Vulnerability Search Top

Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

Vulnerability Information Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":June 23, 2026, 4 p.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
260071	5	警告	オラクル	-	Oracle Fusion Middleware の Oracle Internet Directory コンポーネントにおける脆弱性	CWE-noinfo 情報不足	CVE-2010-0872	2010-05-12 15:18	2010-04-13	Show	GitHub Exploit DB Packet Storm

260072	2.1	注意	オラクル	-	Oracle Database の Audit コンポーネントにおける脆弱性	CWE-noinfo 情報不足	CVE-2010-0854	2010-05-12 15:18	2010-04-13	Show	GitHub Exploit DB Packet Storm

260073	3.6	注意	オラクル	-	Oracle Database の Change Data Capture コンポーネントにおける脆弱性	CWE-noinfo 情報不足	CVE-2010-0870	2010-05-12 15:18	2010-04-13	Show	GitHub Exploit DB Packet Storm

260074	4	警告	オラクル	-	Oracle Database の XML DB コンポーネントにおける脆弱性	CWE-noinfo 情報不足	CVE-2010-0851	2010-05-12 15:17	2010-04-13	Show	GitHub Exploit DB Packet Storm

260075	4	警告	オラクル	-	Oracle Database の JavaVM コンポーネントにおける脆弱性	CWE-noinfo 情報不足	CVE-2010-0867	2010-05-12 15:17	2010-04-13	Show	GitHub Exploit DB Packet Storm

260076	5.5	警告	オラクル	-	Oracle Database の XML DB コンポーネントにおける脆弱性	CWE-noinfo 情報不足	CVE-2010-0852	2010-05-12 15:17	2010-04-13	Show	GitHub Exploit DB Packet Storm

260077	6.5	警告	オラクル	-	Oracle Database の JavaVM コンポーネントにおける脆弱性	CWE-noinfo 情報不足	CVE-2010-0866	2010-05-12 15:17	2010-04-13	Show	GitHub Exploit DB Packet Storm

260078	7.1	危険	オラクル	-	Oracle Database の Core RDBMS コンポーネントにおける脆弱性	CWE-noinfo 情報不足	CVE-2010-0860	2010-05-12 15:16	2010-04-13	Show	GitHub Exploit DB Packet Storm

260079	7.5	危険	オラクル	-	複数の Oracle 製品の Oracle Internet Directory コンポーネントにおける脆弱性	CWE-noinfo 情報不足	CVE-2010-0853	2010-05-12 15:16	2010-04-13	Show	GitHub Exploit DB Packet Storm

260080	2.6	注意	シックス・アパート株式会社	-	Movable Type におけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2010-1985	2010-05-12 12:01	2010-05-12	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:June 23, 2026, 4 a.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
250171	7.8	HIGH Local	qualcomm	ipq4019_firmware ipq8064_firmware ipq8074_firmware mdm9150_firmware mdm9206_firmware mdm9607_firmware mdm9640_firmware mdm9650_firmware qcs605_firmware sd_425_firmware s…	Data length received from firmware is not validated against the max allowed size which can result in buffer overflow. in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Indus…	CWE-190 Integer Overflow or Wraparound	CVE-2018-11925	2024-11-21 12:44	2019-05-25	Show	GitHub Exploit DB Packet Storm

250172	7.8	HIGH Local	qualcomm	mdm9150_firmware mdm9206_firmware mdm9607_firmware mdm9640_firmware mdm9650_firmware msm8996au_firmware qca6174a_firmware qca6574au_firmware qca9377_firmware qca9379_firmwa…	Improper buffer length validation in WLAN function can lead to a potential integer oveflow issue in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer Electronics Connectivity, Snapdragon Consu…	CWE-190 Integer Overflow or Wraparound	CVE-2018-11924	2024-11-21 12:44	2019-05-25	Show	GitHub Exploit DB Packet Storm

250173	7.8	HIGH Local	qualcomm	mdm9150_firmware mdm9206_firmware mdm9607_firmware mdm9640_firmware mdm9650_firmware msm8996au_firmware qca6574au_firmware qcs605_firmware sd_425_firmware sd_427_firmware	Improper buffer length check before copying can lead to integer overflow and then a buffer overflow in WMA event handler in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon In…	CWE-119 CWE-190 Incorrect Access of Indexable Resource ('Range Error') Integer Overflow or Wraparound	CVE-2018-11923	2024-11-21 12:44	2019-05-25	Show	GitHub Exploit DB Packet Storm

250174	5.4	MEDIUM Network	valvesoftware	steam_client	In Valve Steam 1528829181 BETA, it is possible to perform a homograph / homoglyph attack to create fake URLs in the client, which may trick users into visiting unintended web sites.	CWE-20 Improper Input Validation	CVE-2018-12270	2024-11-21 12:44	2019-05-20	Show	GitHub Exploit DB Packet Storm

250175	6.1	MEDIUM Network	seagate	nas_os	Cross-site scripting in Application Manager in Seagate NAS OS version 4.3.15.1 allows attackers to execute JavaScript via multiple application metadata fields: Short Description, Publisher Name, Publ…	CWE-79 Cross-site Scripting	CVE-2018-12304	2024-11-21 12:44	2019-05-13	Show	GitHub Exploit DB Packet Storm

250176	5.4	MEDIUM Network	seagate	nas_os	Cross-site scripting in filebrowser in Seagate NAS OS version 4.3.15.1 allows attackers to execute JavaScript via directory names.	CWE-79 Cross-site Scripting	CVE-2018-12303	2024-11-21 12:44	2019-05-13	Show	GitHub Exploit DB Packet Storm

250177	6.1	MEDIUM Network	seagate	nas_os	Missing HTTPOnly flag on session cookies in the Seagate NAS OS version 4.3.15.1 web application allows attackers to steal session tokens via cross-site scripting.	CWE-79 Cross-site Scripting	CVE-2018-12302	2024-11-21 12:44	2019-05-13	Show	GitHub Exploit DB Packet Storm

250178	7.5	HIGH Network	seagate	nas_os	Unvalidated URL in Download Manager in Seagate NAS OS version 4.3.15.1 allows attackers to access the loopback interface via a Download URL of 127.0.0.1 or localhost.	CWE-200 Information Exposure	CVE-2018-12301	2024-11-21 12:44	2019-05-13	Show	GitHub Exploit DB Packet Storm

250179	6.1	MEDIUM Network	seagate	nas_os	Arbitrary Redirect in echo-server.html in Seagate NAS OS version 4.3.15.1 allows attackers to disclose information in the Referer header via the 'state' URL parameter.	CWE-601 Open Redirect	CVE-2018-12300	2024-11-21 12:44	2019-05-13	Show	GitHub Exploit DB Packet Storm

250180	5.4	MEDIUM Network	seagate	nas_os	Cross-site scripting in filebrowser in Seagate NAS OS version 4.3.15.1 allows attackers to execute JavaScript via uploaded file names.	CWE-79 Cross-site Scripting	CVE-2018-12299	2024-11-21 12:44	2019-05-13	Show	GitHub Exploit DB Packet Storm