Vulnerability Search Top

Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

Vulnerability Information Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":May 17, 2026, 6 p.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
225771	7.5	危険	Fail2ban	-	Fail2ban の server/action.py における安全でない動作を誘発される脆弱性	CWE-noinfo 情報不足	CVE-2012-5642	2013-01-7 11:34	2012-12-6	Show	GitHub Exploit DB Packet Storm

225772	4.3	警告	Polycom	-	Polycom HDX Video End Points におけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2012-4970	2013-01-4 16:45	2012-12-31	Show	GitHub Exploit DB Packet Storm

225773	3.3	注意	Belkin International	-	Belkin N900 ルータの WPA2 の実装における Wi-Fi ネットワークにアクセスされる脆弱性	CWE-310 暗号の問題	CVE-2012-6371	2013-01-4 16:44	2012-12-31	Show	GitHub Exploit DB Packet Storm

225774	7.5	危険	LemonLDAP::NG	-	LemonLDAP::NG におけるアクセスコントロール制限を回避される脆弱性	CWE-264 認可・権限・アクセス制御	CVE-2012-6426	2013-01-4 16:39	2012-12-18	Show	GitHub Exploit DB Packet Storm

225775	5.8	警告	IBM	-	IBM SPSS Modeler における任意のファイルを読まれる脆弱性	CWE-Other その他	CVE-2012-5769	2013-01-4 16:38	2012-12-28	Show	GitHub Exploit DB Packet Storm

225776	7.5	危険	i-GEN Solutions	-	i-GEN opLYNX の Central アプリケーションにおける認証を回避される脆弱性	CWE-287 不適切な認証	CVE-2012-4688	2013-01-4 16:31	2012-12-27	Show	GitHub Exploit DB Packet Storm

225777	5.8	警告	vBulletin Solutions, Inc.	-	vBulletin の forum/login.php におけるオープンリダイレクトの脆弱性	CWE-20 不適切な入力確認	CVE-2011-5251	2013-01-4 16:23	2011-06-2	Show	GitHub Exploit DB Packet Storm

225778	4.3	警告	AgileBits	-	AgileBits 1Password におけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2012-6369	2013-01-4 16:20	2012-12-28	Show	GitHub Exploit DB Packet Storm

225779	4.3	警告	Simple Invoices	-	SimpleInvoices におけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2012-4932	2013-01-4 16:16	2012-12-28	Show	GitHub Exploit DB Packet Storm

225780	5	警告	ModSecurity	-	Apache HTTP Server 用 mod_security2 モジュールにおけるルールを回避される脆弱性	CWE-264 認可・権限・アクセス制御	CVE-2012-4528	2013-01-4 16:14	2012-10-15	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:May 17, 2026, 4:15 a.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
197431	9.8	CRITICAL Network	iteris	vantage_velocity_firmware	Iteris Vantage Velocity Field Unit 2.3.1 and 2.4.2 devices have two users that are not documented and are configured with weak passwords (User bluetooth, password bluetooth; User eclipse, password ec…	CWE-521 Weak Password Requirements	CVE-2020-9023	2024-11-21 14:39	2020-02-17	Show	GitHub Exploit DB Packet Storm

197432	6.1	MEDIUM Network	cambiumnetworks	xh2-120_firmware xr2436_firmware xr520_firmware xr620_firmware	An issue was discovered on Xirrus XR520, XR620, XR2436, and XH2-120 devices. The cgi-bin/ViewPage.cgi user parameter allows XSS.	CWE-79 Cross-site Scripting	CVE-2020-9022	2024-11-21 14:39	2020-02-17	Show	GitHub Exploit DB Packet Storm

197433	9.8	CRITICAL Network	postoaktraffic	awam_bluetooth_field_device_firmware	Post Oak AWAM Bluetooth Field Device 7400v2.08.21.2018, 7800SD.2015.1.16, 2011.3, 7400v2.02.01.2019, and 7800SD.2012.12.5 is vulnerable to injections of operating system commands through timeconfig.p…	CWE-78 OS Command	CVE-2020-9021	2024-11-21 14:39	2020-02-17	Show	GitHub Exploit DB Packet Storm

197434	9.8	CRITICAL Network	iteris	vantage_velocity_firmware	Iteris Vantage Velocity Field Unit 2.3.1, 2.4.2, and 3.0 devices allow the injection of OS commands into cgi-bin/timeconfig.py via shell metacharacters in the NTP Server field.	CWE-78 OS Command	CVE-2020-9020	2024-11-21 14:39	2020-02-17	Show	GitHub Exploit DB Packet Storm

197435	7.5	HIGH Network	microchip	syncserver_s100_firmware syncserver_s200_firmware syncserver_s250_firmware syncserver_s300_firmware syncserver_s350_firmware	Symmetricom SyncServer S100 2.90.70.3, S200 1.30, S250 1.25, S300 2.65.0, and S350 2.80.1 devices mishandle session validation, leading to unauthenticated creation, modification, or elimination of us…	NVD-CWE-noinfo	CVE-2020-9034	2024-11-21 14:39	2020-02-17	Show	GitHub Exploit DB Packet Storm

197436	5.4	MEDIUM Network	dolibarr	dolibarr_erp\/crm	Dolibarr 11.0 allows XSS via the joinfiles, topic, or code parameter, or the HTTP Referer header.	CWE-79 Cross-site Scripting	CVE-2020-9016	2024-11-21 14:39	2020-02-17	Show	GitHub Exploit DB Packet Storm

197437	4.3	MEDIUM Network	arvato	skillpipe	Arvato Skillpipe 3.0 allows attackers to bypass intended print restrictions by deleting <div id="watermark"> from the HTML source code.	CWE-20 Improper Input Validation	CVE-2020-9013	2024-11-21 14:39	2020-02-17	Show	GitHub Exploit DB Packet Storm

197438	6.1	MEDIUM Network	gluu	gluu_server	A cross-site scripting (XSS) vulnerability in the Import People functionality in Gluu Identity Configuration 4.0 allows remote attackers to inject arbitrary web script or HTML via the filename parame…	CWE-79 Cross-site Scripting	CVE-2020-9012	2024-11-21 14:39	2020-02-17	Show	GitHub Exploit DB Packet Storm

197439	5.4	MEDIUM Network	codologic	codoforum	Codoforum 4.8.8 allows self-XSS via the title of a new topic.	CWE-79 Cross-site Scripting	CVE-2020-9007	2024-11-21 14:39	2020-02-17	Show	GitHub Exploit DB Packet Storm

197440	8.8	HIGH Adjacent	abbott	freestyle_libre_firmware	Older generation Abbott FreeStyle Libre sensors allow remote attackers within close proximity to enable write access to memory via a specific NFC unlock command. NOTE: The vulnerability is not presen…	CWE-787 Out-of-bounds Write	CVE-2020-8997	2024-11-21 14:39	2020-02-17	Show	GitHub Exploit DB Packet Storm