Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":June 23, 2026, 6 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
260261 7.5 危険 Heartlogic - HL-SiteManager における SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2010-1331 2010-04-2 15:02 2010-04-2 Show GitHub Exploit DB Packet Storm
260262 9.3 危険 Mozilla Foundation - Mozilla Firefox の Web Open Fonts Format デコーダ における整数オーバーフローの脆弱性 CWE-noinfo
情報不足 		CVE-2010-1028 2010-04-2 14:05 2010-03-19 Show GitHub Exploit DB Packet Storm
260263 5 警告 富士通
アクセラテクノロジ		 - Accela BizSearch のローカル収集におけるアクセス権限に関する脆弱性 CWE-200
情報漏えい 		- 2010-04-2 14:05 2010-03-10 Show GitHub Exploit DB Packet Storm
260264 1.9 注意 サイバートラスト株式会社
Linux
レッドハット		 - Linux kernel における SCSI ホストの属性に任意の変更を加えられる脆弱性 CWE-264
認可・権限・アクセス制御 		CVE-2009-3556 2010-04-2 14:02 2010-01-19 Show GitHub Exploit DB Packet Storm
260265 10 危険 サイバートラスト株式会社
Linux
レッドハット		 - Linux kernel の e1000e ドライバにおけるイーサネットフレームの処理に関する脆弱性 CWE-noinfo
情報不足 		CVE-2009-4538 2010-04-2 14:02 2010-01-12 Show GitHub Exploit DB Packet Storm
260266 6.6 警告 サイバートラスト株式会社
Linux
レッドハット		 - Linux kernel の poll_mode_io ファイルにおけるドライバの I/O モードを変更される脆弱性 CWE-264
認可・権限・アクセス制御 		CVE-2009-3939 2010-04-2 14:00 2009-11-16 Show GitHub Exploit DB Packet Storm
260267 6.6 警告 サイバートラスト株式会社
Linux
レッドハット		 - Linux kernel におけるドライバの動作およびログレベルを変更される脆弱性 CWE-264
認可・権限・アクセス制御 		CVE-2009-3889 2010-04-2 14:00 2009-11-16 Show GitHub Exploit DB Packet Storm
260268 7.8 危険 サイバートラスト株式会社
Linux
レッドハット		 - Linux kernel の hfs サブシステムにおけるスタックベースのバッファオーバーフローの脆弱性 CWE-119
バッファエラー 		CVE-2009-4020 2010-04-2 13:59 2009-12-4 Show GitHub Exploit DB Packet Storm
260269 4.7 警告 サイバートラスト株式会社
Linux
レッドハット		 - Linux kernel の drivers/firewire/ohci.c におけるサービス運用妨害 (DoS) の脆弱性 CWE-399
リソース管理の問題 		CVE-2009-4138 2010-04-2 13:58 2009-12-16 Show GitHub Exploit DB Packet Storm
260270 4.9 警告 サイバートラスト株式会社
Linux
レッドハット		 - Linux kernel の fuse_direct_io 関数におけるサービス運用妨害 (DoS)の脆弱性 CWE-399
リソース管理の問題 		CVE-2009-4021 2010-04-2 13:58 2009-11-25 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:June 23, 2026, 4 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
245571 9.8 CRITICAL
Network 		sharing-file easy_file_sharing_web_server An issue was discovered in Easy File Sharing (EFS) Web Server 7.2. A stack-based buffer overflow vulnerability occurs when a malicious POST request has been made to forum.ghp upon creating a new topi… CWE-787
 Out-of-bounds Write 		CVE-2018-18912 2024-11-21 12:56 2019-05-14 Show GitHub Exploit DB Packet Storm
245572 5.4 MEDIUM
Network 		kieranoshea calendar The Kieran O'Shea Calendar plugin before 1.3.11 for WordPress has Stored XSS via the event_title parameter in a wp-admin/admin.php?page=calendar add action, or the category name during category creat… CWE-79
Cross-site Scripting 		CVE-2018-18872 2024-11-21 12:56 2019-05-13 Show GitHub Exploit DB Packet Storm
245573 6.1 MEDIUM
Network 		evernote evernote Evernote 6.15 on Windows has an incorrectly repaired stored XSS vulnerability. An attacker can use this XSS issue to inject Node.js code under Present mode. After a victim opens an affected note unde… CWE-79
Cross-site Scripting 		CVE-2018-18524 2024-11-21 12:56 2019-05-13 Show GitHub Exploit DB Packet Storm
245574 6.4 MEDIUM
Physics 		espressif esp-idf An issue was discovered in Espressif ESP-IDF 2.x and 3.x before 3.0.6 and 3.1.x before 3.1.1. Insufficient validation of input data in the 2nd stage bootloader allows a physically proximate attacker … CWE-20
 Improper Input Validation  		CVE-2018-18558 2024-11-21 12:56 2019-05-13 Show GitHub Exploit DB Packet Storm
245575 7.4 HIGH
Network 		ascensia contour_diabetes An issue was discovered in the Ascensia Contour NEXT ONE application for Android before 2019-01-15. It has a statically coded encryption key. Extraction of the encryption key is necessary for deciphe… CWE-798
 Use of Hard-coded Credentials 		CVE-2018-18978 2024-11-21 12:56 2019-05-7 Show GitHub Exploit DB Packet Storm
245576 7.5 HIGH
Network 		ascensia contour_diabetes An issue was discovered in the Ascensia Contour NEXT ONE application for Android before 2019-01-15. An attacker may reverse engineer the codebase to extract sensitive data that contributes to the dis… CWE-200
Information Exposure 		CVE-2018-18977 2024-11-21 12:56 2019-05-7 Show GitHub Exploit DB Packet Storm
245577 5.3 MEDIUM
Network 		ascensia contour_diabetes An issue was discovered in the Ascensia Contour NEXT ONE application for iOS and Android before 2019-01-15. An attacker may retrieve encrypted medical information of any user of the Ascensia cloud pl… CWE-639
 Authorization Bypass Through User-Controlled Key 		CVE-2018-18976 2024-11-21 12:56 2019-05-7 Show GitHub Exploit DB Packet Storm
245578 7.5 HIGH
Network 		ascensia contour_diabetes An issue was discovered in the Ascensia Contour NEXT ONE app for iOS before 2019-01-15. An attacker may proxy communications between the app and Ascensia backend servers because of a weak certificate… CWE-200
Information Exposure 		CVE-2018-18975 2024-11-21 12:56 2019-05-7 Show GitHub Exploit DB Packet Storm
245579 7.4 HIGH
Network 		ascensia contour_diabetes An issue was discovered in the Ascensia Contour NEXT ONE application for Android before 2019-01-15. It has a statically coded initialization vector. Extraction of the initialization vector is necessa… CWE-798
 Use of Hard-coded Credentials 		CVE-2018-18979 2024-11-21 12:56 2019-05-7 Show GitHub Exploit DB Packet Storm
245580 7.5 HIGH
Network 		mozilla thunderbird A crash can occur when processing a crafted S/MIME message or an XPI package containing a crafted signature. This can be used as a denial-of-service (DOS) attack because Thunderbird reopens the last … CWE-476
 NULL Pointer Dereference 		CVE-2018-18513 2024-11-21 12:56 2019-04-27 Show GitHub Exploit DB Packet Storm