Vulnerability Search Top

Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

Vulnerability Information Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":May 9, 2026, 6 p.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
225961	7.5	危険	ZNC	-	ZNC におけるディレクトリトラバーサルの脆弱性	CWE-22 パス・トラバーサル	CVE-2009-2658	2012-12-20 19:10	2009-08-4	Show	GitHub Exploit DB Packet Storm

225962	9.3	危険	sorcerersoftware	-	Sorcerer Software MultiMedia Jukebox におけるヒープベースのバッファオーバーフローの脆弱性	CWE-119 バッファエラー	CVE-2009-2650	2012-12-20 19:10	2009-07-30	Show	GitHub Exploit DB Packet Storm

225963	6.8	警告	rich white	-	School Data Navigator の app_and_readme/navigator/index.php における PHP リモートファイルインクルージョンの脆弱性	CWE-94 コード・インジェクション	CVE-2009-2641	2012-12-20 19:10	2009-07-28	Show	GitHub Exploit DB Packet Storm

225964	7.5	危険	prosmdr	-	ProSMDR の login.aspx における SQL インジェクションの脆弱性	CWE-89 SQLインジェクション	CVE-2009-2612	2012-12-20 19:10	2009-07-27	Show	GitHub Exploit DB Packet Storm

225965	3.5	注意	scott courtney	-	Drupal 用の Links Package モジュールにおけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2009-2610	2012-12-20 19:10	2009-06-25	Show	GitHub Exploit DB Packet Storm

225966	7.5	危険	pinme	-	Joomla! 用の com_pinboard コンポーネントにおける SQL インジェクションの脆弱性	CWE-89 SQLインジェクション	CVE-2009-2607	2012-12-20 19:10	2009-07-27	Show	GitHub Exploit DB Packet Storm

225967	6.8	警告	traidnt	-	Traidnt Up の adminquery.php における SQL インジェクションの脆弱性	CWE-89 SQLインジェクション	CVE-2009-2605	2012-12-20 19:10	2009-07-27	Show	GitHub Exploit DB Packet Storm

225968	7.5	危険	zenhelpdesk	-	Zen Help Desk の adminlogin.asp における SQL インジェクションの脆弱性	CWE-89 SQLインジェクション	CVE-2009-2604	2012-12-20 19:10	2009-07-27	Show	GitHub Exploit DB Packet Storm

225969	5	警告	r2newsletter	-	R2 Newsletter におけるデータベースをダウンロードされる脆弱性	CWE-264 認可・権限・アクセス制御	CVE-2009-2602	2012-12-20 19:10	2009-07-27	Show	GitHub Exploit DB Packet Storm

225970	7.5	危険	radscripts	-	RadCLASSIFIEDS Gold の index.php における SQL インジェクションの脆弱性	CWE-89 SQLインジェクション	CVE-2009-2599	2012-12-20 19:10	2009-07-27	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:May 9, 2026, 5:07 a.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
211611	6.1	MEDIUM Network	redhat	keycloak single_sign-on	A flaw was found in Keycloak's data filter, in version 10.0.1, where it allowed the processing of data URLs in some circumstances. This flaw allows an attacker to conduct cross-site scripting or furt…	CWE-79 Cross-site Scripting	CVE-2020-10748	2024-11-21 13:55	2020-09-17	Show	GitHub Exploit DB Packet Storm

211612	4.3	MEDIUM Network	redhat	openshift	A content spoofing vulnerability was found in the openshift/console 3.11 and 4.x. This flaw allows an attacker to craft a URL and inject arbitrary text onto the error page that appears to be from the…	CWE-20 Improper Input Validation	CVE-2020-10715	2024-11-21 13:55	2020-09-17	Show	GitHub Exploit DB Packet Storm

211613	7.3	HIGH Local	postgresql	postgresql	The Windows installer for PostgreSQL 9.5 - 12 invokes system-provided executables that do not have fully-qualified paths. Executables in the directory where the installer loads or the current working…	CWE-426 Untrusted Search Path	CVE-2020-10733	2024-11-21 13:55	2020-09-17	Show	GitHub Exploit DB Packet Storm

211614	8.8	HIGH Network	vtenext	vtenext	A CSRF issue in vtecrm vtenext 19 CE allows attackers to carry out unwanted actions on an administrator's behalf, such as uploading files, adding users, and deleting accounts.	CWE-352 Origin Validation Error	CVE-2020-10229	2024-11-21 13:55	2020-09-15	Show	GitHub Exploit DB Packet Storm

211615	8.8	HIGH Network	vtenext	vtenext	A file upload vulnerability in vtecrm vtenext 19 CE allows authenticated users to upload files with a .pht extension, resulting in remote code execution.	CWE-434 Unrestricted Upload of File with Dangerous Type	CVE-2020-10228	2024-11-21 13:55	2020-09-15	Show	GitHub Exploit DB Packet Storm

211616	6.1	MEDIUM Network	vtenext	vtenext	A cross-site scripting (XSS) vulnerability in the messages module of vtecrm vtenext 19 CE allows attackers to inject arbitrary JavaScript code via the From field of an email.	CWE-79 Cross-site Scripting	CVE-2020-10227	2024-11-21 13:55	2020-09-15	Show	GitHub Exploit DB Packet Storm

211617	5.5	MEDIUM Local	linux	linux_kernel	A flaw was found in the Linux kernel's implementation of GRO in versions before 5.2. This flaw allows an attacker with local access to crash the system.	CWE-416 Use After Free	CVE-2020-10720	2024-11-21 13:55	2020-09-4	Show	GitHub Exploit DB Packet Storm

211618	8.8	HIGH Network	github	github	A remote code execution vulnerability was identified in GitHub Enterprise Server that could be exploited when building a GitHub Pages site. User-controlled configuration of the underlying parsers use…	NVD-CWE-noinfo	CVE-2020-10518	2024-11-21 13:55	2020-08-28	Show	GitHub Exploit DB Packet Storm

211619	4.3	MEDIUM Network	github	github	An improper access control vulnerability was identified in GitHub Enterprise Server that allowed authenticated users of the instance to determine the names of unauthorized private repositories given …	NVD-CWE-noinfo	CVE-2020-10517	2024-11-21 13:55	2020-08-28	Show	GitHub Exploit DB Packet Storm

211620	6.8	MEDIUM Physics	sintef	urx	Universal Robots controller execute URCaps (zip files containing Java-powered applications) without any permission restrictions and a wide API that presents many primitives that can compromise the ov…	CWE-269 Improper Privilege Management	CVE-2020-10290	2024-11-21 13:55	2020-08-22	Show	GitHub Exploit DB Packet Storm