Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":June 15, 2026, 6 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
224421 5.2 警告 ヒューレット・パッカード - HP Service Manager WebTier および Windows Client における任意のコードを実行される脆弱性 CWE-noinfo
情報不足 		CVE-2013-6197 2014-01-6 16:34 2013-12-19 Show GitHub Exploit DB Packet Storm
224422 4.3 警告 Novell - Novell Identity Manager 用 Roles Based Provisioning Module におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2013-1096 2014-01-6 16:33 2013-11-17 Show GitHub Exploit DB Packet Storm
224423 10 危険 ヒューレット・パッカード - HP Application Information Optimizer の Archive Query Server における任意のコードを実行される脆弱性 CWE-noinfo
情報不足 		CVE-2013-6189 2014-01-6 16:32 2013-12-19 Show GitHub Exploit DB Packet Storm
224424 4.3 警告 Joomla! - Joomla! の libraries/idna_convert/example.php におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2013-5583 2014-01-6 16:32 2013-08-5 Show GitHub Exploit DB Packet Storm
224425 7.5 危険 OpenX
Revive Adserver		 - Revive Adserver および OpenX Source における SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2013-7149 2014-01-6 16:31 2013-12-20 Show GitHub Exploit DB Packet Storm
224426 5.4 警告 シスコシステムズ - Cisco IOS XE におけるサービス運用妨害 (DoS) の脆弱性 CWE-20
不適切な入力確認 		CVE-2013-6981 2014-01-6 16:31 2013-12-24 Show GitHub Exploit DB Packet Storm
224427 5.2 警告 Linux
レッドハット		 - Linux Kernel の Xen におけるサービス運用妨害 (DoS) の脆弱性 CWE-Other
その他 		CVE-2011-2519 2014-01-6 16:19 2011-09-6 Show GitHub Exploit DB Packet Storm
224428 9.3 危険 アップル - Apple QuickTime の Picture Viewer における任意のコードを実行される脆弱性 CWE-Other
その他 		CVE-2010-1819 2014-01-6 15:55 2010-09-15 Show GitHub Exploit DB Packet Storm
224429 4.3 警告 Matrix42 - Matrix42 Service Store の Service Desk におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2013-2504 2014-01-6 15:54 2013-04-18 Show GitHub Exploit DB Packet Storm
224430 7.4 危険 レッドハット - Red Hat Enterprise Virtualization Hypervisor などの製品で使用される libspice における任意の QEMU メモリを読まれるまたは書き込まれる脆弱性 CWE-119
バッファエラー 		CVE-2010-0430 2014-01-6 15:23 2010-03-30 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:June 15, 2026, 4:10 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
211201 8.4 HIGH
Local 		bigbluebutton bigbluebutton The installation procedure in BigBlueButton before 2.2.28 (or earlier) uses ClueCon as the FreeSWITCH password, which allows local users to achieve unintended FreeSWITCH access. CWE-312
 Cleartext Storage of Sensitive Information 		CVE-2020-27613 2024-11-21 14:21 2020-10-22 Show GitHub Exploit DB Packet Storm
211202 4.3 MEDIUM
Network 		bigbluebutton bigbluebutton Greenlight in BigBlueButton through 2.2.28 places usernames in room URLs, which may represent an unintended information leak to users in a room, or an information leak to outsiders if any user publis… CWE-200
Information Exposure 		CVE-2020-27612 2024-11-21 14:21 2020-10-22 Show GitHub Exploit DB Packet Storm
211203 7.3 HIGH
Network 		bigbluebutton bigbluebutton BigBlueButton through 2.2.28 uses STUN/TURN resources from a third party, which may represent an unintended endpoint. CWE-327
 Use of a Broken or Risky Cryptographic Algorithm 		CVE-2020-27611 2024-11-21 14:21 2020-10-22 Show GitHub Exploit DB Packet Storm
211204 7.5 HIGH
Network 		bigbluebutton bigbluebutton The installation procedure in BigBlueButton before 2.2.28 (or earlier) exposes certain network services to external interfaces, and does not automatically set up a firewall configuration to block ext… NVD-CWE-noinfo
CVE-2020-27610 2024-11-21 14:21 2020-10-22 Show GitHub Exploit DB Packet Storm
211205 5.3 MEDIUM
Network 		bigbluebutton bigbluebutton BigBlueButton through 2.2.28 records a video meeting despite the deactivation of video recording in the user interface. This may result in data storage beyond what is authorized for a specific meetin… CWE-863
 Incorrect Authorization 		CVE-2020-27609 2024-11-21 14:21 2020-10-22 Show GitHub Exploit DB Packet Storm
211206 6.1 MEDIUM
Network 		bigbluebutton bigbluebutton In BigBlueButton before 2.2.28 (or earlier), uploaded presentations are sent to clients without a Content-Type header, which allows XSS, as demonstrated by a .png file extension for an HTML document. CWE-79
Cross-site Scripting 		CVE-2020-27608 2024-11-21 14:21 2020-10-22 Show GitHub Exploit DB Packet Storm
211207 6.5 MEDIUM
Network 		bigbluebutton bigbluebutton In BigBlueButton before 2.2.28 (or earlier), the client-side Mute button only signifies that the server should stop accepting audio data from the client. It does not directly configure the client to … NVD-CWE-noinfo
CVE-2020-27607 2024-11-21 14:21 2020-10-22 Show GitHub Exploit DB Packet Storm
211208 5.3 MEDIUM
Network 		bigbluebutton bigbluebutton BigBlueButton before 2.2.28 (or earlier) does not set the secure flag for the session cookie in an https session, which makes it easier for remote attackers to capture this cookie by intercepting its… NVD-CWE-Other
CVE-2020-27606 2024-11-21 14:21 2020-10-22 Show GitHub Exploit DB Packet Storm
211209 9.8 CRITICAL
Network 		bigbluebutton bigbluebutton BigBlueButton through 2.2.28 uses Ghostscript for processing of uploaded EPS documents, and consequently may be subject to attacks related to a "schwache Sandbox." NVD-CWE-Other
CVE-2020-27605 2024-11-21 14:21 2020-10-22 Show GitHub Exploit DB Packet Storm
211210 6.5 MEDIUM
Network 		bigbluebutton bigbluebutton BigBlueButton before 2.3 does not implement LibreOffice sandboxing. This might make it easier for remote authenticated users to read the API shared secret in the bigbluebutton.properties file. With t… CWE-116
 Improper Encoding or Escaping of Output 		CVE-2020-27604 2024-11-21 14:21 2020-10-22 Show GitHub Exploit DB Packet Storm