Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":May 12, 2026, 6 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
226281 4.9 警告 QNAP Systems - QNAP TS-239 Pro および TS-639 Pro における重要な情報を取得される脆弱性 CWE-310
暗号の問題 		CVE-2009-3279 2012-12-20 19:28 2009-09-21 Show GitHub Exploit DB Packet Storm
226282 4.9 警告 QNAP Systems - QNAP TS-239 Pro などにおける鍵を特定される脆弱性 CWE-310
暗号の問題 		CVE-2009-3278 2012-12-20 19:28 2009-09-21 Show GitHub Exploit DB Packet Storm
226283 5 警告 xenu by - datavault の DataVault.Tesla/Impl/TypeSystem/AssociationHelper.cs におけるサービス運用妨害 (DoS) の脆弱性 CWE-Other
その他 		CVE-2009-3277 2012-12-20 19:28 2009-09-21 Show GitHub Exploit DB Packet Storm
226284 7.5 危険 thomas cuchta - RQMS における SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2009-3259 2012-12-20 19:28 2009-09-18 Show GitHub Exploit DB Packet Storm
226285 9 危険 Vtiger - vtiger CRM における添付ファイルを削除される脆弱性 CWE-264
認可・権限・アクセス制御 		CVE-2009-3258 2012-12-20 19:28 2009-03-6 Show GitHub Exploit DB Packet Storm
226286 6.8 警告 thomas cuchta - RQMS における SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2009-3255 2012-12-20 19:28 2009-09-18 Show GitHub Exploit DB Packet Storm
226287 9.3 危険 ultimatevideosite - Ultimate Player におけるスタックベースのバッファオーバーフローの脆弱性 CWE-119
バッファエラー 		CVE-2009-3254 2012-12-20 19:28 2009-09-18 Show GitHub Exploit DB Packet Storm
226288 9.3 危険 tricerasoft - TriceraSoft Swift Ultralite におけるスタックベースのバッファオーバーフローの脆弱性 CWE-119
バッファエラー 		CVE-2009-3253 2012-12-20 19:28 2009-09-18 Show GitHub Exploit DB Packet Storm
226289 9 危険 Vtiger - vtiger CRM の Compose Mail 機能における任意のコードを実行される脆弱性 CWE-20
不適切な入力確認 		CVE-2009-3250 2012-12-20 19:28 2009-09-18 Show GitHub Exploit DB Packet Storm
226290 7.5 危険 Vtiger - vtiger CRM におけるディレクトリトラバーサルの脆弱性 CWE-22
パス・トラバーサル 		CVE-2009-3249 2012-12-20 19:28 2009-09-18 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:May 13, 2026, 5:05 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
210891 6.1 MEDIUM
Network 		gitlab gitlab A Stored Cross-Site Scripting vulnerability allowed the execution on Javascript payloads on the Metrics Dashboard in GitLab CE/EE 12.8 and later through 13.0.1 CWE-79
Cross-site Scripting 		CVE-2020-13267 2024-11-21 14:00 2020-06-11 Show GitHub Exploit DB Packet Storm
210892 9.8 CRITICAL
Network 		anydesk anydesk AnyDesk before 5.5.3 on Linux and FreeBSD has a format string vulnerability that can be exploited for remote code execution. CWE-134
Use of Externally-Controlled Format String 		CVE-2020-13160 2024-11-21 14:00 2020-06-10 Show GitHub Exploit DB Packet Storm
210893 4.3 MEDIUM
Network 		gitlab gitlab Insecure authorization in Project Deploy Keys in GitLab CE/EE 12.8 and later through 13.0.1 allows users to update permissions of other users' deploy keys under certain conditions CWE-862
 Missing Authorization 		CVE-2020-13266 2024-11-21 14:00 2020-06-10 Show GitHub Exploit DB Packet Storm
210894 9.8 CRITICAL
Network 		codedropz drag_and_drop_multiple_file_upload_-_contact_form_7 The drag-and-drop-multiple-file-upload-contact-form-7 plugin before 1.3.3.3 for WordPress allows Unrestricted File Upload and remote code execution by setting supported_type to php% and uploading a .… CWE-434
 Unrestricted Upload of File with Dangerous Type  		CVE-2020-12800 2024-11-21 14:00 2020-06-9 Show GitHub Exploit DB Packet Storm
210895 6.5 MEDIUM
Network 		libreoffice
opensuse
fedoraproject 		libreoffice
leap
fedora 		ODF documents can contain forms to be filled out by the user. Similar to HTML forms, the contained form data can be submitted to a URI, for example, to an external web server. To create submittable f… CWE-20
 Improper Input Validation  		CVE-2020-12803 2024-11-21 14:00 2020-06-9 Show GitHub Exploit DB Packet Storm
210896 7.5 HIGH
Network 		ui
w1.fi
asus
broadcom
canon
cisco
dlink
dell
epson
hp
huawei
nec
netgear
ruckussecurity
tp-link
zte
zyxel
microsoft
fedoraproject
debian
canonical 		unifi_controller
hostapd
rt-n11
adsl
selphy_cp1200
wap150
wap351
wap131
dvg-n5412sp
b1165nfw
ew-m970a3t
ep-101
xp-8500
xp-702
xp-340
xp-620
xp-320
x… 		The Open Connectivity Foundation UPnP specification before 2020-04-17 does not forbid the acceptance of a subscription request with a delivery URL on a different network segment than the fully qualif… CWE-276
Incorrect Default Permissions  		CVE-2020-12695 2024-11-21 14:00 2020-06-9 Show GitHub Exploit DB Packet Storm
210897 5.3 MEDIUM
Network 		libreoffice
fedoraproject
opensuse 		libreoffice
fedora
leap 		LibreOffice has a 'stealth mode' in which only documents from locations deemed 'trusted' are allowed to retrieve remote resources. This mode is not the default mode, but can be enabled by users who w… NVD-CWE-Other
CVE-2020-12802 2024-11-21 14:00 2020-06-9 Show GitHub Exploit DB Packet Storm
210898 8.8 HIGH
Network 		realtek adsl_router_soc_firmware A security misconfiguration vulnerability exists in the SDK of some Realtek ADSL/PON Modem SoC firmware, which allows attackers using a default password to execute arbitrary commands remotely via the… NVD-CWE-noinfo
CVE-2020-12773 2024-11-21 14:00 2020-06-8 Show GitHub Exploit DB Packet Storm
210899 7.5 HIGH
Network 		perl
netapp
fedoraproject
opensuse
oracle 		perl
snap_creator_framework
oncommand_workflow_automation
fedora
leap
communications_eagle_lnp_application_processor
sd-wan_edge
enterprise_manager_base_platform
communication… 		regcomp.c in Perl before 5.30.3 allows a buffer overflow via a crafted regular expression because of recursive S_study_chunk calls. CWE-120
Classic Buffer Overflow 		CVE-2020-12723 2024-11-21 14:00 2020-06-6 Show GitHub Exploit DB Packet Storm
210900 5.4 MEDIUM
Network 		pydio cells Pydio Cells 2.0.4 allows any user to upload a profile image to the web application, including standard and shared user roles. These profile pictures can later be accessed directly with the generated … CWE-79
Cross-site Scripting 		CVE-2020-12849 2024-11-21 14:00 2020-06-5 Show GitHub Exploit DB Packet Storm