Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":July 1, 2026, 4:01 p.m.

No CVSS Level
Attach Vector
Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show
Exploit
PoC
Search
260241 9.3 危険 マイクロソフト - Microsoft Word におけるヒープベースのバッファオーバーフローの脆弱性 CWE-94
コード・インジェクション
CVE-2010-3218 2010-10-27 15:14 2010-10-12 Show GitHub Exploit DB Packet Storm
260242 9.3 危険 マイクロソフト - Microsoft Word における任意のコードを実行される脆弱性 CWE-94
コード・インジェクション
CVE-2010-3217 2010-10-27 15:14 2010-10-12 Show GitHub Exploit DB Packet Storm
260243 5 警告 レッドハット
Pidgin
Adium
オラクル
- Pidgin および Adium の MSN プロトコルプラグインにおけるサービス運用妨害 (DoS) の脆弱性 CWE-399
リソース管理の問題
CVE-2010-0277 2010-10-27 14:33 2010-01-9 Show GitHub Exploit DB Packet Storm
260244 9.3 危険 マイクロソフト - Microsoft Word および Microsoft Office における任意のコードを実行される脆弱性 CWE-94
コード・インジェクション
CVE-2010-3216 2010-10-26 15:35 2010-10-12 Show GitHub Exploit DB Packet Storm
260245 9.3 危険 マイクロソフト - Microsoft Word および Microsoft Office における任意のコードを実行される脆弱性 CWE-94
コード・インジェクション
CVE-2010-3215 2010-10-26 15:34 2010-10-12 Show GitHub Exploit DB Packet Storm
260246 9.3 危険 マイクロソフト - Microsoft Word および Microsoft Office における任意のコードを実行される脆弱性 CWE-94
コード・インジェクション
CVE-2010-2750 2010-10-26 15:33 2010-10-12 Show GitHub Exploit DB Packet Storm
260247 9.3 危険 マイクロソフト - Microsoft Word および Microsoft Office における任意のコードを実行される脆弱性 CWE-94
コード・インジェクション
CVE-2010-2748 2010-10-26 15:33 2010-10-12 Show GitHub Exploit DB Packet Storm
260248 9.3 危険 マイクロソフト - Microsoft Word および Microsoft Office における任意のコードを実行される脆弱性 CWE-94
コード・インジェクション
CVE-2010-2747 2010-10-26 15:32 2010-10-12 Show GitHub Exploit DB Packet Storm
260249 7.2 危険 マイクロソフト - 複数の Microsoft 製品の OpenType Font フォーマットドライバにおける権限を取得される脆弱性 CWE-264
認可・権限・アクセス制御
CVE-2010-2741 2010-10-26 15:31 2010-10-12 Show GitHub Exploit DB Packet Storm
260250 7.2 危険 マイクロソフト - 複数の Microsoft 製品の OpenType Font フォーマットドライバにおける権限を取得される脆弱性 CWE-264
認可・権限・アクセス制御
CVE-2010-2740 2010-10-26 15:29 2010-10-12 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:July 1, 2026, 4:27 a.m.

No CVSS Level
Attach Vector
Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
252321 9.8 CRITICAL
Network
debian
gpac
canonical
debian_linux
gpac
ubuntu_linux
An issue was discovered in MP4Box in GPAC 0.7.1. The function urn_Read in isomedia/box_code_base.c has a heap-based buffer over-read. CWE-125
Out-of-bounds Read
CVE-2018-13005 2024-11-21 12:46 2018-06-29 Show GitHub Exploit DB Packet Storm
252322 6.1 MEDIUM
Network
opentsdb opentsdb An issue was discovered in OpenTSDB 2.3.0. There is XSS in parameter 'type' to the /suggest URI. CWE-79
Cross-site Scripting
CVE-2018-13003 2024-11-21 12:46 2018-06-29 Show GitHub Exploit DB Packet Storm
252323 6.1 MEDIUM
Network
sandoba cp\ An XSS issue was discovered in Sandoba CP:Shop v2016.1. The vulnerability is located in the `admin.php` file of the `./cpshop/` module. Remote attackers are able to inject their own script codes to t… CWE-79
Cross-site Scripting
CVE-2018-13001 2024-11-21 12:46 2018-06-29 Show GitHub Exploit DB Packet Storm
252324 7.5 HIGH
Network
zohocorp manageengine_desktop_central Incorrect Access Control in AgentTrayIconServlet in Zoho ManageEngine Desktop Central 10.0.255 allows attackers to delete certain files on the web server without login by sending a specially crafted … CWE-20
 Improper Input Validation 
CVE-2018-12999 2024-11-21 12:46 2018-06-29 Show GitHub Exploit DB Packet Storm
252325 6.1 MEDIUM
Network
zohocorp manageengine_applications_manager A reflected Cross-site scripting (XSS) vulnerability in Zoho ManageEngine Applications Manager before 13 (Build 13800) allows remote attackers to inject arbitrary web script or HTML via the parameter… CWE-79
Cross-site Scripting
CVE-2018-12996 2024-11-21 12:46 2018-06-29 Show GitHub Exploit DB Packet Storm
252326 4.8 MEDIUM
Network
weblication cms_core_\&_grid An XSS issue was discovered in Inhaltsprojekte in Weblication CMS Core & Grid v12.6.24. The vulnerability is located in the `wFilemanager.php` and `index.php` files of the `/grid5/scripts/` modules. … CWE-79
Cross-site Scripting
CVE-2018-13002 2024-11-21 12:46 2018-06-29 Show GitHub Exploit DB Packet Storm
252327 4.8 MEDIUM
Network
anelectron advanced_electron_forum An XSS issue was discovered in Advanced Electron Forum (AEF) v1.0.9. A persistent XSS vulnerability is located in the `FTP Link` element of the `Private Message` module. The editor of the private mes… CWE-79
Cross-site Scripting
CVE-2018-13000 2024-11-21 12:46 2018-06-29 Show GitHub Exploit DB Packet Storm
252328 6.1 MEDIUM
Network
zohocorp manageengine_netflow_analyzer
firewall_analyzer
manageengine_opmanager
manageengine_oputils
manageengine_network_configuration_manager
A reflected Cross-site scripting (XSS) vulnerability in Zoho ManageEngine Netflow Analyzer before build 123137, Network Configuration Manager before build 123128, OpManager before build 123148, OpUti… CWE-79
Cross-site Scripting
CVE-2018-12998 2024-11-21 12:46 2018-06-29 Show GitHub Exploit DB Packet Storm
252329 7.5 HIGH
Network
zohocorp manageengine_netflow_analyzer
firewall_analyzer
manageengine_opmanager
manageengine_oputils
manageengine_network_configuration_manager
Incorrect Access Control in FailOverHelperServlet in Zoho ManageEngine Netflow Analyzer before build 123137, Network Configuration Manager before build 123128, OpManager before build 123148, OpUtils … CWE-200
Information Exposure
CVE-2018-12997 2024-11-21 12:46 2018-06-29 Show GitHub Exploit DB Packet Storm
252330 8.8 HIGH
Network
onefilecms onefilecms onefilecms.php in OneFileCMS through 2012-04-14 might allow attackers to execute arbitrary PHP code via a .php filename on the Upload screen. CWE-94
Code Injection
CVE-2018-12995 2024-11-21 12:46 2018-06-29 Show GitHub Exploit DB Packet Storm