Vulnerability Search Top

Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

Vulnerability Information Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":May 27, 2026, 6 p.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
224891	5.5	警告	オラクル	-	Oracle Fusion Middleware の Oracle Endeca Server における脆弱性	CWE-noinfo 情報不足	CVE-2013-3764	2013-07-18 14:19	2013-07-16	Show	GitHub Exploit DB Packet Storm

224892	4.3	警告	オラクル	-	Oracle Fusion Middleware の Oracle WebCenter Content における Site Studio に関する脆弱性	CWE-noinfo 情報不足	CVE-2013-3769	2013-07-18 14:19	2013-07-16	Show	GitHub Exploit DB Packet Storm

224893	5.5	警告	オラクル	-	Oracle Fusion Middleware の Oracle WebCenter Content における Content Server に関する脆弱性	CWE-noinfo 情報不足	CVE-2013-3770	2013-07-18 14:19	2013-07-16	Show	GitHub Exploit DB Packet Storm

224894	4.3	警告	オラクル	-	Oracle Fusion Middleware の Oracle WebCenter Content における Web Forms に関する脆弱性	CWE-noinfo 情報不足	CVE-2013-3772	2013-07-18 14:19	2013-07-16	Show	GitHub Exploit DB Packet Storm

224895	4.3	警告	オラクル	-	Oracle PeopleSoft Products の PeopleSoft Enterprise PeopleTools における PIA Search Functionality に関する脆弱性	CWE-noinfo 情報不足	CVE-2013-3759	2013-07-18 13:58	2013-07-16	Show	GitHub Exploit DB Packet Storm

224896	4.3	警告	オラクル	-	Oracle PeopleSoft Products の PeopleSoft Enterprise Portal および PeopleTools における PIA Core Technology に関する脆弱性	CWE-noinfo 情報不足	CVE-2013-3761	2013-07-18 13:58	2013-07-16	Show	GitHub Exploit DB Packet Storm

224897	4.3	警告	オラクル	-	Oracle PeopleSoft Products の PeopleSoft Enterprise PeopleTools における Rich Text Editor に関する脆弱性	CWE-noinfo 情報不足	CVE-2013-3768	2013-07-18 13:58	2013-07-16	Show	GitHub Exploit DB Packet Storm

224898	4	警告	オラクル	-	Oracle PeopleSoft Products の PeopleSoft Enterprise Portal における Saved Search に関する脆弱性	CWE-noinfo 情報不足	CVE-2013-3780	2013-07-18 13:58	2013-07-16	Show	GitHub Exploit DB Packet Storm

224899	5.5	警告	オラクル	-	Oracle PeopleSoft Products の PeopleSoft Enterprise HRMS における Time および Labor に関する脆弱性	CWE-noinfo 情報不足	CVE-2013-3784	2013-07-18 13:58	2013-07-16	Show	GitHub Exploit DB Packet Storm

224900	6.4	警告	オラクル	-	Oracle PeopleSoft Products の PeopleSoft Enterprise PeopleTools における Business Interlinks に関する脆弱性	CWE-noinfo 情報不足	CVE-2013-3800	2013-07-18 13:58	2013-07-16	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:May 27, 2026, 4:52 a.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
198831	6.5	MEDIUM Network	microchip	syncserver_s100_firmware syncserver_s200_firmware syncserver_s250_firmware syncserver_s300_firmware syncserver_s350_firmware	Symmetricom SyncServer S100 2.90.70.3, S200 1.30, S250 1.25, S300 2.65.0, and S350 2.80.1 devices allow Directory Traversal via the FileName parameter to messagelog.php.	CWE-22 Path Traversal	CVE-2020-9029	2024-11-21 14:39	2020-02-17	Show	GitHub Exploit DB Packet Storm

198832	6.1	MEDIUM Network	microchip	syncserver_s100_firmware syncserver_s200_firmware syncserver_s250_firmware syncserver_s300_firmware syncserver_s350_firmware	Symmetricom SyncServer S100 2.90.70.3, S200 1.30, S250 1.25, S300 2.65.0, and S350 2.80.1 devices allow stored XSS via the newUserName parameter on the "User Creation, Deletion and Password Maintenan…	CWE-79 Cross-site Scripting	CVE-2020-9028	2024-11-21 14:39	2020-02-17	Show	GitHub Exploit DB Packet Storm

198833	9.8	CRITICAL Network	eltex-co	ntp-2_firmware ntp-rg-1402g_firmware	ELTEX NTP-RG-1402G 1v10 3.25.3.32 devices allow OS command injection via the TRACE field of the resource ping.cmd. The NTP-2 device is also affected.	CWE-78 OS Command	CVE-2020-9027	2024-11-21 14:39	2020-02-17	Show	GitHub Exploit DB Packet Storm

198834	9.8	CRITICAL Network	eltex-co	ntp-2_firmware ntp-rg-1402g_firmware	ELTEX NTP-RG-1402G 1v10 3.25.3.32 devices allow OS command injection via the PING field of the resource ping.cmd. The NTP-2 device is also affected.	CWE-78 OS Command	CVE-2020-9026	2024-11-21 14:39	2020-02-17	Show	GitHub Exploit DB Packet Storm

198835	6.1	MEDIUM Network	iteris	vantage_velocity_firmware	Iteris Vantage Velocity Field Unit 2.4.2 devices have multiple stored XSS issues in all parameters of the Start Data Viewer feature of the /cgi-bin/loaddata.py script.	CWE-79 Cross-site Scripting	CVE-2020-9025	2024-11-21 14:39	2020-02-17	Show	GitHub Exploit DB Packet Storm

198836	9.8	CRITICAL Network	iteris	vantage_velocity_firmware	Iteris Vantage Velocity Field Unit 2.3.1 and 2.4.2 devices have world-writable permissions for the /root/cleardata.pl (executed as root by crond) and /root/loadperl.sh (executed as root at boot time)…	CWE-732 Incorrect Permission Assignment for Critical Resource	CVE-2020-9024	2024-11-21 14:39	2020-02-17	Show	GitHub Exploit DB Packet Storm

198837	9.8	CRITICAL Network	iteris	vantage_velocity_firmware	Iteris Vantage Velocity Field Unit 2.3.1 and 2.4.2 devices have two users that are not documented and are configured with weak passwords (User bluetooth, password bluetooth; User eclipse, password ec…	CWE-521 Weak Password Requirements	CVE-2020-9023	2024-11-21 14:39	2020-02-17	Show	GitHub Exploit DB Packet Storm

198838	6.1	MEDIUM Network	cambiumnetworks	xh2-120_firmware xr2436_firmware xr520_firmware xr620_firmware	An issue was discovered on Xirrus XR520, XR620, XR2436, and XH2-120 devices. The cgi-bin/ViewPage.cgi user parameter allows XSS.	CWE-79 Cross-site Scripting	CVE-2020-9022	2024-11-21 14:39	2020-02-17	Show	GitHub Exploit DB Packet Storm

198839	9.8	CRITICAL Network	postoaktraffic	awam_bluetooth_field_device_firmware	Post Oak AWAM Bluetooth Field Device 7400v2.08.21.2018, 7800SD.2015.1.16, 2011.3, 7400v2.02.01.2019, and 7800SD.2012.12.5 is vulnerable to injections of operating system commands through timeconfig.p…	CWE-78 OS Command	CVE-2020-9021	2024-11-21 14:39	2020-02-17	Show	GitHub Exploit DB Packet Storm

198840	9.8	CRITICAL Network	iteris	vantage_velocity_firmware	Iteris Vantage Velocity Field Unit 2.3.1, 2.4.2, and 3.0 devices allow the injection of OS commands into cgi-bin/timeconfig.py via shell metacharacters in the NTP Server field.	CWE-78 OS Command	CVE-2020-9020	2024-11-21 14:39	2020-02-17	Show	GitHub Exploit DB Packet Storm