Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":May 12, 2026, 6 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
226171 4.3 警告 stefan auditor - Drupal 用の vCard モジュールにおけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2009-3779 2012-12-20 19:28 2009-10-21 Show GitHub Exploit DB Packet Storm
226172 7.5 危険 santostefano giovanni - ToyLog の read.php における SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2009-3750 2012-12-20 19:28 2009-10-22 Show GitHub Exploit DB Packet Storm
226173 5 警告 ウェブセンス - Websense Personal Email Manager および Email Security の Web Administrator サービスにおけるサービス運用妨害 (DoS) の脆弱性 CWE-Other
その他 		CVE-2009-3749 2012-12-20 19:28 2009-10-22 Show GitHub Exploit DB Packet Storm
226174 4.3 警告 ウェブセンス - Websense Personal Email Manager および Email Security の Web Administrator におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2009-3748 2012-12-20 19:28 2009-10-22 Show GitHub Exploit DB Packet Storm
226175 4.3 警告 tbmnet - TBmnetCMS の index.php におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2009-3747 2012-12-20 19:28 2009-10-22 Show GitHub Exploit DB Packet Storm
226176 10 危険 riorey - RioRey RIOS における権限を取得される脆弱性 CWE-255
証明書・パスワード管理 		CVE-2009-3710 2012-12-20 19:28 2009-10-16 Show GitHub Exploit DB Packet Storm
226177 5 警告 zoiper - ZoIPer におけるサービス運用妨害 (DoS) の脆弱性 CWE-Other
その他 		CVE-2009-3704 2012-12-20 19:28 2009-10-16 Show GitHub Exploit DB Packet Storm
226178 7.5 危険 php-calendar project - PHP-Calendar における絶対パストラバーサルの脆弱性 CWE-22
パス・トラバーサル 		CVE-2009-3702 2012-12-20 19:28 2009-12-22 Show GitHub Exploit DB Packet Storm
226179 5 警告 squidguard - squidGuard の sgLog.c におけるバッファオーバーフローの脆弱性 CWE-119
バッファエラー 		CVE-2009-3700 2012-12-20 19:28 2009-10-28 Show GitHub Exploit DB Packet Storm
226180 7.5 危険 The phpMyAdmin Project - phpMyAdmin の PDF スキーマジェネレータ機能における SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2009-3697 2012-12-20 19:28 2009-10-13 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:May 12, 2026, 5:06 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
200141 6.1 MEDIUM
Network 		tribalsystems zenario A vulnerability, which was classified as problematic, has been found in Tribal Systems Zenario CMS. Affected by this issue is some unknown functionality of the file admin_organizer.js of the componen… CWE-79
Cross-site Scripting 		CVE-2020-36608 2024-11-21 14:29 2022-11-3 Show GitHub Exploit DB Packet Storm
200142 7.1 HIGH
Local 		apple iphone_os
watchos
icloud
tvos
ipados
itunes
macos 		An out-of-bounds read was addressed with improved input validation. This issue is fixed in iCloud for Windows 11.4, iOS 14.0 and iPadOS 14.0, watchOS 7.0, tvOS 14.0, iCloud for Windows 7.21, iTunes f… CWE-125
Out-of-bounds Read 		CVE-2020-36521 2024-11-21 14:29 2022-09-24 Show GitHub Exploit DB Packet Storm
200143 8.1 HIGH
Network 		hapijs hoek hoek before 8.5.1 and 9.x before 9.0.3 allows prototype poisoning in the clone function. CWE-1321
 Improperly Controlled Modification of Object Prototype Attributes ('Prototype Pollution') 		CVE-2020-36604 2024-11-21 14:29 2022-09-23 Show GitHub Exploit DB Packet Storm
200144 6.1 MEDIUM
Physics 		huawei 576up005_hota-cm-h-shark-bd_firmware
577hota-cm-h-shark-bd_firmware
581up-hota-cm-h-shark-bd_firmware
586-hota-cm-h-shark-bd_firmware
588-hota-cm-h-shark-bd_firmware
606-hota-cm-h-shar… 		There is an out-of-bounds read and write vulnerability in some headset products. An unauthenticated attacker gets the device physically and crafts malformed message with specific parameter and sends … CWE-125
CWE-787
Out-of-bounds Read
 Out-of-bounds Write 		CVE-2020-36602 2024-11-21 14:29 2022-09-21 Show GitHub Exploit DB Packet Storm
200145 7.5 HIGH
Network 		huawei magic_ui
emui 		Out-of-bounds write vulnerability in the kernel modules. Successful exploitation of this vulnerability may cause a panic reboot. CWE-787
 Out-of-bounds Write 		CVE-2020-36601 2024-11-21 14:29 2022-09-17 Show GitHub Exploit DB Packet Storm
200146 7.5 HIGH
Network 		huawei magic_ui
emui 		Out-of-bounds write vulnerability in the power consumption module. Successful exploitation of this vulnerability may cause the system to restart. CWE-787
 Out-of-bounds Write 		CVE-2020-36600 2024-11-21 14:29 2022-09-17 Show GitHub Exploit DB Packet Storm
200147 6.5 MEDIUM
Local 		hoyoverse mhyprot2 The HoYoVerse (formerly miHoYo) Genshin Impact mhyprot2.sys 1.0.0.0 anti-cheat driver does not adequately restrict unprivileged function calls, allowing local, unprivileged users to execute arbitrary… NVD-CWE-noinfo
CVE-2020-36603 2024-11-21 14:29 2022-09-15 Show GitHub Exploit DB Packet Storm
200148 9.8 CRITICAL
Network 		omniauth omniauth lib/omniauth/failure_endpoint.rb in OmniAuth before 1.9.2 (and before 2.0) does not escape the message_key value. CWE-116
 Improper Encoding or Escaping of Output 		CVE-2020-36599 2024-11-21 14:29 2022-08-19 Show GitHub Exploit DB Packet Storm
200149 5.4 MEDIUM
Network 		atlassian confluence_server
confluence_data_center 		The Livesearch macro in Confluence Server and Data Center before version 7.4.5, from version 7.5.0 before 7.6.3, and from version 7.7.0 before version 7.7.4 allows remote attackers with permission to… CWE-79
Cross-site Scripting 		CVE-2020-36290 2024-11-21 14:29 2022-07-26 Show GitHub Exploit DB Packet Storm
200150 5.1 MEDIUM
Local 		linux linux_kernel A race condition in the Linux kernel before 5.5.7 involving VT_RESIZEX could lead to a NULL pointer dereference and general protection fault. CWE-362
CWE-476
Race Condition
 NULL Pointer Dereference 		CVE-2020-36558 2024-11-21 14:29 2022-07-21 Show GitHub Exploit DB Packet Storm