Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":June 2, 2026, 6 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
225841 6.8 警告 Elgg - Elgg の engine/lib/users.php における任意のアカウントを作成される脆弱性 CWE-264
認可・権限・アクセス制御 		CVE-2012-6562 2013-05-27 15:57 2012-05-19 Show GitHub Exploit DB Packet Storm
225842 4.3 警告 Elgg - Elgg の engine/lib/views.php におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2012-6561 2013-05-27 15:55 2012-05-19 Show GitHub Exploit DB Packet Storm
225843 5 警告 Wireshark - Wireshark の USB 解析機能におけるサービス運用妨害 (無限ループ) の脆弱性 CWE-189
数値処理の問題 		CVE-2012-6053 2013-05-27 15:55 2012-11-28 Show GitHub Exploit DB Packet Storm
225844 7.5 危険 FreeNAC - FreeNAC の deviceadd.php における SQL インジェクションの脆弱性 CWE-20
不適切な入力確認 		CVE-2012-6560 2013-05-27 15:54 2013-05-23 Show GitHub Exploit DB Packet Storm
225845 5 警告 Wireshark - Wireshark における重要なホスト名の情報を取得される脆弱性 CWE-200
情報漏えい 		CVE-2012-6052 2013-05-27 15:54 2012-11-28 Show GitHub Exploit DB Packet Storm
225846 4.3 警告 FreeNAC - FreeNAC におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2012-6559 2013-05-27 15:52 2013-05-23 Show GitHub Exploit DB Packet Storm
225847 6.8 警告 Heaventools Software - HeavenTools PE Explorer におけるヒープベースのバッファオーバーフローの脆弱性 CWE-119
バッファエラー 		CVE-2012-6558 2013-05-27 15:46 2012-05-18 Show GitHub Exploit DB Packet Storm
225848 4.4 警告 GNU Project - GNU Grep おける整数オーバーフローの脆弱性 CWE-189
数値処理の問題 		CVE-2012-5667 2013-05-27 15:46 2012-12-21 Show GitHub Exploit DB Packet Storm
225849 4.3 警告 zodiacdm - Vanilla Forums 用の AboutMe プラグインにおけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2012-6557 2013-05-27 15:43 2013-05-23 Show GitHub Exploit DB Packet Storm
225850 4.3 警告 jspautsch - Vanilla Forums 用の FirstLastNames プラグインにおけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2012-6556 2013-05-27 15:41 2013-05-23 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:June 2, 2026, 4:18 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
209811 6.1 MEDIUM
Network 		car_rental_management_system_project car_rental_management_system A Persistent Cross-Site Scripting (XSS) vulnerability in message_admin.php in Projectworlds Car Rental Management System v1.0 allows unauthenticated remote attackers to harvest an admin login session… CWE-79
Cross-site Scripting 		CVE-2020-23832 2024-11-21 14:14 2020-10-6 Show GitHub Exploit DB Packet Storm
209812 9.8 CRITICAL
Network 		szuray
jtechdigital
provideoinstruments 		iptv\/h.264_video_encoder_firmware
iptv\/h.265_video_encoder_firmware
h.264_iptv_encoder_1080p\@60hz_firmware
vecaster-hd-h264_firmware
vecaster-hd-hevc_firmware
vecaster-4k-hevc_firmw… 		An issue was discovered in the box application on HiSilicon based IPTV/H.264/H.265 video encoders. Attackers can use hard-coded credentials in HTTP requests to perform any administrative task on the … CWE-798
 Use of Hard-coded Credentials 		CVE-2020-24215 2024-11-21 14:14 2020-10-6 Show GitHub Exploit DB Packet Storm
209813 9.8 CRITICAL
Network 		szuray
jtechdigital
provideoinstruments 		iptv\/h.264_video_encoder_firmware
iptv\/h.265_video_encoder_firmware
h.264_iptv_encoder_1080p\@60hz_firmware
vecaster-hd-h264_firmware
vecaster-hd-hevc_firmware
vecaster-4k-hevc_firmw… 		An issue was discovered in the box application on HiSilicon based IPTV/H.264/H.265 video encoders. Attackers can send a crafted unauthenticated RTSP request to cause a buffer overflow and application… NVD-CWE-Other
CVE-2020-24214 2024-11-21 14:14 2020-10-6 Show GitHub Exploit DB Packet Storm
209814 9.8 CRITICAL
Network 		jumpmind symmetricds Symmetric DS <3.12.0 uses mx4j to provide access to JMX over HTTP. mx4j, by default, has no auth and is available on all interfaces. An attacker can interact with JMX: get system info, and invoke MBe… NVD-CWE-noinfo
CVE-2020-24231 2024-11-21 14:14 2020-10-6 Show GitHub Exploit DB Packet Storm
209815 7.2 HIGH
Network 		zohocorp manageengine_desktop_central An issue was discovered in the client side of Zoho ManageEngine Desktop Central 10.0.0.SP-534. An attacker-controlled server can trigger an integer overflow in InternetSendRequestEx and InternetSendR… CWE-787
CWE-190
 Out-of-bounds Write
 Integer Overflow or Wraparound 		CVE-2020-24397 2024-11-21 14:14 2020-10-3 Show GitHub Exploit DB Packet Storm
209816 7.8 HIGH
Local 		cloudflare cloudflared `cloudflared` versions prior to 2020.8.1 contain a local privilege escalation vulnerability on Windows systems. When run on a Windows system, `cloudflared` searches for configuration files which coul… CWE-427
 Uncontrolled Search Path Element 		CVE-2020-24356 2024-11-21 14:14 2020-10-3 Show GitHub Exploit DB Packet Storm
209817 7.8 HIGH
Local 		trendmicro apex_one A vulnerability in Trend Micro Apex One may allow a local attacker to manipulate the process of the security agent unload option (if configured), which then could be manipulated to gain a privilege e… CWE-287
Improper Authentication 		CVE-2020-24563 2024-11-21 14:14 2020-09-29 Show GitHub Exploit DB Packet Storm
209818 7.8 HIGH
Local 		trendmicro officescan A vulnerability in Trend Micro OfficeScan XG SP1 on Microsoft Windows may allow an attacker to create a hard link to any file on the system, which then could be manipulated to gain a privilege escala… CWE-59
Link Following 		CVE-2020-24562 2024-11-21 14:14 2020-09-29 Show GitHub Exploit DB Packet Storm
209819 8.8 HIGH
Network 		multi_user_project multi_user A Cross-Site Request Forgery (CSRF) vulnerability in the Multi User plugin 1.8.2 for GetSimple CMS allows remote attackers to add admin (or other) users after an authenticated admin visits a third-pa… CWE-352
 Origin Validation Error 		CVE-2020-23837 2024-11-21 14:14 2020-09-25 Show GitHub Exploit DB Packet Storm
209820 8.8 HIGH
Network 		gemteks wrtm-127acn_firmware
wrtm-127x9_firmware 		An issue was discovered on Gemtek WRTM-127ACN 01.01.02.141 and WRTM-127x9 01.01.02.127 devices. The Monitor Diagnostic network page allows an authenticated attacker to execute a command directly on t… CWE-78
CWE-1188
OS Command 
 Insecure Default Initialization of Resource 		CVE-2020-24365 2024-11-21 14:14 2020-09-25 Show GitHub Exploit DB Packet Storm