Vulnerability Search Top

Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

Vulnerability Information Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":May 14, 2026, 6:01 p.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
226291	4.3	警告	phpMyFAQ	-	phpMyFAQ の index.php におけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2009-4780	2012-12-20 19:28	2009-12-1	Show	GitHub Exploit DB Packet Storm

226292	6.8	警告	Ubercart	-	Drupal 用の Ubercart モジュールにおけるクロスサイトリクエストフォージェリの脆弱性	CWE-352 同一生成元ポリシー違反	CVE-2009-4773	2012-12-20 19:28	2009-11-18	Show	GitHub Exploit DB Packet Storm

226293	4.3	警告	Ubercart	-	Drupal 用の Ubercart モジュールにおける重要な情報を取得される脆弱性	CWE-noinfo 情報不足	CVE-2009-4772	2012-12-20 19:28	2009-11-18	Show	GitHub Exploit DB Packet Storm

226294	5	警告	Ubercart	-	Drupal 用の Ubercart モジュールにおける不特定の "複製操作" を誘発される脆弱性	CWE-20 不適切な入力確認	CVE-2009-4771	2012-12-20 19:28	2009-11-18	Show	GitHub Exploit DB Packet Storm

226295	9	危険	Codeorigin	-	Sysax Multi Server におけるディレクトリトラバーサルの脆弱性	CWE-22 パス・トラバーサル	CVE-2009-4790	2012-12-20 19:28	2010-04-22	Show	GitHub Exploit DB Packet Storm

226296	7.2	危険	tukeva	-	TUKEVA Password Reminder における資格情報を発見される脆弱性	CWE-255 証明書・パスワード管理	CVE-2009-4781	2012-12-20 19:28	2010-04-21	Show	GitHub Exploit DB Packet Storm

226297	7.5	危険	robert garrigos	-	NukeHall における PHP リモートファイルインクルージョンの脆弱性	CWE-94 コード・インジェクション	CVE-2009-4779	2012-12-20 19:28	2010-04-21	Show	GitHub Exploit DB Packet Storm

226298	4.3	警告	Plohni	-	Plohni Shoutbox の index.php におけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2009-4767	2012-12-20 19:28	2010-04-20	Show	GitHub Exploit DB Packet Storm

226299	5	警告	yasirpro	-	YP Portal MS-Pro Surumu におけるデータベースをダウンロードされる脆弱性	CWE-264 認可・権限・アクセス制御	CVE-2009-4766	2012-12-20 19:28	2010-04-13	Show	GitHub Exploit DB Packet Storm

226300	6.8	警告	phpmyvisites	-	phpMyVisites に使用されている ClickHeat プラグインにおける脆弱性	CWE-noinfo 情報不足	CVE-2009-4763	2012-12-20 19:28	2010-03-30	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:May 14, 2026, 4 a.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
196861	9.8	CRITICAL Network	prosody debian	mod_auth_ldap2 mod_auth_ldap debian_linux	The mod_auth_ldap and mod_auth_ldap2 Community Modules through 2020-01-27 for Prosody incompletely verify the XMPP address passed to the is_admin() function. This grants remote entities admin-only fu…	CWE-863 Incorrect Authorization	CVE-2020-8086	2024-11-21 14:38	2020-01-29	Show	GitHub Exploit DB Packet Storm

196862	5.4	MEDIUM Network	liferay	liferay_portal	In LifeRay Portal CE 7.1.0 through 7.2.1 GA2, the First Name, Middle Name, and Last Name fields for user accounts in MyAccountPortlet are all vulnerable to a persistent XSS issue. Any user can modify…	CWE-79 Cross-site Scripting	CVE-2020-7934	2024-11-21 14:38	2020-01-28	Show	GitHub Exploit DB Packet Storm

196863	8.8	HIGH Network	super_file_explorer_project	super_file_explorer	An arbitrary file upload vulnerability has been discovered in the Super File Explorer app 1.0.1 for iOS. The vulnerability is located in the developer path that is accessible and hidden next to the r…	CWE-434 Unrestricted Upload of File with Dangerous Type	CVE-2020-7998	2024-11-21 14:38	2020-01-28	Show	GitHub Exploit DB Packet Storm

196864	6.1	MEDIUM Network	asus	rt-ac66u_firmware	ASUS WRT-AC66U 3 RT 3.0.0.4.372_67 devices allow XSS via the Client Name field to the Parental Control feature.	CWE-79 Cross-site Scripting	CVE-2020-7997	2024-11-21 14:38	2020-01-28	Show	GitHub Exploit DB Packet Storm

196865	6.1	MEDIUM Network	typo3	typo3	svg.swf in TYPO3 6.2.0 to 6.2.38 ELTS and 7.0.0 to 7.1.0 could allow an unauthenticated, remote attacker to conduct a cross-site scripting (XSS) attack on a targeted system. This may be at a contrib/…	CWE-79 Cross-site Scripting	CVE-2020-8091	2024-11-21 14:38	2020-01-28	Show	GitHub Exploit DB Packet Storm

196866	4.8	MEDIUM Network	a1	wlan_box_adb_vv2220_firmware	The Username field in the Storage Service settings of A1 WLAN Box ADB VV2220v2 devices allows stored XSS (after a successful Administrator login).	CWE-79 Cross-site Scripting	CVE-2020-8090	2024-11-21 14:38	2020-01-28	Show	GitHub Exploit DB Packet Storm

196867	9.8	CRITICAL Network	usebb	usebb	panel_login.php in UseBB 1.0.12 allows type juggling for login bypass because != is used instead of !== for password hashes, which mishandles hashes that begin with 0e followed by exclusively numeric…	NVD-CWE-noinfo	CVE-2020-8088	2024-11-21 14:38	2020-01-28	Show	GitHub Exploit DB Packet Storm

196868	9.8	CRITICAL Network	smc	d3g0804w_firmware	SMC Networks D3G0804W D3GNV5M-3.5.1.6.10_GA devices allow remote command execution by leveraging access to the Network Diagnostic Tools screen, as demonstrated by an admin login. The attacker must us…	CWE-20 Improper Input Validation	CVE-2020-8087	2024-11-21 14:38	2020-01-28	Show	GitHub Exploit DB Packet Storm

196869	7.8	HIGH Local	valvesoftware	dota_2	rendersystemdx9.dll in Valve Dota 2 before 7.23f allows remote attackers to achieve code execution or denial of service by creating a gaming server and inviting a victim to this server, because a cra…	NVD-CWE-noinfo	CVE-2020-7952	2024-11-21 14:38	2020-01-28	Show	GitHub Exploit DB Packet Storm

196870	7.8	HIGH Local	valvesoftware	dota_2	meshsystem.dll in Valve Dota 2 before 7.23e allows remote attackers to achieve code execution or denial of service by creating a gaming server and inviting a victim to this server, because a crafted …	CWE-787 Out-of-bounds Write	CVE-2020-7951	2024-11-21 14:38	2020-01-28	Show	GitHub Exploit DB Packet Storm