけるサービス運用妨害 (DoS) の脆弱性	CWE-20 不適切な入力確認	CVE-2009-2855	2010-04-27 15:19	2009-08-18	Show	GitHub Exploit DB Packet Storm

259314	4.3	警告	アップルサイバートラスト株式会社 LibTIFF サン・マイクロシステムズレッドハット	-	libtiff の LZWDecodeCompat 関数におけるバッファアンダーフローの脆弱性	CWE-119 バッファエラー	CVE-2009-2285	2010-04-27 15:19	2009-07-1	Show	GitHub Exploit DB Packet Storm

259315	4.3	警告	サイバートラスト株式会社レッドハット	-	Red Hat および MIRACLE LINUX の sendmail におけるメール送信元を偽装される脆弱性	-	CVE-2006-7176	2010-04-27 15:18	2007-03-27	Show	GitHub Exploit DB Packet Storm

259316	6.9	警告	アップル	-	Windows 上で稼働する Apple iTunes のインストールパッケージにおける権限昇格の脆弱性	CWE-362 競合状態	CVE-2010-0532	2010-04-26 16:59	2010-03-31	Show	GitHub Exploit DB Packet Storm

259317	4.3	警告	アップル	-	Apple iTunes におけるサービス運用妨害 (DoS) の脆弱性	CWE-399 リソース管理の問題	CVE-2010-0531	2010-04-26 16:59	2010-03-31	Show	GitHub Exploit DB Packet Storm

259318	9.3	危険	アップル	-	Windows 上で稼働する Apple QuickTime における任意のコードを実行される脆弱性	CWE-119 バッファエラー	CVE-2010-0536	2010-04-26 16:59	2010-03-31	Show	GitHub Exploit DB Packet Storm

259319	9.3	危険	アップル	-	Windows 上で稼働する Apple QuickTime の QuickTime.qts における任意のコードを実行される脆弱性	CWE-119 バッファエラー	CVE-2010-0529	2010-04-26 16:59	2010-03-31	Show	GitHub Exploit DB Packet Storm

259320	9.3	危険	アップル	-	Windows 上で稼働する Apple QuickTime における任意のコードを実行される脆弱性	CWE-119 バッファエラー	CVE-2010-0528	2010-04-26 16:58	2010-03-31	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:June 18, 2026, 4 a.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
246991	7.8	HIGH Local	mgetty_project	mgetty	An issue was discovered in mgetty before 1.2.1. In fax_notify_mail() in faxrec.c, the mail_to parameter is not sanitized. It could allow for command injection if untrusted input can reach it, because…	CWE-78 NVD-CWE-noinfo OS Command	CVE-2018-16744	2024-11-21 12:53	2018-09-14	Show	GitHub Exploit DB Packet Storm

246992	7.8	HIGH Local	mgetty_project	mgetty	An issue was discovered in mgetty before 1.2.1. In contrib/next-login/login.c, the command-line parameter username is passed unsanitized to strcpy(), which can cause a stack-based buffer overflow.	CWE-787 Out-of-bounds Write	CVE-2018-16743	2024-11-21 12:53	2018-09-14	Show	GitHub Exploit DB Packet Storm

246993	7.8	HIGH Local	mgetty_project	mgetty	An issue was discovered in mgetty before 1.2.1. In contrib/scrts.c, a stack-based buffer overflow can be triggered via a command-line parameter.	CWE-787 Out-of-bounds Write	CVE-2018-16742	2024-11-21 12:53	2018-09-14	Show	GitHub Exploit DB Packet Storm

246994	7.8	HIGH Local	mgetty_project debian	mgetty debian_linux	An issue was discovered in mgetty before 1.2.1. In fax/faxq-helper.c, the function do_activate() does not properly sanitize shell metacharacters to prevent command injection. It is possible to use th…	CWE-78 OS Command	CVE-2018-16741	2024-11-21 12:53	2018-09-14	Show	GitHub Exploit DB Packet Storm

246995	7.2	HIGH Network	squashtest	squash_tm	Squash TM through 1.18.0 presents the cleartext passwords of external services in the administration panel, as demonstrated by a ta-server-password field in the HTML source code.	CWE-522 Insufficiently Protected Credentials	CVE-2018-16987	2024-11-21 12:53	2018-09-14	Show	GitHub Exploit DB Packet Storm

246996	7.5	HIGH Network	lizard_project	lizard	In Lizard (formerly LZ5) 2.0, use of an invalid memory address was discovered in LZ5_compress_continue in lz5_compress.c, related to LZ5_compress_fastSmall and MEM_read32. The vulnerability causes a …	CWE-125 Out-of-bounds Read	CVE-2018-16985	2024-11-21 12:53	2018-09-13	Show	GitHub Exploit DB Packet Storm

246997	9.8	CRITICAL Network	noscript torproject	noscript tor_browser	NoScript Classic before 5.1.8.7, as used in Tor Browser 7.x and other products, allows attackers to bypass script blocking via the text/html;/json Content-Type value.	NVD-CWE-noinfo	CVE-2018-16983	2024-11-21 12:53	2018-09-13	Show	GitHub Exploit DB Packet Storm

246998	5.5	MEDIUM Local	byvoid	open_chinese_convert	Open Chinese Convert (OpenCC) 1.0.5 allows attackers to cause a denial of service (segmentation fault) because BinaryDict::NewFromFile in BinaryDict.cpp may have out-of-bounds keyOffset and valueOffs…	CWE-125 Out-of-bounds Read	CVE-2018-16982	2024-11-21 12:53	2018-09-13	Show	GitHub Exploit DB Packet Storm

246999	8.8	HIGH Network	nothings debian	stb_image.h debian_linux	stb stb_image.h 2.19, as used in catimg, Emscripten, and other products, has a heap-based buffer overflow in the stbi__out_gif_code function.	CWE-787 Out-of-bounds Write	CVE-2018-16981	2024-11-21 12:53	2018-09-13	Show	GitHub Exploit DB Packet Storm

247000	6.1	MEDIUM Network	dotcms	dotcms	dotCMS V5.0.1 has XSS in the /html/portlet/ext/contentlet/image_tools/index.jsp fieldName and inode parameters.	CWE-79 Cross-site Scripting	CVE-2018-16980	2024-11-21 12:53	2018-09-13	Show	GitHub Exploit DB Packet Storm

Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed