Vulnerability Search Top

Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

Vulnerability Information Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":June 18, 2026, 6 p.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
2031	7.5	重要 Network	Julian Gruber (juliangruber)	brace-expansion	Julian Gruber (juliangruber)のbrace-expansionにおけるリソースの枯渇に関する脆弱性	CWE-400 リソースの枯渇	CVE-2026-45149	2026-06-5 10:46	2026-05-29	Show	GitHub Exploit DB Packet Storm

2032	6.5	警告 Network	Nextcloud	Approval	NextcloudのApprovalにおける認可に関する脆弱性	CWE-285 不適切な認可	CVE-2026-45275	2026-06-5 10:46	2026-06-1	Show	GitHub Exploit DB Packet Storm

2033	3.3	低 Local	Nextcloud	Approval	NextcloudのApprovalにおける情報漏えいに関する脆弱性	CWE-200 CWE-noinfo	CVE-2026-45277	2026-06-5 10:46	2026-06-1	Show	GitHub Exploit DB Packet Storm

2034	6.1	警告 Network	Nextcloud	user oidc	Nextcloudのuser oidcにおけるオープンリダイレクトの脆弱性	CWE-601 オープンリダイレクト	CVE-2026-45278	2026-06-5 10:46	2026-06-1	Show	GitHub Exploit DB Packet Storm

2035	6.5	警告 Network	Nextcloud	Nextcloud Server	NextcloudのNextcloud Serverにおけるパストラバーサルの脆弱性	CWE-22 パス・トラバーサル	CVE-2026-45279	2026-06-5 10:46	2026-06-1	Show	GitHub Exploit DB Packet Storm

2036	8.1	重要 Network	Nextcloud	Nextcloud Server	NextcloudのNextcloud Serverにおけるユーザ制御の鍵による認証回避に関する脆弱性	CWE-639 ユーザ制御の鍵による認証回避	CVE-2026-45281	2026-06-5 10:46	2026-06-1	Show	GitHub Exploit DB Packet Storm

2037	6.5	警告 Network	Nextcloud	Nextcloud Server	NextcloudのNextcloud Serverにおけるアクセス制御に関する脆弱性	CWE-284 CWE-noinfo	CVE-2026-45282	2026-06-5 10:46	2026-06-1	Show	GitHub Exploit DB Packet Storm

2038	4.3	警告 Network	Nextcloud	Nextcloud Server	NextcloudのNextcloud Serverにおける認証に関する脆弱性	CWE-287 不適切な認証	CVE-2026-45283	2026-06-5 10:46	2026-06-1	Show	GitHub Exploit DB Packet Storm

2039	8.8	重要 Network	Nextcloud	user oidc	Nextcloudのuser oidcにおけるアクセス制御に関する脆弱性	CWE-284 CWE-noinfo	CVE-2026-45284	2026-06-5 10:46	2026-06-1	Show	GitHub Exploit DB Packet Storm

2040	6.4	警告 Network	Nextcloud	Nextcloud Server	NextcloudのNextcloud Serverにおける認証の欠如に関する脆弱性	CWE-862 認証の欠如	CVE-2026-45285	2026-06-5 10:46	2026-06-1	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:June 18, 2026, 4 a.m.

No	CVSS	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
344471	-	hp	openview_network_node_manager	Stack-based buffer overflow in getnnmdata.exe in HP OpenView Network Node Manager (OV NNM) 7.01, 7.51, and 7.53 allows remote attackers to execute arbitrary code via an invalid Hostname parameter.	CWE-119 Incorrect Access of Indexable Resource ('Range Error')	CVE-2010-1555	2018-10-11 04:57	2010-05-14	Show	GitHub Exploit DB Packet Storm

344472	-	mozilla	firefox seamonkey thunderbird	The nsIScriptableUnescapeHTML.parseFragment method in the ParanoidFragmentSink protection mechanism in Mozilla Firefox before 3.5.17 and 3.6.x before 3.6.14, Thunderbird before 3.1.8, and SeaMonkey b…	CWE-20 Improper Input Validation	CVE-2010-1585	2018-10-11 04:57	2010-04-29	Show	GitHub Exploit DB Packet Storm

344473	-	apache	activemq	The Jetty ResourceHandler in Apache ActiveMQ 5.x before 5.3.2 and 5.4.x before 5.4.0 allows remote attackers to read JSP source code via a // (slash slash) initial substring in a URI for (1) admin/in…	CWE-20 Improper Input Validation	CVE-2010-1587	2018-10-11 04:57	2010-04-29	Show	GitHub Exploit DB Packet Storm

344474	-	silverstripe	silverstripe	Multiple cross-site scripting (XSS) vulnerabilities in SilverStripe before 2.3.5 allow remote attackers to inject arbitrary web script or HTML via (1) the CommenterURL parameter to PostCommentForm, a…	CWE-79 Cross-site Scripting	CVE-2010-1593	2018-10-11 04:57	2010-04-29	Show	GitHub Exploit DB Packet Storm

344475	-	sap	netweaver	Cross-site scripting (XSS) vulnerability in SAP NetWeaver 2004 before SP21 and 2004s before SP13 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.	CWE-79 Cross-site Scripting	CVE-2010-1609	2018-10-11 04:57	2010-04-30	Show	GitHub Exploit DB Packet Storm

344476	-	opencart	opencart	Cross-site request forgery (CSRF) vulnerability in index.php in OpenCart 1.4 allows remote attackers to hijack the authentication of an application administrator for requests that create an administr…	CWE-352 Origin Validation Error	CVE-2010-1610	2018-10-11 04:57	2010-04-30	Show	GitHub Exploit DB Packet Storm

344477	-	ibm	websphere_datapower_xml_accelerator_xa35 websphere_datapower_xml_security_gateway_xs40 websphere_datapower_datapower_integration_appliance_xi50 websphere_datapower_b2b_appliance_xb60 webs…	The IBM WebSphere DataPower XML Accelerator XA35, Low Latency Appliance XM70, Integration Appliance XI50, B2B Appliance XB60, and XML Security Gateway XS40 SOA Appliances before 3.8.0.0, when a QLOGI…	NVD-CWE-Other	CVE-2010-1612	2018-10-11 04:57	2010-04-30	Show	GitHub Exploit DB Packet Storm

344478	-	artifex	gpl_ghostscript	Ghostscript 8.64, 8.70, and possibly other versions allows context-dependent attackers to execute arbitrary code via a PostScript file containing unlimited recursive procedure invocations, which trig…	CWE-119 Incorrect Access of Indexable Resource ('Range Error')	CVE-2010-1628	2018-10-11 04:57	2010-05-20	Show	GitHub Exploit DB Packet Storm

344479	-	todd_miller	sudo	The secure path feature in env.c in sudo 1.3.1 through 1.6.9p22 and 1.7.0 through 1.7.2p6 does not properly handle an environment that contains multiple PATH variables, which might allow local users …	CWE-264 Permissions, Privileges, and Access Controls	CVE-2010-1646	2018-10-11 04:57	2010-06-8	Show	GitHub Exploit DB Packet Storm

344480	-	powereasy	siteweaver	Cross-site scripting (XSS) vulnerability in User/User_ChkLogin.asp in PowerEasy 2006 and PowerEasy SiteWeaver 6.8 allows remote attackers to inject arbitrary web script or HTML via the ComeUrl parame…	CWE-79 Cross-site Scripting	CVE-2010-1655	2018-10-11 04:57	2010-05-3	Show	GitHub Exploit DB Packet Storm