Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":May 11, 2026, 6:01 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
226191 4.3 警告 radactive - RADactive I-Load の WebCoreModule.ashx におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2009-3450 2012-12-20 19:28 2009-09-29 Show GitHub Exploit DB Packet Storm
226192 6.8 警告 radactive - RADactive I-Load における任意のコードを実行される脆弱性 CWE-362
競合状態 		CVE-2009-3447 2012-12-20 19:28 2009-09-29 Show GitHub Exploit DB Packet Storm
226193 7.5 危険 rick estrada - Joomla! 用の MyRemote Video Gallery コンポーネントにおける SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2009-3446 2012-12-20 19:28 2009-09-28 Show GitHub Exploit DB Packet Storm
226194 7.5 危険 witchakorn kamolpornwijit - Joomla! 用の facebook コンポーネントにおける SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2009-3438 2012-12-20 19:28 2009-09-28 Show GitHub Exploit DB Packet Storm
226195 7.2 危険 サン・マイクロシステムズ - Sun Solaris Cluster の configuration utility における権限を取得される脆弱性 CWE-noinfo
情報不足 		CVE-2009-3433 2012-12-20 19:28 2009-09-22 Show GitHub Exploit DB Packet Storm
226196 9.3 危険 pirateradio - Pirate Radio Destiny Media Player におけるスタックベースのバッファオーバーフローの脆弱性 CWE-119
バッファエラー 		CVE-2009-3429 2012-12-20 19:28 2009-09-25 Show GitHub Exploit DB Packet Storm
226197 6.8 警告 zenas - Zenas PaoLink の login.php における認証を回避される脆弱性 CWE-287
不適切な認証 		CVE-2009-3423 2012-12-20 19:28 2009-09-25 Show GitHub Exploit DB Packet Storm
226198 6.8 警告 zenas - Zenas PaoLiber の login.php における認証を回避される脆弱性 CWE-287
不適切な認証 		CVE-2009-3422 2012-12-20 19:28 2009-09-25 Show GitHub Exploit DB Packet Storm
226199 6.8 警告 zenas - Zenas PaoBacheca Guestbook の login.php における認証を回避される脆弱性 CWE-264
認可・権限・アクセス制御 		CVE-2009-3421 2012-12-20 19:28 2009-09-25 Show GitHub Exploit DB Packet Storm
226200 6.5 警告 Plume CMS - Plume CMS における SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2009-3418 2012-12-20 19:28 2009-09-25 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:May 11, 2026, 4:09 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
200091 5.4 MEDIUM
Network 		lavalite lavalite A stored cross site scripting (XSS) vulnerability in the /admin/roles/role component of LavaLite 5.8.0 allows authenticated attackers to execute arbitrary web scripts or HTML via a crafted payload en… CWE-79
Cross-site Scripting 		CVE-2020-36396 2024-11-21 14:29 2021-07-3 Show GitHub Exploit DB Packet Storm
200092 5.4 MEDIUM
Network 		lavalite lavalite A stored cross site scripting (XSS) vulnerability in the /admin/user/team component of LavaLite 5.8.0 allows authenticated attackers to execute arbitrary web scripts or HTML via a crafted payload ent… CWE-79
Cross-site Scripting 		CVE-2020-36395 2024-11-21 14:29 2021-07-3 Show GitHub Exploit DB Packet Storm
200093 8.8 HIGH
Network 		aomedia libavif libavif 0.8.0 and 0.8.1 has an out-of-bounds write in avifDecoderDataFillImageGrid. CWE-787
 Out-of-bounds Write 		CVE-2020-36407 2024-11-21 14:29 2021-07-1 Show GitHub Exploit DB Packet Storm
200094 8.8 HIGH
Network 		uwebsockets_project uwebsockets uWebSockets 18.11.0 and 18.12.0 has a stack-based buffer overflow in uWS::TopicTree::trimTree (called from uWS::TopicTree::unsubscribeAll). NOTE: the vendor's position is that this is "a minor issue … CWE-787
 Out-of-bounds Write 		CVE-2020-36406 2024-11-21 14:29 2021-07-1 Show GitHub Exploit DB Packet Storm
200095 7.8 HIGH
Local 		keystone-engine keystone_engine Keystone Engine 0.9.2 has a use-after-free in llvm_ks::X86Operand::getToken. CWE-416
 Use After Free 		CVE-2020-36405 2024-11-21 14:29 2021-07-1 Show GitHub Exploit DB Packet Storm
200096 7.8 HIGH
Local 		keystone-engine keystone Keystone Engine 0.9.2 has an invalid free in llvm_ks::SmallVectorImpl<llvm_ks::MCFixup>::~SmallVectorImpl. CWE-763
 Release of Invalid Pointer or Reference 		CVE-2020-36404 2024-11-21 14:29 2021-07-1 Show GitHub Exploit DB Packet Storm
200097 8.8 HIGH
Network 		htslib htslib HTSlib through 1.10.2 allows out-of-bounds write access in vcf_parse_format (called from vcf_parse and vcf_read). CWE-787
 Out-of-bounds Write 		CVE-2020-36403 2024-11-21 14:29 2021-07-1 Show GitHub Exploit DB Packet Storm
200098 7.8 HIGH
Local 		soliditylang solidity Solidity 0.7.5 has a stack-use-after-return issue in smtutil::CHCSmtLib2Interface::querySolver. NOTE: c39a5e2b7a3fabbf687f53a2823fc087be6c1a7e is cited in the OSV "fixed" field but does not have a co… CWE-787
 Out-of-bounds Write 		CVE-2020-36402 2024-11-21 14:29 2021-07-1 Show GitHub Exploit DB Packet Storm
200099 7.8 HIGH
Local 		mruby mruby mruby 2.1.2 has a double free in mrb_default_allocf (called from mrb_free and obj_free). CWE-415
 Double Free 		CVE-2020-36401 2024-11-21 14:29 2021-07-1 Show GitHub Exploit DB Packet Storm
200100 9.8 CRITICAL
Network 		zeromq libzmq ZeroMQ libzmq 4.3.3 has a heap-based buffer overflow in zmq::tcp_read, a different vulnerability than CVE-2021-20235. CWE-787
 Out-of-bounds Write 		CVE-2020-36400 2024-11-21 14:29 2021-07-1 Show GitHub Exploit DB Packet Storm