Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":May 19, 2026, 6 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
226181 9.3 危険 マイクロソフト - Microsoft .NET Framework の Windows Forms コンポーネントにおけるバッファオーバーフローの脆弱性 CWE-119
バッファエラー 		CVE-2013-0002 2013-01-16 15:01 2013-01-8 Show GitHub Exploit DB Packet Storm
226182 9.3 危険 マイクロソフト - Microsoft .NET Framework の S.DS.P 名前空間メソッドにおけるバッファオーバーフローの脆弱性 CWE-119
バッファエラー 		CVE-2013-0003 2013-01-16 15:01 2013-01-8 Show GitHub Exploit DB Packet Storm
226183 7.8 危険 マイクロソフト - Microsoft .NET Framework および Windows Server 2012 におけるサービス運用妨害 (DoS) の脆弱性 CWE-20
不適切な入力確認 		CVE-2013-0005 2013-01-16 14:59 2013-01-8 Show GitHub Exploit DB Packet Storm
226184 3.5 注意 OpenStack - OpenStack Keystone における承認の制限を回避される脆弱性 CWE-255
証明書・パスワード管理 		CVE-2012-5571 2013-01-16 14:44 2012-11-28 Show GitHub Exploit DB Packet Storm
226185 5.8 警告 Orchard Project - Orchard の Users/Account/LogOff におけるオープンリダイレクトの脆弱性 CWE-20
不適切な入力確認 		CVE-2011-5252 2013-01-16 14:31 2011-12-21 Show GitHub Exploit DB Packet Storm
226186 4.3 警告 レッドハット - JBoss Application Server 用 IronJacamar コンテナにおけるアクセス権を取得される脆弱性 CWE-255
証明書・パスワード管理 		CVE-2012-3428 2013-01-15 17:56 2012-08-2 Show GitHub Exploit DB Packet Storm
226187 2.1 注意 オラクル - Oracle Mojarra におけるコンテキスト情報を取得される脆弱性 CWE-DesignError
CVE-2012-2672 2013-01-15 17:54 2012-06-17 Show GitHub Exploit DB Packet Storm
226188 10 危険 Apache Software Foundation - Apache CXF における脆弱性 CWE-noinfo
情報不足 		CVE-2012-2379 2013-01-15 17:53 2012-05-14 Show GitHub Exploit DB Packet Storm
226189 4.3 警告 Apache Software Foundation - Apache HTTP Server の mod_negotiation モジュールにおけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2008-0455 2013-01-15 17:51 2008-01-24 Show GitHub Exploit DB Packet Storm
226190 4.4 警告 rssh - rssh におけるシェルのアクセス制限を回避される脆弱性 CWE-Other
その他 		CVE-2012-2252 2013-01-15 14:59 2012-11-27 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:May 19, 2026, 4:16 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
213581 9.8 CRITICAL
Network 		draytek vigor300b_firmware
vigor3900_firmware
vigor2960_firmware 		A stack-based buffer overflow in /cgi-bin/activate.cgi while base64 decoding ticket parameter on Draytek Vigor3900, Vigor2960, and Vigor300B devices before 1.5.1 allows remote attackers to achieve co… CWE-787
 Out-of-bounds Write 		CVE-2020-10825 2024-11-21 13:56 2020-03-27 Show GitHub Exploit DB Packet Storm
213582 9.8 CRITICAL
Network 		draytek vigor300b_firmware
vigor3900_firmware
vigor2960_firmware 		A stack-based buffer overflow in /cgi-bin/activate.cgi through ticket parameter on Draytek Vigor3900, Vigor2960, and Vigor300B devices before 1.5.1 allows remote attackers to achieve code execution v… CWE-787
 Out-of-bounds Write 		CVE-2020-10824 2024-11-21 13:56 2020-03-27 Show GitHub Exploit DB Packet Storm
213583 9.8 CRITICAL
Network 		draytek vigor300b_firmware
vigor3900_firmware
vigor2960_firmware 		A stack-based buffer overflow in /cgi-bin/activate.cgi through var parameter on Draytek Vigor3900, Vigor2960, and Vigor300B devices before 1.5.1 allows remote attackers to achieve code execution via … CWE-787
 Out-of-bounds Write 		CVE-2020-10823 2024-11-21 13:56 2020-03-27 Show GitHub Exploit DB Packet Storm
213584 8.8 HIGH
Network 		fasterxml
debian
netapp
oracle 		jackson-databind
debian_linux
steelstore_cloud_integrated_storage
retail_xstore_point_of_service
primavera_unifier
retail_service_backbone
weblogic_server
retail_merchandising_sy… 		FasterXML jackson-databind 2.x before 2.9.10.4 mishandles the interaction between serialization gadgets and typing, related to javax.swing.JEditorPane. CWE-502
 Deserialization of Untrusted Data 		CVE-2020-10969 2024-11-21 13:56 2020-03-26 Show GitHub Exploit DB Packet Storm
213585 8.8 HIGH
Network 		fasterxml
debian
netapp
oracle 		jackson-databind
debian_linux
steelstore_cloud_integrated_storage
retail_xstore_point_of_service
primavera_unifier
retail_service_backbone
weblogic_server
retail_merchandising_sy… 		FasterXML jackson-databind 2.x before 2.9.10.4 mishandles the interaction between serialization gadgets and typing, related to org.aoju.bus.proxy.provider.remoting.RmiProvider (aka bus-proxy). CWE-502
 Deserialization of Untrusted Data 		CVE-2020-10968 2024-11-21 13:56 2020-03-26 Show GitHub Exploit DB Packet Storm
213586 6.5 MEDIUM
Network 		hestiacp
vestacp 		control_panel In the Password Reset Module in VESTA Control Panel through 0.9.8-25 and Hestia Control Panel before 1.1.1, Host header manipulation leads to account takeover because the victim receives a reset URL … NVD-CWE-Other
CVE-2020-10966 2024-11-21 13:56 2020-03-26 Show GitHub Exploit DB Packet Storm
213587 8.1 HIGH
Network 		teradici pcoip_management_console Teradici PCoIP Management Console 20.01.0 and 19.11.1 is vulnerable to unauthenticated password resets via login/resetadminpassword of the default admin account. This vulnerability only exists when t… CWE-287
CWE-306
Improper Authentication
Missing Authentication for Critical Function 		CVE-2020-10965 2024-11-21 13:56 2020-03-26 Show GitHub Exploit DB Packet Storm
213588 9.8 CRITICAL
Network 		s9y serendipity Serendipity before 2.3.4 on Windows allows remote attackers to execute arbitrary code because the filename of a renamed file may end with a dot. This file may then be renamed to have a .php filename. CWE-434
 Unrestricted Upload of File with Dangerous Type  		CVE-2020-10964 2024-11-21 13:56 2020-03-26 Show GitHub Exploit DB Packet Storm
213589 7.2 HIGH
Network 		frozennode laravel-administrator FrozenNode Laravel-Administrator through 5.0.12 allows unrestricted file upload (and consequently Remote Code Execution) via admin/tips_image/image/file_upload image upload with PHP content within a … CWE-434
 Unrestricted Upload of File with Dangerous Type  		CVE-2020-10963 2024-11-21 13:56 2020-03-26 Show GitHub Exploit DB Packet Storm
213590 9.8 CRITICAL
Network 		tp-link ac1750_firmware This vulnerability allows remote attackers to bypass authentication on affected installations of TP-Link Archer A7 Firmware Ver: 190726 AC1750 routers. Authentication is not required to exploit this … CWE-287
Improper Authentication 		CVE-2020-10888 2024-11-21 13:56 2020-03-26 Show GitHub Exploit DB Packet Storm