Vulnerability Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":May 17, 2026, 6 p.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
225311	5	警告	Google	-	Google Chrome の Geolocation の実装におけるサービス運用妨害 (アプリケーションクラッシュ) の脆弱性	CWE-noinfo 情報不足	CVE-2013-0835	2013-02-20 13:37	2013-01-10	Show	GitHub Exploit DB Packet Storm

225312	5	警告	Google	-	Google Chrome におけるサービス運用妨害 (out-of-bounds read) の脆弱性	CWE-119 バッファエラー	CVE-2013-0834	2013-02-20 13:36	2013-01-10	Show	GitHub Exploit DB Packet Storm

225313	5	警告	Google	-	Google Chrome のサービス運用妨害 (out-of-bounds read) の脆弱性	CWE-119 バッファエラー	CVE-2013-0833	2013-02-20 13:35	2013-01-10	Show	GitHub Exploit DB Packet Storm

225314	7.5	危険	Google	-	Google Chrome におけるサービス運用妨害 (DoS) の脆弱性	CWE-399 リソース管理の問題	CVE-2013-0832	2013-02-20 13:31	2013-01-10	Show	GitHub Exploit DB Packet Storm

225315	7.5	危険	Google	-	Google Chrome におけるディレクトリトラバーサルの脆弱性	CWE-22 パス・トラバーサル	CVE-2013-0831	2013-02-20 13:30	2013-01-10	Show	GitHub Exploit DB Packet Storm

225316	7.5	危険	Google	-	Windows 上で稼働する Google Chrome の IPC レイヤにおけるデータ構造の脆弱性	CWE-20 不適切な入力確認	CVE-2013-0830	2013-02-20 13:29	2013-01-10	Show	GitHub Exploit DB Packet Storm

225317	4.3	警告	ヒューレット・パッカード	-	HP ArcSight アプライアンス製品にクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2012-2960	2013-02-20 12:18	2012-08-7	Show	GitHub Exploit DB Packet Storm

225318	9	危険	日立	-	Hitachi Tuning Manager および JP1/Performance Management における複数の脆弱性	CWE-352 CWE-79	-	2013-02-20 09:53	2013-02-18	Show	GitHub Exploit DB Packet Storm

225319	4.3	警告	Stoneware	-	Stoneware webNetwork におけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2012-4352	2013-02-19 16:52	2012-09-12	Show	GitHub Exploit DB Packet Storm

225320	6.9	警告	シマンテック	-	Symantec PGP Desktop および Encryption Desktop における整数オーバーフローの脆弱性	CWE-189 数値処理の問題	CVE-2012-4351	2013-02-19 16:51	2013-02-13	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:May 17, 2026, 4:15 a.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
198441	9.8	CRITICAL Network	gulp-tape_project	gulp-tape	gulp-tape through 1.0.0 allows execution of arbitrary commands. It is possible to inject arbitrary commands as part of 'gulp-tape' options.	CWE-78 OS Command	CVE-2020-7605	2024-11-21 14:37	2020-03-16	Show	GitHub Exploit DB Packet Storm

198442	9.8	CRITICAL Network	pulverizr_project	pulverizr	pulverizr through 0.7.0 allows execution of arbitrary commands. Within "lib/job.js", the variable "filename" can be controlled by the attacker. This function uses the variable "filename" to construct…	CWE-78 OS Command	CVE-2020-7604	2024-11-21 14:37	2020-03-16	Show	GitHub Exploit DB Packet Storm

198443	9.8	CRITICAL Network	closure-compiler-stream_project	closure-compiler-stream	closure-compiler-stream through 0.1.15 allows execution of arbitrary commands. The argument "options" of the exports function in "index.js" can be controlled by users without any sanitization.	CWE-78 OS Command	CVE-2020-7603	2024-11-21 14:37	2020-03-16	Show	GitHub Exploit DB Packet Storm

198444	9.8	CRITICAL Network	node-prompt-here_project	node-prompt-here	node-prompt-here through 1.0.1 allows execution of arbitrary commands. The "runCommand()" is called by "getDevices()" function in file "linux/manager.js", which is required by the "index. process.env…	CWE-78 OS Command	CVE-2020-7602	2024-11-21 14:37	2020-03-16	Show	GitHub Exploit DB Packet Storm

198445	9.8	CRITICAL Network	gulp-scss-lint_project	gulp-scss-lint	gulp-scss-lint through 1.0.0 allows execution of arbitrary commands. It is possible to inject arbitrary commands to the "exec" function located in "src/command.js" via the provided options.	CWE-78 OS Command	CVE-2020-7601	2024-11-21 14:37	2020-03-16	Show	GitHub Exploit DB Packet Storm

198446	5.3	MEDIUM Network	querymen_project	querymen	querymen prior to 2.1.4 allows modification of object properties. The parameters of exported function handler(type, name, fn) can be controlled by users without any sanitization. This could be abused…	CWE-1321 Improperly Controlled Modification of Object Prototype Attributes ('Prototype Pollution')	CVE-2020-7600	2024-11-21 14:37	2020-03-13	Show	GitHub Exploit DB Packet Storm

198447	5.6	MEDIUM Network	substack opensuse	minimist leap	minimist before 1.2.2 could be tricked into adding or modifying properties of Object.prototype using a "constructor" or "__proto__" payload.	CWE-1321 Improperly Controlled Modification of Object Prototype Attributes ('Prototype Pollution')	CVE-2020-7598	2024-11-21 14:37	2020-03-12	Show	GitHub Exploit DB Packet Storm

198448	6.1	MEDIUM Network	siemens	spectrum_power_5	A vulnerability has been identified in Spectrum Power™ 5 (All versions < v5.50 HF02). The web server could allow Cross-Site Scripting (XSS) attacks if unsuspecting users are tricked into accessing a …	CWE-79 Cross-site Scripting	CVE-2020-7579	2024-11-21 14:37	2020-03-11	Show	GitHub Exploit DB Packet Storm

198449	7.5	HIGH Network	jetbrains	scala	In the JetBrains Scala plugin before 2019.2.1, some artefact dependencies were resolved over unencrypted connections.	CWE-319 Cleartext Transmission of Sensitive Information	CVE-2020-7907	2024-11-21 14:37	2020-02-22	Show	GitHub Exploit DB Packet Storm

198450	9.8	CRITICAL Network	synacor	zimbra_collaboration_suite	Zimbra Collaboration Suite (ZCS) before 8.8.15 Patch 7 allows SSRF when WebEx zimlet is installed and zimlet JSP is enabled.	CWE-918 Server-Side Request Forgery (SSRF)	CVE-2020-7796	2024-11-21 14:37	2020-02-19	Show	GitHub Exploit DB Packet Storm

Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed