Vulnerability Search Top

Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

Vulnerability Information Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":May 12, 2026, 6 p.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
226031	4.3	警告	phpgroupware	-	phpGroupWare の login.php におけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2009-4416	2012-12-20 19:28	2009-12-24	Show	GitHub Exploit DB Packet Storm

226032	7.5	危険	phpgroupware	-	phpGroupWare におけるディレクトリトラバーサルの脆弱性	CWE-22 パス・トラバーサル	CVE-2009-4415	2012-12-20 19:28	2009-12-24	Show	GitHub Exploit DB Packet Storm

226033	6.8	警告	phpgroupware	-	phpGroupWare の phpgwapi /inc/class.auth_sql.inc.php における SQL インジェクションの脆弱性	CWE-89 SQLインジェクション	CVE-2009-4414	2012-12-20 19:28	2009-12-24	Show	GitHub Exploit DB Packet Storm

226034	5	警告	pps.jussieu	-	Polipo の client.c におけるサービス運用妨害 (DoS) の脆弱性	CWE-189 数値処理の問題	CVE-2009-4413	2012-12-20 19:28	2009-12-24	Show	GitHub Exploit DB Packet Storm

226035	6	警告	s9y	-	Serendipity における任意のコードを実行される脆弱性	CWE-Other その他	CVE-2009-4412	2012-12-20 19:28	2009-12-21	Show	GitHub Exploit DB Packet Storm

226036	3.7	注意	xfs	-	XFS acl の setfacl および getfacl コマンドにおける任意のファイルなど対する ACL を変更される脆弱性	CWE-264 認可・権限・アクセス制御	CVE-2009-4411	2012-12-20 19:28	2009-12-24	Show	GitHub Exploit DB Packet Storm

226037	4.3	警告	pyforum	-	PyForum および zForum の models.parser におけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2009-4408	2012-12-20 19:28	2009-12-23	Show	GitHub Exploit DB Packet Storm

226038	6.8	警告	pyforum	-	PyForum などにおけるクロスサイトリクエストフォージェリの脆弱性	CWE-352 同一生成元ポリシー違反	CVE-2009-4407	2012-12-20 19:28	2009-12-23	Show	GitHub Exploit DB Packet Storm

226039	4.3	警告	rumbacms	-	Rumba XML の index.php におけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2009-4403	2012-12-20 19:28	2009-12-23	Show	GitHub Exploit DB Packet Storm

226040	7.5	危険	sql-ledger	-	SQL-Ledger の初期設定における管理操作を実行される脆弱性	CWE-16 環境設定	CVE-2009-4402	2012-12-20 19:28	2009-12-23	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:May 12, 2026, 5:06 a.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
211311	8.8	HIGH Network	slack	nebula	Slack Nebula through 1.1.0 contains a relative path vulnerability that allows a low-privileged attacker to execute code in the context of the root user via tun_darwin.go or tun_windows.go. A user can…	CWE-22 Path Traversal	CVE-2020-11498	2024-11-21 13:58	2020-04-3	Show	GitHub Exploit DB Packet Storm

211312	4.4	MEDIUM Local	linux opensuse debian canonical	linux_kernel leap debian_linux ubuntu_linux	An issue was discovered in slc_bump in drivers/net/can/slcan.c in the Linux kernel 3.16 through 5.6.2. It allows attackers to read uninitialized can_frame data, potentially containing sensitive infor…	CWE-908 CWE-909 Use of Uninitialized Resource Missing Initialization of Resource	CVE-2020-11494	2024-11-21 13:58	2020-04-3	Show	GitHub Exploit DB Packet Storm

211313	4.9	MEDIUM Network	zevenet	zen_load_balancer	Monitoring::Logs in Zen Load Balancer 3.10.1 allows remote authenticated admins to conduct absolute path traversal attacks, as demonstrated by a filelog=/etc/shadow request to index.cgi.	CWE-22 Path Traversal	CVE-2020-11491	2024-11-21 13:58	2020-04-2	Show	GitHub Exploit DB Packet Storm

211314	7.2	HIGH Network	zevenet	zen_load_balancer	Manage::Certificates in Zen Load Balancer 3.10.1 allows remote authenticated admins to execute arbitrary OS commands via shell metacharacters in the index.cgi cert_issuer, cert_division, cert_organiz…	CWE-78 OS Command	CVE-2020-11490	2024-11-21 13:58	2020-04-2	Show	GitHub Exploit DB Packet Storm

211315	6.1	MEDIUM Network	bell	home_hub_3000_firmware	An issue was discovered on Bell HomeHub 3000 SG48222070 devices. There is XSS related to the email field and the login page.	CWE-79 Cross-site Scripting	CVE-2020-11448	2024-11-21 13:57	2023-11-17	Show	GitHub Exploit DB Packet Storm

211316	4.3	MEDIUM Network	bell	home_hub_3000_firmware	An issue was discovered on Bell HomeHub 3000 SG48222070 devices. Remote authenticated users can retrieve the serial number via cgi/json-req - this is an information leak because the serial number is …	NVD-CWE-noinfo	CVE-2020-11447	2024-11-21 13:57	2023-11-17	Show	GitHub Exploit DB Packet Storm

211317	8.2	HIGH Local	qualcomm	ar8035_firmware qca6390_firmware qca6391_firmware qca6426_firmware qca6436_firmware qca8337_firmware qca9984_firmware qcm2290_firmware qcm4290_firmware qcs2290_firmware …	An integer overflow due to improper check performed after the address and size passed are aligned in Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, S…	CWE-190 Integer Overflow or Wraparound	CVE-2020-11263	2024-11-21 13:57	2022-01-3	Show	GitHub Exploit DB Packet Storm

211318	8.6	HIGH Network	qualcomm	apq8009_firmware apq8053_firmware apq8064au_firmware apq8076_firmware apq8092_firmware apq8094_firmware apq8096au_firmware ar8031_firmware csr6030_firmware csra6620_firmwar…	Accepting AMSDU frames with mismatched destination and source address can lead to information disclosure in Snapdragon Auto, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Sna…	CWE-668 Exposure of Resource to Wrong Sphere	CVE-2020-11303	2024-11-21 13:57	2021-10-20	Show	GitHub Exploit DB Packet Storm

211319	9.8	CRITICAL Network	qualcomm	apq8053_firmware apq8064au_firmware apq8096au_firmware aqt1000_firmware ar8031_firmware ar8035_firmware csra6620_firmware csra6640_firmware csrb31024_firmware mdm9650_firmw…	Improper authentication of Non-EAPOL/WAPI plaintext frames during four-way handshake can lead to arbitrary network packet injection in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Sn…	CWE-287 Improper Authentication	CVE-2020-11264	2024-11-21 13:57	2021-09-8	Show	GitHub Exploit DB Packet Storm

211320	7.5	HIGH Network	qualcomm	apq8009_firmware apq8017_firmware apq8053_firmware apq8064au_firmware apq8096au_firmware aqt1000_firmware ar7420_firmware ar8031_firmware ar8035_firmware ar9380_firmware	Improper authentication of un-encrypted plaintext Wi-Fi frames in an encrypted network can lead to information disclosure in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon C…	CWE-287 Improper Authentication	CVE-2020-11301	2024-11-21 13:57	2021-09-8	Show	GitHub Exploit DB Packet Storm