Vulnerability Search Top

Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

Vulnerability Information Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":May 29, 2026, 6 p.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
225141	7.8	危険	サムスン	-	Samsung PS50C7700 3D Plasma-TV 50" の DMCRUIS/0.1 Web サーバにおけるサービス運用妨害 (DoS) の脆弱性	CWE-noinfo 情報不足	CVE-2013-4890	2013-07-24 14:38	2013-07-21	Show	GitHub Exploit DB Packet Storm

225142	9.3	危険	マイクロソフト	-	Microsoft Internet Explorer 8 における任意のコードを実行される脆弱性	CWE-94 コード・インジェクション	CVE-2013-3164	2013-07-24 14:12	2013-07-9	Show	GitHub Exploit DB Packet Storm

225143	4.3	警告	マイクロソフト	-	Microsoft Internet Explorer 6 から 10 におけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2013-3166	2013-07-24 14:11	2013-07-9	Show	GitHub Exploit DB Packet Storm

225144	9.3	危険	マイクロソフト	-	複数の Microsoft Windows 製品における任意のコードを実行される脆弱性	CWE-94 コード・インジェクション	CVE-2013-3174	2013-07-24 14:10	2013-07-9	Show	GitHub Exploit DB Packet Storm

225145	6.9	警告	マイクロソフト	-	Microsoft Windows 7 および Windows Server 2008 R2 の Windows Defender の署名更新機能における権限昇格の脆弱性	CWE-264 認可・権限・アクセス制御	CVE-2013-3154	2013-07-24 14:07	2013-07-9	Show	GitHub Exploit DB Packet Storm

225146	4	警告	サイボウズ	-	サイボウズ Office におけるセッション管理不備の脆弱性	CWE-287 不適切な認証	CVE-2013-3656	2013-07-23 19:09	2013-07-16	Show	GitHub Exploit DB Packet Storm

225147	5.1	警告	strongSwan	-	strongSwan の atodn 関数におけるバッファオーバーフローの脆弱	CWE-119 バッファエラー	CVE-2013-2054	2013-07-23 19:07	2013-05-13	Show	GitHub Exploit DB Packet Storm

225148	2.1	注意	Jordan de Laune	-	Drupal 用 MP3 Player モジュールにおけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2013-1971	2013-07-23 19:03	2013-04-17	Show	GitHub Exploit DB Packet Storm

225149	4.3	警告	マカフィー	-	McAfee ePolicy Orchestrator および McAfee Agent 用 ePolicy Orchestrator エクステンションにおけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2013-4883	2013-07-23 15:05	2013-06-12	Show	GitHub Exploit DB Packet Storm

225150	6.5	警告	マカフィー	-	McAfee ePolicy Orchestrator および McAfee Agent 用 ePolicy Orchestrator エクステンションにおける SQL インジェクションの脆弱性	CWE-89 SQLインジェクション	CVE-2013-4882	2013-07-23 15:05	2013-05-25	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:May 29, 2026, 4:16 a.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
200221	9.8	CRITICAL Network	rubyonrails debian opensuse	rails debian_linux leap	A deserialization of untrusted data vulnernerability exists in rails < 5.2.4.3, rails < 6.0.3.1 that can allow an attacker to unmarshal user-provided objects in MemCacheStore and RedisCacheStore pote…	CWE-502 Deserialization of Untrusted Data	CVE-2020-8165	2024-11-21 14:38	2020-06-20	Show	GitHub Exploit DB Packet Storm

200222	7.5	HIGH Network	rack_project debian canonical	rack debian_linux ubuntu_linux	A reliance on cookies without validation/integrity check security vulnerability exists in rack < 2.2.3, rack < 2.1.4 that makes it is possible for an attacker to forge a secure or host-only cookie pr…	CWE-20 Improper Input Validation	CVE-2020-8184	2024-11-21 14:38	2020-06-20	Show	GitHub Exploit DB Packet Storm

200223	7.5	HIGH Network	rubyonrails debian opensuse	rails debian_linux leap backports_sle	A deserialization of untrusted data vulnerability exists in rails < 5.2.4.3, rails < 6.0.3.1 which can allow an attacker to supply information can be inadvertently leaked fromStrong Parameters.	CWE-502 Deserialization of Untrusted Data	CVE-2020-8164	2024-11-21 14:38	2020-06-20	Show	GitHub Exploit DB Packet Storm

200224	7.5	HIGH Network	rubyonrails debian	rails debian_linux	A client side enforcement of server side security vulnerability exists in rails < 5.2.4.2 and rails < 6.0.3.1 ActiveStorage's S3 adapter that allows the Content-Length of a direct file upload to be m…	CWE-434 Unrestricted Upload of File with Dangerous Type	CVE-2020-8162	2024-11-21 14:38	2020-06-20	Show	GitHub Exploit DB Packet Storm

200225	5.7	MEDIUM Network	openmicroscopy	omero.web	OMERO.web before 5.6.3 optionally allows sensitive data elements (e.g., a session key) to be passed as URL query parameters. If an attacker tricks a user into clicking a malicious link in OMERO.web, …	CWE-200 Information Exposure	CVE-2020-7932	2024-11-21 14:38	2020-06-18	Show	GitHub Exploit DB Packet Storm

200226	6.5	MEDIUM Network	open-xchange	open-xchange_appsuite	OX App Suite through 7.10.3 allows XXE attacks.	CWE-611 XXE	CVE-2020-8541	2024-11-21 14:38	2020-06-16	Show	GitHub Exploit DB Packet Storm

200227	6.7	MEDIUM Local	synaptics	smart_audio_uwp	An unquoted search path vulnerability was reported in versions prior to 1.0.83.0 of the Synaptics Smart Audio UWP app associated with the DCHU audio drivers on Lenovo platforms that could allow an ad…	CWE-428 Unquoted Search Path or Element	CVE-2020-8337	2024-11-21 14:38	2020-06-10	Show	GitHub Exploit DB Packet Storm

200228	6.8	MEDIUM Physics	lenovo	thinkpad_e14_firmware thinkpad_e15_firmware thinkpad_r14_firmware thinkpad_s3_gen_2_firmware thinkpad_e490s_firmware thinkpad_s3_firmware thinkpad_e490_firmware thinkpad_e590_fir…	Lenovo implemented Intel CSME Anti-rollback ARB protections on some ThinkPad models to prevent roll back of CSME Firmware in flash.	NVD-CWE-noinfo	CVE-2020-8336	2024-11-21 14:38	2020-06-10	Show	GitHub Exploit DB Packet Storm

200229	6.8	MEDIUM Physics	lenovo	thinkpad_t495s_firmware thinkpad_x395_firmware thinkpad_t495_firmware thinkpad_a485_firmware thinkpad_a285_firmware thinkpad_a475_firmware thinkpad_a275_firmware	The BIOS tamper detection mechanism was not triggered in Lenovo ThinkPad T495s, X395, T495, A485, A285, A475, A275 which may allow for unauthorized access.	CWE-754 Improper Check for Unusual or Exceptional Conditions	CVE-2020-8334	2024-11-21 14:38	2020-06-10	Show	GitHub Exploit DB Packet Storm

200230	6.7	MEDIUM Local	lenovo	330-14ast_firmware 330-15ast_firmware 330-17ast_firmware 340c-15api_firmware 340c-15ast_firmware 720s_touch-15ikb_firmware 720s-15ikb_firmware 730s-13iwl_firmware c640-iml_fir…	A potential vulnerability in the SMI callback function used in the Legacy SD driver in some Lenovo ThinkPad, ThinkStation, and Lenovo Notebook models may allow arbitrary code execution.	NVD-CWE-noinfo	CVE-2020-8323	2024-11-21 14:38	2020-06-10	Show	GitHub Exploit DB Packet Storm