Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":May 11, 2026, 4:01 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
225601 7.5 危険 Tiki Software Community Association - TikiWiki CMS/Groupware における SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2010-1133 2012-12-20 19:29 2010-03-5 Show GitHub Exploit DB Packet Storm
225602 4.3 警告 tristan barczyk - KloNews の cat.php におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2010-1112 2012-12-20 19:29 2010-03-25 Show GitHub Exploit DB Packet Storm
225603 7.5 危険 ScriptsFeed.com - ScriptsFeed Dating Software の searchmatch.php における SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2010-1096 2012-12-20 19:29 2010-03-24 Show GitHub Exploit DB Packet Storm
225604 7.5 危険 ScriptsFeed.com - ScriptsFeed Business Directory Software の login.php における SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2010-1092 2012-12-20 19:29 2010-03-24 Show GitHub Exploit DB Packet Storm
225605 4.3 警告 tornadostore - TornadoStore におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2010-1328 2012-12-20 19:29 2010-07-6 Show GitHub Exploit DB Packet Storm
225606 7.5 危険 tornadostore - TornadoStore における SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2010-1327 2012-12-20 19:29 2010-07-6 Show GitHub Exploit DB Packet Storm
225607 10 危険 リアルネットワークス - RealNetworks Helix Server などで使用されている AgentX++ における整数オーバーフローの脆弱性 CWE-189
数値処理の問題 		CVE-2010-1319 2012-12-20 19:29 2010-04-20 Show GitHub Exploit DB Packet Storm
225608 10 危険 リアルネットワークス - RealNetworks Helix Server などで使用されている AgentX++ におけるスタックベースのバッファオーバーフローの脆弱性 CWE-119
バッファエラー 		CVE-2010-1318 2012-12-20 19:29 2010-04-20 Show GitHub Exploit DB Packet Storm
225609 7.5 危険 リアルネットワークス - RealNetworks Helix Server および Helix Mobile Server の NTLM 認証機能におけるヒープベースのバッファオーバーフローの脆弱性 CWE-119
バッファエラー 		CVE-2010-1317 2012-12-20 19:29 2010-04-20 Show GitHub Exploit DB Packet Storm
225610 5 警告 Tembria - Tembria Server Monitor におけるスタックベースのバッファオーバーフローの脆弱性 CWE-119
バッファエラー 		CVE-2010-1316 2012-12-20 19:29 2010-04-14 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:May 11, 2026, 4:09 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
198831 5.4 MEDIUM
Network 		atlassian jira
jira_software_data_center
jira_server
jira_data_center 		The attachment download resource in Atlassian Jira Server and Data Center before 8.5.5, and from 8.6.0 before 8.8.2, and from 8.9.0 before 8.9.1 allows remote attackers to inject arbitrary HTML or Ja… CWE-79
Cross-site Scripting 		CVE-2020-4024 2024-11-21 14:32 2020-07-1 Show GitHub Exploit DB Packet Storm
198832 6.1 MEDIUM
Network 		atlassian jira
jira_software_data_center
jira_server
jira_data_center 		The attachment download resource in Atlassian Jira Server and Data Center before 8.5.5, and from 8.6.0 before 8.8.2, and from 8.9.0 before 8.9.1 allows remote attackers to inject arbitrary HTML or Ja… CWE-79
Cross-site Scripting 		CVE-2020-4022 2024-11-21 14:32 2020-07-1 Show GitHub Exploit DB Packet Storm
198833 7.8 HIGH
Local 		neutrinolabs xrdp The xrdp-sesman service before version 0.9.13.1 can be crashed by connecting over port 3350 and supplying a malicious payload. Once the xrdp-sesman process is dead, an unprivileged attacker on the se… - CVE-2020-4044 2024-11-21 14:32 2020-07-1 Show GitHub Exploit DB Packet Storm
198834 7.5 HIGH
Network 		coturn_project
debian
fedoraproject
canonical
opensuse 		coturn
debian_linux
fedora
ubuntu_linux
leap 		In coturn before version 4.5.1.3, there is an issue whereby STUN/TURN response buffer is not initialized properly. There is a leak of information between different client connections. One client (an … - CVE-2020-4067 2024-11-21 14:32 2020-06-30 Show GitHub Exploit DB Packet Storm
198835 5.4 MEDIUM
Network 		oauth2_proxy_project oauth2_proxy In OAuth2 Proxy from version 5.1.1 and less than version 6.0.0, users can provide a redirect address for the proxy to send the authenticated user to at the end of the authentication flow. This is exp… - CVE-2020-4037 2024-11-21 14:32 2020-06-30 Show GitHub Exploit DB Packet Storm
198836 5.4 MEDIUM
Network 		ibm business_process_manager
business_automation_workflow 		IBM Business Automation Workflow 18.0, 19.0, and 20.0 and IBM Business Process Manager 8.5 and 8.6 are vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScrip… CWE-79
Cross-site Scripting 		CVE-2020-4557 2024-11-21 14:32 2020-06-29 Show GitHub Exploit DB Packet Storm
198837 7.5 HIGH
Network 		ibm api_connect IBM API Connect V2018.4.1.0 through 2018.4.1.11 uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive information. IBM X-Force ID: 181324. CWE-327
 Use of a Broken or Risky Cryptographic Algorithm 		CVE-2020-4452 2024-11-21 14:32 2020-06-29 Show GitHub Exploit DB Packet Storm
198838 6.5 MEDIUM
Network 		hcltech notes HCL Notes is vulnerable to an information leakage vulnerability through its support for the 'mailto' protocol. This vulnerability could result in files from the user's filesystem or connected network… NVD-CWE-noinfo
CVE-2020-4089 2024-11-21 14:32 2020-06-27 Show GitHub Exploit DB Packet Storm
198839 5.9 MEDIUM
Network 		ibm spectrum_protect_plus IBM Spectrum Protect Plus 10.1.0 through 10.1.5 could allow an attacker to obtain sensitive information due to insecure communications being used between the application and server. IBM X-Force ID: 1… CWE-200
Information Exposure 		CVE-2020-4565 2024-11-21 14:32 2020-06-26 Show GitHub Exploit DB Packet Storm
198840 5.4 MEDIUM
Network 		ibm maximo_asset_management IBM Maximo Asset Management 7.6.0.10 and 7.6.1.1 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended fun… CWE-79
Cross-site Scripting 		CVE-2020-4223 2024-11-21 14:32 2020-06-26 Show GitHub Exploit DB Packet Storm