Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":May 11, 2026, 12:16 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
225961 7.5 危険 xstate - Xstate Real Estate の page.html における SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2009-4477 2012-12-20 19:28 2009-12-30 Show GitHub Exploit DB Packet Storm
225962 7.5 危険 phpope - PHPope における PHP リモートファイルインクルージョンの脆弱性 CWE-94
コード・インジェクション 		CVE-2009-4472 2012-12-20 19:28 2009-12-30 Show GitHub Exploit DB Packet Storm
225963 4.3 警告 Redmine - Redmine におけるクロスサイトスクリプティング (XSS) を実行される脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2009-4459 2012-12-20 19:28 2009-12-30 Show GitHub Exploit DB Packet Storm
225964 7.5 危険 Provider4u - Vsftpd サーバ用の Vsftpd Webmin モジュールにおける脆弱性 CWE-noinfo
情報不足 		CVE-2009-4457 2012-12-20 19:28 2009-12-29 Show GitHub Exploit DB Packet Storm
225965 3.3 注意 saini - VideoCache の vccleaner における任意のファイルを上書きされる脆弱性 CWE-59
リンク解釈の問題 		CVE-2009-4454 2012-12-20 19:28 2009-12-29 Show GitHub Exploit DB Packet Storm
225966 8.8 危険 softcab - SoftCab Sound Converter ActiveX コントロール における任意のファイルを作成される脆弱性 CWE-Other
その他 		CVE-2009-4453 2012-12-20 19:28 2009-12-29 Show GitHub Exploit DB Packet Storm
225967 4.3 警告 サン・マイクロシステムズ - Sun Java System Directory Server Enterprise Edition の DPS におけるサービス運用妨害 (DoS) の脆弱性 CWE-noinfo
情報不足 		CVE-2009-4443 2012-12-20 19:28 2009-12-23 Show GitHub Exploit DB Packet Storm
225968 5 警告 サン・マイクロシステムズ - Sun Java System Directory Server Enterprise Edition の DPS におけるサービス運用妨害 (DoS) の脆弱性 CWE-16
環境設定 		CVE-2009-4442 2012-12-20 19:28 2009-12-23 Show GitHub Exploit DB Packet Storm
225969 5 警告 サン・マイクロシステムズ - Sun Java System Directory Server Enterprise Edition の DPS におけるサービス運用妨害 (DoS) の脆弱性 CWE-Other
その他 		CVE-2009-4441 2012-12-20 19:28 2009-12-23 Show GitHub Exploit DB Packet Storm
225970 6.8 警告 サン・マイクロシステムズ - Sun Java System Directory Server Enterprise Edition の DPS における認証されたユーザのバックエンドの接続をハイジャックされる脆弱性 CWE-362
競合状態 		CVE-2009-4440 2012-12-20 19:28 2009-12-23 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:May 11, 2026, 4:09 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
198081 7.4 HIGH
Network 		fujixerox easy_netprint The kantan netprint App for iOS 2.0.2 and earlier does not verify X.509 certificates from servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a cra… CWE-295
Improper Certificate Validation  		CVE-2020-5521 2024-11-21 14:34 2020-01-27 Show GitHub Exploit DB Packet Storm
198082 7.4 HIGH
Network 		fujixerox netprint The netprint App for iOS 3.2.3 and earlier does not verify X.509 certificates from servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted ce… CWE-295
Improper Certificate Validation  		CVE-2020-5520 2024-11-21 14:34 2020-01-27 Show GitHub Exploit DB Packet Storm
198083 7.9 HIGH
Adjacent 		philips hue_bridge_v2_firmware Philips Hue Bridge model 2.X prior to and including version 1935144020 contains a Heap-based Buffer Overflow when handling a long ZCL string during the commissioning phase, resulting in a remote code… CWE-787
 Out-of-bounds Write 		CVE-2020-6007 2024-11-21 14:34 2020-01-24 Show GitHub Exploit DB Packet Storm
198084 5.3 MEDIUM
Network 		vmware
oracle 		spring_framework
flexcube_private_banking
insurance_policy_administration_j2ee
insurance_rules_palette
retail_service_backbone
retail_back_office
weblogic_server
application_test… 		Spring Framework, versions 5.2.x prior to 5.2.3 are vulnerable to CSRF attacks through CORS preflight requests that target Spring MVC (spring-webmvc module) or Spring WebFlux (spring-webflux module) … CWE-352
 Origin Validation Error 		CVE-2020-5397 2024-11-21 14:34 2020-01-18 Show GitHub Exploit DB Packet Storm
198085 7.5 HIGH
Network 		vmware
oracle
netapp 		spring_framework
flexcube_private_banking
insurance_policy_administration_j2ee
insurance_rules_palette
retail_service_backbone
retail_back_office
weblogic_server
application_test… 		In Spring Framework, versions 5.2.x prior to 5.2.3, versions 5.1.x prior to 5.1.13, and versions 5.0.x prior to 5.0.16, an application is vulnerable to a reflected file download (RFD) attack when it … CWE-494
 Download of Code Without Integrity Check 		CVE-2020-5398 2024-11-21 14:34 2020-01-17 Show GitHub Exploit DB Packet Storm
198086 6.5 MEDIUM
Network 		phpbb phpbb phpBB 3.2.8 allows a CSRF attack that can approve pending group memberships. CWE-352
 Origin Validation Error 		CVE-2020-5502 2024-11-21 14:34 2020-01-15 Show GitHub Exploit DB Packet Storm
198087 4.3 MEDIUM
Network 		phpbb phpbb phpBB 3.2.8 allows a CSRF attack that can modify a group avatar. CWE-352
 Origin Validation Error 		CVE-2020-5501 2024-11-21 14:34 2020-01-15 Show GitHub Exploit DB Packet Storm
198088 7.2 HIGH
Network 		phpgurukul car_rental_portal PHPGurukul Car Rental Project v1.0 allows Remote Code Execution via an executable file in an upload of a new profile image. CWE-434
 Unrestricted Upload of File with Dangerous Type  		CVE-2020-5509 2024-11-21 14:34 2020-01-15 Show GitHub Exploit DB Packet Storm
198089 9.8 CRITICAL
Network 		vaaip freelancy Freelancy v1.0.0 allows remote command execution via the "file":"data:application/x-php;base64 substring (in conjunction with "type":"application/x-php"} to the /api/files/ URI. CWE-78
OS Command  		CVE-2020-5505 2024-11-21 14:34 2020-01-15 Show GitHub Exploit DB Packet Storm
198090 5.4 MEDIUM
Network 		f5 big-ip_access_policy_manager In BIG-IP APM portal access on versions 15.0.0-15.1.0, 14.0.0-14.1.2.3, 13.1.0-13.1.3.2, 12.1.0-12.1.5, and 11.5.2-11.6.5.1, when backend servers serve HTTP pages with special JavaScript code, this c… CWE-79
Cross-site Scripting 		CVE-2020-5853 2024-11-21 14:34 2020-01-15 Show GitHub Exploit DB Packet Storm