Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":May 25, 2026, 10 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
225761 5 警告 New Relic - Ruby Agent における重要な情報を取得される脆弱性 CWE-200
情報漏えい 		CVE-2013-0284 2013-04-11 19:38 2013-02-13 Show GitHub Exploit DB Packet Storm
225762 6.8 警告 Michael Bleigh and Intridea, Inc. - Ruby 用 omniauth-oauth2 gem におけるクロスサイトリクエストフォージェリの脆弱性 CWE-352
同一生成元ポリシー違反 		CVE-2012-6134 2013-04-11 19:37 2013-02-25 Show GitHub Exploit DB Packet Storm
225763 5.8 警告 Apache Software Foundation - Apache Maven のデフォルト設定におけるサーバになりすまされる脆弱性 CWE-16
環境設定 		CVE-2013-0253 2013-04-11 17:36 2013-04-2 Show GitHub Exploit DB Packet Storm
225764 4.3 警告 fedorahosted.org - cronie におけるファイル記述子が漏えいする脆弱性 CWE-200
情報漏えい 		CVE-2012-6097 2013-04-11 17:35 2013-01-9 Show GitHub Exploit DB Packet Storm
225765 2.1 注意 Gluster, Inc.
レッドハット		 - Red Hat Storage の GlusterFS 機能における任意のファイルを上書きされる脆弱性 CWE-264
認可・権限・アクセス制御 		CVE-2012-5635 2013-04-11 17:35 2013-03-28 Show GitHub Exploit DB Packet Storm
225766 4 警告 OpenStack
Canonical		 - 複数の OpenStack 製品におけるサービス運用妨害 (DoS) の脆弱性 CWE-399
リソース管理の問題 		CVE-2013-1838 2013-04-11 14:57 2013-03-15 Show GitHub Exploit DB Packet Storm
225767 4.3 警告 フェンリル株式会社 - Sleipnir for Windows におけるアドレスバー偽装の脆弱性 CWE-noinfo
情報不足 		CVE-2013-2303 2013-04-11 12:01 2013-04-11 Show GitHub Exploit DB Packet Storm
225768 7.5 危険 アドビシステムズ - Adobe ColdFusion におけるユーザになりすまされる脆弱性 CWE-noinfo
情報不足 		CVE-2013-1387 2013-04-11 11:57 2013-04-9 Show GitHub Exploit DB Packet Storm
225769 7.5 危険 アドビシステムズ - Adobe ColdFusion における ColdFusion Administrator コンソールへアクセスされる脆弱性 CWE-noinfo
情報不足 		CVE-2013-1388 2013-04-11 11:53 2013-04-9 Show GitHub Exploit DB Packet Storm
225770 10 危険 アドビシステムズ - Adobe Shockwave Player における任意のコードを実行される脆弱性 CWE-noinfo
情報不足 		CVE-2013-1386 2013-04-11 11:21 2013-04-9 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:May 25, 2026, 4:01 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
210741 9.8 CRITICAL
Network 		crossbeam_project crossbeam Crossbeam is a set of tools for concurrent programming. In crossbeam-channel before version 0.4.4, the bounded channel incorrectly assumes that `Vec::from_iter` has allocated capacity that same as th… CWE-401
 Missing Release of Memory after Effective Lifetime 		CVE-2020-15254 2024-11-21 14:05 2020-10-17 Show GitHub Exploit DB Packet Storm
210742 4.8 MEDIUM
Network 		grocy grocy Versions of Grocy <= 2.7.1 are vulnerable to Cross-Site Scripting via the Create Shopping List module, that is rendered upon deleting that Shopping List. The issue was also found in users, batteries,… - CVE-2020-15253 2024-11-21 14:05 2020-10-15 Show GitHub Exploit DB Packet Storm
210743 9.3 CRITICAL
Network 		sylabs
opensuse 		singularity
leap
backports_sle 		Singularity (an open source container platform) from version 3.1.1 through 3.6.3 has a vulnerability. Due to insecure handling of path traversal and the lack of path sanitization within `unsquashfs`,… - CVE-2020-15229 2024-11-21 14:05 2020-10-15 Show GitHub Exploit DB Packet Storm
210744 6.8 MEDIUM
Adjacent 		openenclave openenclave In Open Enclave before version 0.12.0, an information disclosure vulnerability exists when an enclave application using the syscalls provided by the sockets.edl is loaded by a malicious host applicat… NVD-CWE-Other
CVE-2020-15224 2024-11-21 14:05 2020-10-15 Show GitHub Exploit DB Packet Storm
210745 6.5 MEDIUM
Network 		mirahezebots channelmgnt In the Channelmgnt plug-in for Sopel (a Python IRC bot) before version 1.0.3, malicious users are able to op/voice and take over a channel. This is an ACL bypass vulnerability. This plugin is bundled… CWE-862
 Missing Authorization 		CVE-2020-15251 2024-11-21 14:05 2020-10-14 Show GitHub Exploit DB Packet Storm
210746 5.5 MEDIUM
Local 		junit
debian
apache
oracle 		junit4
debian_linux
pluto
communications_cloud_native_core_policy 		In JUnit4 from version 4.7 and before 4.13.1, the test rule TemporaryFolder contains a local information disclosure vulnerability. On Unix like systems, the system's temporary directory is shared bet… CWE-732
 Incorrect Permission Assignment for Critical Resource 		CVE-2020-15250 2024-11-21 14:05 2020-10-13 Show GitHub Exploit DB Packet Storm
210747 9.8 CRITICAL
Network 		smartstore smartstore Affected versions of Smartstore have a missing WebApi Authentication attribute. This vulnerability affects Smartstore shops in version 4.0.0 & 4.0.1 which have installed and activated the Web API plu… CWE-306
Missing Authentication for Critical Function 		CVE-2020-15243 2024-11-21 14:05 2020-10-9 Show GitHub Exploit DB Packet Storm
210748 6.1 MEDIUM
Network 		typo3 fluid_engine
typo3 		TYPO3 Fluid Engine (package `typo3fluid/fluid`) before versions 2.0.5, 2.1.4, 2.2.1, 2.3.5, 2.4.1, 2.5.5 or 2.6.1 is vulnerable to cross-site scripting when making use of the ternary conditional oper… CWE-79
Cross-site Scripting 		CVE-2020-15241 2024-11-21 14:05 2020-10-9 Show GitHub Exploit DB Packet Storm
210749 6.1 MEDIUM
Network 		vercel next.js Next.js versions >=9.5.0 and <9.5.4 are vulnerable to an Open Redirect. Specially encoded paths could be used with the trailing slash redirect to allow an open redirect to occur to an external site. … - CVE-2020-15242 2024-11-21 14:05 2020-10-9 Show GitHub Exploit DB Packet Storm
210750 5.9 MEDIUM
Network 		mozilla thunderbird If an attacker intercepts Thunderbird's initial attempt to perform automatic account setup using the Microsoft Exchange autodiscovery mechanism, and the attacker sends a crafted response, then Thunde… NVD-CWE-noinfo
CVE-2020-15646 2024-11-21 14:05 2020-10-8 Show GitHub Exploit DB Packet Storm