Vulnerability Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":June 6, 2026, noon

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
133291	6.5	警告 Network	Tribulant Software	Newsletters	WordPress 用 Newsletter プラグインにおけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2020-35933	2021-09-15 18:00	2020-08-3	Show	GitHub Exploit DB Packet Storm

133292	8.8	重要 Network	Tribulant Software	Newsletters	WordPress 用 Newsletter プラグインにおける信頼できないデータのデシリアライゼーションに関する脆弱性	CWE-502 信頼性のないデータのデシリアライゼーション	CVE-2020-35932	2021-09-15 18:00	2020-08-3	Show	GitHub Exploit DB Packet Storm

133293	6.1	警告 Network	HGiga	MSR45 iSherlock-user MSR45 iSherlock-antispam	HGiga MailSherlock におけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2020-35741	2021-09-15 18:00	2020-12-30	Show	GitHub Exploit DB Packet Storm

133294	6.1	警告 Network	HGiga	MSR45 iSherlock-user MSR45 iSherlock-antispam	HGiga MailSherlock におけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2020-35740	2021-09-15 18:00	2020-12-30	Show	GitHub Exploit DB Packet Storm

133295	7.5	重要 Network	HGiga	MSR45 iSherlock-user	HGiga MailSherlock における脆弱性	CWE-noinfo 情報不足	CVE-2020-25850	2021-09-15 18:00	2020-12-30	Show	GitHub Exploit DB Packet Storm

133296	8.8	重要 Network	Sunhater	KCFinder	Durupal 用 KCFinder integration プロジェクトにおける入力確認に関する脆弱性	CWE-20 不適切な入力確認	CVE-2018-25002	2021-09-15 18:00	2018-05-9	Show	GitHub Exploit DB Packet Storm

133297	7.7	重要 Network	Combodo	iTop	Combodo iTop における情報漏えいに関する脆弱性	CWE-200 情報漏えい	CVE-2020-4079	2021-09-15 17:58	2021-01-12	Show	GitHub Exploit DB Packet Storm

133298	6.1	警告 Network	RailsAdmin project	RailsAdmin	RailsAdmin におけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2020-36190	2021-09-15 17:58	2020-03-14	Show	GitHub Exploit DB Packet Storm

133299	5.4	警告 Network	Carbonite, Inc.	Server Backup Portal	Server Backup Portal におけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2020-13116	2021-09-15 17:58	2020-05-16	Show	GitHub Exploit DB Packet Storm

133300	7.1	重要 Network	TIBCO Software	TIBCO EBX Add-ons	TIBCO Software Inc. TIBCO EBX Add-ons における XML 外部エンティティの脆弱性	CWE-611 XML 外部エンティティ参照の不適切な制限	CVE-2020-27148	2021-09-15 17:58	2020-10-14	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:June 6, 2026, 4:18 a.m.

No	CVSS	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
357801	-	ssh	ssh	A race condition in the authentication agent mechanism of sshd 1.2.17 allows an attacker to steal another user's credentials.	NVD-CWE-Other	CVE-1999-0248	2008-09-6 05:16	1999-01-1	Show	GitHub Exploit DB Packet Storm

357802	-	freebsd	freebsd	Buffer overflow in FreeBSD lpd through long DNS hostnames.	NVD-CWE-Other	CVE-1999-0299	2008-09-6 05:16	1997-03-5	Show	GitHub Exploit DB Packet Storm

357803	-	futuresoft	tftp_server_2000	Multiple stack-based buffer overflows in FutureSoft TFTP Server Evaluation Version 1.0.0.1 allow remote attackers to execute arbitrary code via a long (1) filename or (2) transfer mode string in a Re…	CWE-119 Incorrect Access of Indexable Resource ('Range Error')	CVE-2005-1812	2008-09-5 13:00	2005-06-1	Show	GitHub Exploit DB Packet Storm

357804	-	futuresoft	tftp_server_2000	Directory traversal vulnerability in FutureSoft TFTP Server Evaluation Version 1.0.0.1 allows remote attackers to read arbitrary files via a TFTP GET request containing (1) "../" (dot dot slash) or (…	CWE-22 Path Traversal	CVE-2005-1813	2008-09-5 13:00	2005-06-1	Show	GitHub Exploit DB Packet Storm

357805	-	apache	derby	Apache Derby before 10.1.2.1 exposes the (1) user and (2) password attributes in cleartext via (a) the RDBNAM parameter of the ACCSEC command and (b) the output of the DatabaseMetaData.getURL functio…	CWE-200 Information Exposure	CVE-2005-4849	2008-09-5 13:00	2005-12-31	Show	GitHub Exploit DB Packet Storm

357806	-	macromedia	jrun	Session fixation vulnerability in Macromedia JRun 4.0 allows remote attackers to hijack user sessions by pre-setting the user session ID information used by the session server.	CWE-287 Improper Authentication	CVE-2004-2182	2008-09-5 13:00	2004-12-31	Show	GitHub Exploit DB Packet Storm

357807	-	intersystems	cache	Unspecified vulnerability in the %XML.Utils.SchemaServer class in InterSystems Cache' 5.0 allows attackers to access arbitrary files on a server.	NVD-CWE-noinfo	CVE-2004-2683	2008-09-5 13:00	2004-12-31	Show	GitHub Exploit DB Packet Storm

357808	-	intersystems	cache_database	Unspecified vulnerability in the %template package in InterSystems Cache' 5.0 allows attackers to access certain files on a server, including (1) cache.key and (2) cache.dat, related to .csp files un…	NVD-CWE-noinfo	CVE-2004-2684	2008-09-5 13:00	2004-12-31	Show	GitHub Exploit DB Packet Storm

357809	-	apple samba	xcode samba	distcc 2.x, as used in XCode 1.5 and others, when not configured to restrict access to the server port, allows remote attackers to execute arbitrary commands via compilation jobs, which are executed …	CWE-16 Configuration	CVE-2004-2687	2008-09-5 13:00	2004-12-31	Show	GitHub Exploit DB Packet Storm

357810	-	aspdotnetstorefront	aspdotnetstorefront	Unrestricted file upload vulnerability in AspDotNetStorefront 3.3 allows remote authenticated administrators to upload arbitrary files with executable extensions via admin/images.aspx.	CWE-264 Permissions, Privileges, and Access Controls	CVE-2004-2700	2008-09-5 13:00	2004-12-31	Show	GitHub Exploit DB Packet Storm

Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed