Vulnerability Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":May 20, 2026, 4 p.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
225841	7.2	危険	マイクロソフト	-	Microsoft Windows の USB カーネルモードドライバにおける任意のコードを実行される脆弱性	CWE-264 認可・権限・アクセス制御	CVE-2013-1287	2013-03-18 11:42	2013-03-12	Show	GitHub Exploit DB Packet Storm

225842	9.3	危険	マイクロソフト	-	Microsoft Internet Explorer 8 における任意のコードを実行される脆弱性	CWE-399 リソース管理の問題	CVE-2013-1288	2013-03-18 11:39	2013-03-12	Show	GitHub Exploit DB Packet Storm

225843	10	危険	サン・マイクロシステムズ VMware 日立ヒューレット・パッカード	-	Oracle Java SE の Java Runtime Environment (JRE) コンポーネントにおける脆弱性	CWE-noinfo 情報不足	CVE-2011-0815	2013-03-14 17:54	2011-06-7	Show	GitHub Exploit DB Packet Storm

225844	5	警告	アップルサン・マイクロシステムズヒューレット・パッカード VMware 日立レッドハット	-	複数の Oracle 製品の Java Runtime Environment における脆弱性	CWE-noinfo 情報不足	CVE-2010-4470	2013-03-14 16:56	2011-02-15	Show	GitHub Exploit DB Packet Storm

225845	9.3	危険	マイクロソフトアドビシステムズ Google	-	Adobe Flash Player の ExternalInterface ActionScript 機能における任意のコードを実行される脆弱性	CWE-noinfo 情報不足	CVE-2013-0648	2013-03-14 16:21	2013-02-26	Show	GitHub Exploit DB Packet Storm

225846	9.3	危険	アドビシステムズ	-	Adobe Flash Player の Firefox 版サンドボックスにおける任意のコードを実行される脆弱性	CWE-264 認可・権限・アクセス制御	CVE-2013-0643	2013-03-14 16:18	2013-02-26	Show	GitHub Exploit DB Packet Storm

225847	10	危険	マイクロソフトアドビシステムズ Google	-	Adobe Flash Player におけるバッファオーバーフローの脆弱性	CWE-119 バッファエラー	CVE-2013-0630	2013-03-14 16:14	2013-01-8	Show	GitHub Exploit DB Packet Storm

225848	10	危険	マイクロソフトアドビシステムズ Google	-	Adobe Flash Player のブローカーサービスにおけるバッファオーバーフローの脆弱性	CWE-119 バッファエラー	CVE-2013-0504	2013-03-14 16:13	2013-02-26	Show	GitHub Exploit DB Packet Storm

225849	9	危険	GroundWork	-	GroundWork Monitor Enterprise に複数の脆弱性	-	-	2013-03-12 11:14	2013-03-11	Show	GitHub Exploit DB Packet Storm

225850	6.8	警告	シスコシステムズ	-	Cisco Prime Infrastructure の Web インタフェースにおけるクロスサイトリクエストフォージェリの脆弱性	CWE-352 同一生成元ポリシー違反	CVE-2013-1153	2013-03-11 16:47	2013-03-5	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:May 20, 2026, 4:14 a.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
196991	9.8	CRITICAL Network	craftcms	craft_cms	The SEOmatic component before 3.3.0 for Craft CMS allows Server-Side Template Injection that leads to RCE via malformed data to the metacontainers controller.	CWE-74 Injection	CVE-2020-9757	2024-11-21 14:41	2020-03-5	Show	GitHub Exploit DB Packet Storm

196992	9.1	CRITICAL Network	naver	cloud_explorer	Naver Cloud Explorer before 2.2.2.11 allows the system to download an arbitrary file from the attacker's server and execute it during the upgrade.	CWE-494 Download of Code Without Integrity Check	CVE-2020-9751	2024-11-21 14:41	2020-03-3	Show	GitHub Exploit DB Packet Storm

196993	5.4	MEDIUM Network	arcadyan	vrv9506jac23_firmware	Multiple stored cross-site scripting (XSS) vulnerabilities in Arcadyan Wifi routers VRV9506JAC23 allow remote attackers to inject arbitrary web script or HTML via the hostName and domain_name paramet…	CWE-79 Cross-site Scripting	CVE-2020-9419	2024-11-21 14:40	2022-12-14	Show	GitHub Exploit DB Packet Storm

196994	6.5	MEDIUM Network	arcadyan	vrv9506jac23_firmware	The login password of the web administrative dashboard in Arcadyan Wifi routers VRV9506JAC23 is sent in cleartext, allowing an attacker to sniff and intercept traffic to learn the administrative cred…	CWE-319 Cleartext Transmission of Sensitive Information	CVE-2020-9420	2024-11-21 14:40	2022-12-14	Show	GitHub Exploit DB Packet Storm

196995	6.8	MEDIUM Physics	sonos	one_firmware	Some versions of Sonos One (1st and 2nd generation) allow partial or full memory access via attacker controlled hardware that can be attached to the Mini-PCI Express slot on the motherboard that host…	NVD-CWE-noinfo	CVE-2020-9285	2024-11-21 14:40	2022-10-21	Show	GitHub Exploit DB Packet Storm

196996	7.5	HIGH Network	huawei	magic_ui emui	There is a Missing Cryptographic Step vulnerability in Huawei Smartphone. Successful exploitation of this vulnerability may cause DoS of Samgr.	NVD-CWE-Other	CVE-2020-9158	2024-11-21 14:40	2021-07-1	Show	GitHub Exploit DB Packet Storm

196997	9.8	CRITICAL Network	apache qos	chainsaw log4j reload4j	A deserialization flaw was found in Apache Chainsaw versions prior to 2.1.0 which could lead to malicious code execution.	CWE-502 Deserialization of Untrusted Data	CVE-2020-9493	2024-11-21 14:40	2021-06-16	Show	GitHub Exploit DB Packet Storm

196998	7.8	HIGH Local	acronis	true_image_2020	An issue was discovered in Acronis True Image 2020 24.5.22510. anti_ransomware_service.exe exposes a REST API that can be used by everyone, even unprivileged users. This API is used to communicate fr…	CWE-276 Incorrect Default Permissions	CVE-2020-9450	2024-11-21 14:40	2021-05-25	Show	GitHub Exploit DB Packet Storm

196999	7.8	HIGH Local	acronis	true_image_2020	An issue was discovered in Acronis True Image 2020 24.5.22510. anti_ransomware_service.exe includes functionality to quarantine files by copying a suspected ransomware file from one directory to anot…	CWE-59 Link Following	CVE-2020-9452	2024-11-21 14:40	2021-05-25	Show	GitHub Exploit DB Packet Storm

197000	5.5	MEDIUM Local	acronis	true_image_2020	An issue was discovered in Acronis True Image 2020 24.5.22510. anti_ransomware_service.exe keeps a log in a folder where unprivileged users have write permissions. The logs are generated in a predict…	CWE-276 Incorrect Default Permissions	CVE-2020-9451	2024-11-21 14:40	2021-05-25	Show	GitHub Exploit DB Packet Storm

Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed