Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":July 1, 2026, 4:01 p.m.

No CVSS Level
Attach Vector
Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show
Exploit
PoC
Search
260221 4.3 警告 トランスウエア - Active! mail 6 における HTTP ヘッダインジェクションの脆弱性 CWE-20
不適切な入力確認
CVE-2010-3913 2010-10-29 16:01 2010-10-29 Show GitHub Exploit DB Packet Storm
260222 6.8 警告 Schezo - Lhaplus における実行ファイル読み込みに関する脆弱性 CWE-Other
その他
CVE-2010-3158 2010-10-28 16:55 2010-10-15 Show GitHub Exploit DB Packet Storm
260223 7.6 危険 マイクロソフト - 複数の Microsoft 製品の Comctl32.dll におけるヒープベースのバッファオーバーフローの脆弱性 CWE-119
バッファエラー
CVE-2010-2746 2010-10-28 16:35 2010-10-12 Show GitHub Exploit DB Packet Storm
260224 9.3 危険 マイクロソフト - 複数の Microsoft 製品における任意のコードを実行される脆弱性 CWE-20
不適切な入力確認
CVE-2010-3240 2010-10-28 16:35 2010-10-12 Show GitHub Exploit DB Packet Storm
260225 9.3 危険 マイクロソフト - Microsoft Excel および Microsoft Office における任意のコードを実行される脆弱性 CWE-20
不適切な入力確認
CVE-2010-3238 2010-10-28 16:34 2010-10-12 Show GitHub Exploit DB Packet Storm
260226 9.3 危険 マイクロソフト - 複数の Microsoft 製品における任意のコードを実行される脆弱性 CWE-20
不適切な入力確認
CVE-2010-3236 2010-10-28 16:34 2010-10-12 Show GitHub Exploit DB Packet Storm
260227 9.3 危険 マイクロソフト - Microsoft Excel における任意のコードを実行される脆弱性 CWE-20
不適切な入力確認
CVE-2010-3233 2010-10-28 16:34 2010-10-12 Show GitHub Exploit DB Packet Storm
260228 9.3 危険 マイクロソフト - 複数の Microsoft 製品における任意のコードを実行される脆弱性 CWE-20
不適切な入力確認
CVE-2010-3232 2010-10-28 16:33 2010-10-12 Show GitHub Exploit DB Packet Storm
260229 9.3 危険 マイクロソフト - 複数の Microsoft 製品における任意のコードを実行される脆弱性 CWE-20
不適切な入力確認
CVE-2010-3242 2010-10-28 16:33 2010-10-12 Show GitHub Exploit DB Packet Storm
260230 9.3 危険 マイクロソフト - 複数の Microsoft 製品における任意のコードを実行される脆弱性 CWE-20
不適切な入力確認
CVE-2010-3241 2010-10-28 16:33 2010-10-12 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:July 1, 2026, 4:27 a.m.

No CVSS Level
Attach Vector
Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
247811 4.8 MEDIUM
Network
phome empirecms admin\db\DoSql.php in EmpireCMS through 7.5 allows XSS via crafted SQL syntax to admin/admin.php. CWE-79
Cross-site Scripting
CVE-2018-19461 2024-11-21 12:57 2019-06-8 Show GitHub Exploit DB Packet Storm
247812 7.8 HIGH
Local
foxitsoftware foxit_pdf_sdk_activex A use after free in the TextBox field Mouse Enter action in IReader_ContentProvider can occur for specially crafted PDF files in Foxit Reader SDK (ActiveX) Professional 5.4.0.1031. An attacker can le… CWE-416
 Use After Free
CVE-2018-19452 2024-11-21 12:57 2019-06-8 Show GitHub Exploit DB Packet Storm
247813 7.8 HIGH
Local
foxitsoftware foxit_pdf_sdk_activex A command injection can occur for specially crafted PDF files in Foxit Reader SDK (ActiveX) Professional 5.4.0.1031 when using the Open File action on a Field. An attacker can leverage this to gain r… CWE-77
Command Injection
CVE-2018-19451 2024-11-21 12:57 2019-06-8 Show GitHub Exploit DB Packet Storm
247814 6.1 MEDIUM
Network
mycolorway simditor Simditor through 2.3.21 allows DOM XSS via an onload attribute within a malformed SVG element. CWE-79
Cross-site Scripting
CVE-2018-19048 2024-11-21 12:57 2019-05-13 Show GitHub Exploit DB Packet Storm
247815 7.5 HIGH
Network
virginmedia hub_3.0_firmware On Virgin Media wireless router 3.0 hub devices, the web interface is vulnerable to denial of service. When POST requests are sent and keep the connection open, the router lags and becomes unusable t… CWE-400
 Uncontrolled Resource Consumption
CVE-2018-19037 2024-11-21 12:57 2019-05-13 Show GitHub Exploit DB Packet Storm
247816 7.5 HIGH
Network
wplaunchpad
opensuse
wpbackupplus
leap
The WP Backup+ (aka WPbackupplus) plugin through 2018-11-22 for WordPress allows remote attackers to obtain sensitive information from server folders and files, as demonstrated by download.sql. CWE-200
Information Exposure
CVE-2018-19456 2024-11-21 12:57 2019-05-8 Show GitHub Exploit DB Packet Storm
247817 7.0 HIGH
Local
zohocorp manageengine_admanager_plus Zoho ManageEngine ADManager Plus 6.6 Build 6657 allows local users to gain privileges (after a reboot) by placing a Trojan horse file into the permissive bin directory. CWE-732
 Incorrect Permission Assignment for Critical Resource
CVE-2018-19374 2024-11-21 12:57 2019-05-1 Show GitHub Exploit DB Packet Storm
247818 8.8 HIGH
Network
gitlab gitlab GitLab Community and Enterprise Edition 8.9 and later and before 11.5.0-rc12, 11.4.6, and 11.3.10 has Incorrect Access Control. NVD-CWE-noinfo
CVE-2018-19359 2024-11-21 12:57 2019-04-26 Show GitHub Exploit DB Packet Storm
247819 9.8 CRITICAL
Network
neatorobotics botvac_connected_firmware A Buffer Overflow in Network::AuthenticationClient::VerifySignature in /bin/astro in Neato Botvac Connected 2.2.0 allows a remote attacker to execute arbitrary code with root privileges via a crafted… CWE-119
Incorrect Access of Indexable Resource ('Range Error') 
CVE-2018-19442 2024-11-21 12:57 2019-04-26 Show GitHub Exploit DB Packet Storm
247820 6.1 MEDIUM
Network
mybb mybb A reflected XSS vulnerability in index.php in MyBB 1.8.x through 1.8.19 allows remote attackers to inject JavaScript via the 'upsetting[bburl]' parameter. CWE-79
Cross-site Scripting
CVE-2018-19202 2024-11-21 12:57 2019-04-12 Show GitHub Exploit DB Packet Storm