Vulnerability Search Top

Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

Vulnerability Information Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":May 11, 2026, 6:01 p.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
225821	7.5	危険	webmobo	-	WB News における認証を回避される脆弱性	CWE-287 不適切な認証	CVE-2009-4927	2012-12-20 19:28	2010-07-12	Show	GitHub Exploit DB Packet Storm

225822	6.8	警告	UnrealIRCd	-	UnrealIRCd におけるバッファオーバーフローの脆弱性	CWE-119 バッファエラー	CVE-2009-4893	2012-12-20 19:28	2010-06-15	Show	GitHub Exploit DB Packet Storm

225823	7.5	危険	webjump	-	Content Management System WEBjump! における SQL インジェクションの脆弱性	CWE-89 SQLインジェクション	CVE-2009-4892	2012-12-20 19:28	2010-06-11	Show	GitHub Exploit DB Packet Storm

225824	4.3	警告	retrieve	-	vBook のログインアプリケーションにおけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2009-4890	2012-12-20 19:28	2010-06-11	Show	GitHub Exploit DB Packet Storm

225825	6.8	警告	sbuilder	-	CMS S.Builder の index.php における PHP リモートファイルインクルージョンの脆弱性	CWE-94 コード・インジェクション	CVE-2009-4887	2012-12-20 19:28	2010-06-11	Show	GitHub Exploit DB Packet Storm

225826	7.5	危険	todd rogers	-	PHPRecipeBook の index.php における SQL インジェクションの脆弱性	CWE-89 SQLインジェクション	CVE-2009-4883	2012-12-20 19:28	2010-06-11	Show	GitHub Exploit DB Packet Storm

225827	4.3	警告	zonecheck	-	ZoneCheck の zc/publisher/html.rb におけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2009-4882	2012-12-20 19:28	2010-05-26	Show	GitHub Exploit DB Packet Storm

225828	6.8	警告	plain black	-	WebGUI におけるクロスサイトリクエストフォージェリの脆弱性	CWE-352 同一生成元ポリシー違反	CVE-2009-4877	2012-12-20 19:28	2010-05-26	Show	GitHub Exploit DB Packet Storm

225829	6.4	警告	scripts.oldguy	-	TalkBack におけるコメントを変更される脆弱性	CWE-264 認可・権限・アクセス制御	CVE-2009-4874	2012-12-20 19:28	2010-05-26	Show	GitHub Exploit DB Packet Storm

225830	10	危険	rhinosoft	-	Rhino Software Serv-U Web Client の HTTP サーバにおけるスタックベースのバッファオーバーフローの脆弱性	CWE-119 バッファエラー	CVE-2009-4873	2012-12-20 19:28	2010-05-26	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:May 11, 2026, 4:09 a.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
211721	7.2	HIGH Network	proofpoint	insider_threat_management_server	The Proofpoint Insider Threat Management Server (formerly ObserveIT Server) before 7.9.1 contains a vulnerability in the ITM web console's ImportAlertRules feature. The vulnerability allows a remote …	CWE-502 Deserialization of Untrusted Data	CVE-2020-10657	2024-11-21 13:55	2021-01-6	Show	GitHub Exploit DB Packet Storm

211722	9.8	CRITICAL Network	proofpoint	insider_threat_management_server	The Proofpoint Insider Threat Management Server (formerly ObserveIT Server) before 7.9.1 contains a vulnerability in the ITM application server's WriteWindowMouseWithChunksV2 API. The vulnerability a…	CWE-502 Deserialization of Untrusted Data	CVE-2020-10656	2024-11-21 13:55	2021-01-6	Show	GitHub Exploit DB Packet Storm

211723	9.8	CRITICAL Network	proofpoint	insider_threat_management_server	The Proofpoint Insider Threat Management Server (formerly ObserveIT Server) before 7.9.1 contains a vulnerability in the ITM application server's WriteWindowMouse API. The vulnerability allows an ano…	CWE-502 Deserialization of Untrusted Data	CVE-2020-10655	2024-11-21 13:55	2021-01-6	Show	GitHub Exploit DB Packet Storm

211724	8.2	HIGH Network	kuka	visual_components_network_license_server	Visual Components (owned by KUKA) is a robotic simulator that allows simulating factories and robots in order toimprove planning and decision-making processes. Visual Components software requires a s…	CWE-119 Incorrect Access of Indexable Resource ('Range Error')	CVE-2020-10292	2024-11-21 13:55	2020-11-6	Show	GitHub Exploit DB Packet Storm

211725	7.5	HIGH Network	kuka	visual_components_network_license_server	Visual Components (owned by KUKA) is a robotic simulator that allows simulating factories and robots in order toimprove planning and decision-making processes. Visual Components software requires a s…	CWE-306 Missing Authentication for Critical Function	CVE-2020-10291	2024-11-21 13:55	2020-11-6	Show	GitHub Exploit DB Packet Storm

211726	9.8	CRITICAL Network	1password	scim command_line_interface	An issue was discovered in beta versions of the 1Password command-line tool prior to 0.5.5 and in beta versions of the 1Password SCIM bridge prior to 0.7.3. An insecure random number generator was us…	NVD-CWE-noinfo	CVE-2020-10256	2024-11-21 13:55	2020-10-27	Show	GitHub Exploit DB Packet Storm

211727	7.8	HIGH Local	redhat	fabric8-maven	A flaw was found in the fabric8-maven-plugin 4.0.0 and later. When using a wildfly-swarm or thorntail custom configuration, a malicious YAML configuration file on the local machine executing the mave…	CWE-502 Deserialization of Untrusted Data	CVE-2020-10721	2024-11-21 13:55	2020-10-23	Show	GitHub Exploit DB Packet Storm

211728	6.1	MEDIUM Local	infinispan	infinispan-server-runtime	A flaw was found in Infinispan (org.infinispan:infinispan-server-runtime) version 10, where it permits local access to controls via both REST and HotRod APIs. This flaw allows a user authenticated to…	NVD-CWE-Other	CVE-2020-10746	2024-11-21 13:55	2020-10-20	Show	GitHub Exploit DB Packet Storm

211729	7.5	HIGH Network	redhat netapp	wildfly_elytron jboss_fuse process_automation descision_manager codeready_studio oncommand_insight	A flaw was found in WildFly Elytron version 1.11.3.Final and before. When using WildFly Elytron FORM authentication with a session ID in the URL, an attacker could perform a session fixation attack. …	-	CVE-2020-10714	2024-11-21 13:55	2020-09-23	Show	GitHub Exploit DB Packet Storm

211730	4.8	MEDIUM Network	redhat	undertow single_sign-on jboss_enterprise_application_platform	A flaw was discovered in all versions of Undertow before Undertow 2.2.0.Final, where HTTP request smuggling related to CVE-2017-2666 is possible against HTTP/1.x and HTTP/2 due to permitting invalid …	-	CVE-2020-10687	2024-11-21 13:55	2020-09-23	Show	GitHub Exploit DB Packet Storm