Vulnerability Search Top

Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

Vulnerability Information Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":May 12, 2026, 6 p.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
225711	6.8	警告	PulseCMS	-	Pulse CMS におけるクロスサイトリクエストフォージェリの脆弱性	CWE-352 同一生成元ポリシー違反	CVE-2010-0992	2012-12-20 19:28	2010-04-9	Show	GitHub Exploit DB Packet Storm

225712	5.5	警告	PulseCMS	-	Pulse CMS の delete.php におけるディレクトリトラバーサルの脆弱性	CWE-22 パス・トラバーサル	CVE-2010-0989	2012-12-20 19:28	2010-03-26	Show	GitHub Exploit DB Packet Storm

225713	6	警告	PulseCMS	-	Pulse CMS における任意の PHP コードを実行される脆弱性	CWE-94 コード・インジェクション	CVE-2010-0988	2012-12-20 19:28	2010-03-26	Show	GitHub Exploit DB Packet Storm

225714	6.8	警告	utilo	-	Rezervi の include/mail.inc.php における PHP リモートファイルインクルージョンの脆弱性	CWE-94 コード・インジェクション	CVE-2010-0983	2012-12-20 19:28	2010-03-16	Show	GitHub Exploit DB Packet Storm

225715	7.5	危険	templateplazza	-	Joomla! 用の tpjobs コンポーネントにおける SQL インジェクションの脆弱性	CWE-89 SQLインジェクション	CVE-2010-0981	2012-12-20 19:28	2010-03-16	Show	GitHub Exploit DB Packet Storm

225716	5	警告	pordus	-	PD PORTAL におけるデータベースをダウンロードされる脆弱性	CWE-264 認可・権限・アクセス制御	CVE-2010-0977	2012-12-20 19:28	2010-03-16	Show	GitHub Exploit DB Packet Storm

225717	7.5	危険	phpcityportal	-	PHPCityPortal の external.php における PHP リモートファイルインクルージョンの脆弱性	CWE-94 コード・インジェクション	CVE-2010-0975	2012-12-20 19:28	2010-03-16	Show	GitHub Exploit DB Packet Storm

225718	7.5	危険	phpcityportal	-	PHPCityPortal における SQL インジェクションの脆弱性	CWE-89 SQLインジェクション	CVE-2010-0974	2012-12-20 19:28	2010-03-16	Show	GitHub Exploit DB Packet Storm

225719	7.5	危険	scripteverkauf	-	phppool media Domain Verkaus および Auktions Portal の index.php における SQL インジェクションの脆弱性	CWE-89 SQLインジェクション	CVE-2010-0973	2012-12-20 19:28	2010-03-16	Show	GitHub Exploit DB Packet Storm

225720	4.3	警告	yuri d'elia	-	dl Download Ticket Service の index.php におけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2010-0963	2012-12-20 19:28	2010-03-16	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:May 13, 2026, 5:05 a.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
199591	5.3	MEDIUM Network	ibm	db2	IBM DB2 for Linux, UNIX and Windows (includes DB2 Connect Server) 9.7, 10.1, 10.5, 11.1, and 11.5 is vulnerable to a denial of service, caused by improper handling of Secure Sockets Layer (SSL) reneg…	NVD-CWE-noinfo	CVE-2020-4355	2024-11-21 14:32	2020-07-2	Show	GitHub Exploit DB Packet Storm

199592	4.3	MEDIUM Network	atlassian	jira jira_software_data_center jira_server jira_data_center	The /rest/project-templates/1.0/createshared resource in Atlassian Jira Server and Data Center before version 8.5.5, from 8.6.0 before 8.7.2, and from 8.8.0 before 8.8.1 allows remote attackers to en…	NVD-CWE-noinfo	CVE-2020-4029	2024-11-21 14:32	2020-07-1	Show	GitHub Exploit DB Packet Storm

199593	4.7	MEDIUM Network	atlassian	confluence confluence_server	Affected versions of Atlassian Confluence Server and Data Center allowed remote attackers with system administration permissions to bypass velocity template injection mitigations via an injection vul…	CWE-74 Injection	CVE-2020-4027	2024-11-21 14:32	2020-07-1	Show	GitHub Exploit DB Packet Storm

199594	4.8	MEDIUM Network	atlassian	jira jira_software_data_center jira_server jira_data_center	The attachment download resource in Atlassian Jira Server and Data Center The attachment download resource in Atlassian Jira Server and Data Center before 8.5.5, and from 8.6.0 before 8.8.2, and from…	CWE-79 Cross-site Scripting	CVE-2020-4025	2024-11-21 14:32	2020-07-1	Show	GitHub Exploit DB Packet Storm

199595	5.4	MEDIUM Network	atlassian	jira jira_software_data_center jira_server jira_data_center	The attachment download resource in Atlassian Jira Server and Data Center before 8.5.5, and from 8.6.0 before 8.8.2, and from 8.9.0 before 8.9.1 allows remote attackers to inject arbitrary HTML or Ja…	CWE-79 Cross-site Scripting	CVE-2020-4024	2024-11-21 14:32	2020-07-1	Show	GitHub Exploit DB Packet Storm

199596	6.1	MEDIUM Network	atlassian	jira jira_software_data_center jira_server jira_data_center	The attachment download resource in Atlassian Jira Server and Data Center before 8.5.5, and from 8.6.0 before 8.8.2, and from 8.9.0 before 8.9.1 allows remote attackers to inject arbitrary HTML or Ja…	CWE-79 Cross-site Scripting	CVE-2020-4022	2024-11-21 14:32	2020-07-1	Show	GitHub Exploit DB Packet Storm

199597	7.8	HIGH Local	neutrinolabs	xrdp	The xrdp-sesman service before version 0.9.13.1 can be crashed by connecting over port 3350 and supplying a malicious payload. Once the xrdp-sesman process is dead, an unprivileged attacker on the se…	-	CVE-2020-4044	2024-11-21 14:32	2020-07-1	Show	GitHub Exploit DB Packet Storm

199598	7.5	HIGH Network	coturn_project debian fedoraproject canonical opensuse	coturn debian_linux fedora ubuntu_linux leap	In coturn before version 4.5.1.3, there is an issue whereby STUN/TURN response buffer is not initialized properly. There is a leak of information between different client connections. One client (an …	-	CVE-2020-4067	2024-11-21 14:32	2020-06-30	Show	GitHub Exploit DB Packet Storm

199599	5.4	MEDIUM Network	oauth2_proxy_project	oauth2_proxy	In OAuth2 Proxy from version 5.1.1 and less than version 6.0.0, users can provide a redirect address for the proxy to send the authenticated user to at the end of the authentication flow. This is exp…	-	CVE-2020-4037	2024-11-21 14:32	2020-06-30	Show	GitHub Exploit DB Packet Storm

199600	5.4	MEDIUM Network	ibm	business_process_manager business_automation_workflow	IBM Business Automation Workflow 18.0, 19.0, and 20.0 and IBM Business Process Manager 8.5 and 8.6 are vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScrip…	CWE-79 Cross-site Scripting	CVE-2020-4557	2024-11-21 14:32	2020-06-29	Show	GitHub Exploit DB Packet Storm