Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":July 1, 2026, 6 p.m.

No CVSS Level
Attach Vector
Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show
Exploit
PoC
Search
226291 4.7 警告 Linux - AMD K7 および K8 プラットフォーム上で稼働する Linux Kernel におけるサービス運用妨害 (DoS) の脆弱性 CWE-264
認可・権限・アクセス制御
CVE-2014-1438 2014-01-22 16:03 2014-01-15 Show GitHub Exploit DB Packet Storm
226292 9.3 危険 Hexagon - Intergraph ERDAS ER Viewer の ermapper_u.dll におけるスタックベースのバッファオーバーフローの脆弱性 CWE-119
バッファエラー
CVE-2013-3483 2014-01-22 14:56 2013-05-27 Show GitHub Exploit DB Packet Storm
226293 9.3 危険 Hexagon - Intergraph ERDAS ER Viewer の ermapper_u.dll におけるスタックベースのバッファオーバーフローの脆弱性 CWE-119
バッファエラー
CVE-2013-3482 2014-01-22 14:54 2013-05-27 Show GitHub Exploit DB Packet Storm
226294 5 警告 Puppet
Canonical
オラクル
- Puppet における SSLv2 ダウングレード攻撃を実行される脆弱性 CWE-noinfo
情報不足
CVE-2013-1654 2014-01-22 14:17 2013-03-12 Show GitHub Exploit DB Packet Storm
226295 5 警告 ウェブセンス
オラクル
- Websense Email Security の SMTP コンポーネントにおける重要な情報を取得される脆弱性 CWE-200
情報漏えい
CVE-2012-4605 2014-01-22 14:08 2012-08-23 Show GitHub Exploit DB Packet Storm
226296 7.8 危険 サイバートラスト株式会社
Apache Software Foundation
オラクル
- Apache Tomcat のデフォルト設定における SSL 通信により安全でない暗号スイートが適用される問題 CWE-DesignError
CVE-2007-1858 2014-01-22 13:56 2007-05-9 Show GitHub Exploit DB Packet Storm
226297 6.8 警告 サイバートラスト株式会社
Mozilla Foundation
サン・マイクロシステムズ
ターボリナックス
ヒューレット・パッカード
オラクル
レッドハット
- Mozilla Network Security Services (NSS) における SSLv2 サーバでのスタックオーバーフローの脆弱性 CWE-119
バッファエラー
CVE-2007-0009 2014-01-22 13:50 2007-02-26 Show GitHub Exploit DB Packet Storm
226298 6.8 警告 VMware - VMware vCloud Director におけるクロスサイトリクエストフォージェリの脆弱性 CWE-352
同一生成元ポリシー違反
CVE-2014-1211 2014-01-22 11:29 2014-01-16 Show GitHub Exploit DB Packet Storm
226299 3.3 注意 VMware - 複数の VMware 製品におけるサービス運用妨害 (DoS) の脆弱性 CWE-DesignError
CVE-2014-1208 2014-01-22 11:29 2014-01-16 Show GitHub Exploit DB Packet Storm
226300 4.3 警告 VMware - VMware ESXi および ESX におけるサービス運用妨害 (DoS) の脆弱性 CWE-Other
その他
CVE-2014-1207 2014-01-22 11:29 2014-01-16 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:July 1, 2026, 4:27 a.m.

No CVSS Level
Attach Vector
Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
213541 6.1 MEDIUM
Network
online_examination_system_project online_examination_system Cross-site scripting (XSS) vulnerability in Online Examination System 1.0 via the q parameter to feedback.php. CWE-79
Cross-site Scripting
CVE-2020-29257 2024-11-21 14:23 2020-12-10 Show GitHub Exploit DB Packet Storm
213542 7.5 HIGH
Network
plummac ik-401_firmware An improper webserver configuration on Plum IK-401 devices with firmware before 1.02 allows an attacker (with network access to the device) to obtain the configuration file, including hashed credenti… CWE-306
Missing Authentication for Critical Function
CVE-2020-28946 2024-11-21 14:23 2020-12-9 Show GitHub Exploit DB Packet Storm
213543 5.5 MEDIUM
Local
nlnetlabs
debian
unbound
name_server_daemon
debian_linux
NLnet Labs Unbound, up to and including version 1.12.0, and NLnet Labs NSD, up to and including version 4.3.3, contain a local vulnerability that would allow for a local symlink attack. When writing … CWE-59
Link Following
CVE-2020-28935 2024-11-21 14:23 2020-12-8 Show GitHub Exploit DB Packet Storm
213544 6.1 MEDIUM
Network
seeddms seeddms Cross-site scripting (XSS) exists in SeedDMS 6.0.13 via the folderid parameter to views/bootstrap/class.DropFolderChooser.php. CWE-79
Cross-site Scripting
CVE-2020-28727 2024-11-21 14:23 2020-12-7 Show GitHub Exploit DB Packet Storm
213545 7.8 HIGH
Local
kaspersky anti-ransomware_tool The installer of Kaspersky Anti-Ransomware Tool (KART) prior to KART 4.0 Patch C was vulnerable to a DLL hijacking attack that allowed an attacker to elevate privileges during installation process. CWE-427
 Uncontrolled Search Path Element
CVE-2020-28950 2024-11-21 14:23 2020-12-5 Show GitHub Exploit DB Packet Storm
213546 5.5 MEDIUM
Local
qemu
debian
qemu
debian_linux
hw/net/e1000e_core.c in QEMU 5.0.0 has an infinite loop via an RX descriptor with a NULL buffer address. CWE-835
 Loop with Unreachable Exit Condition ('Infinite Loop')
CVE-2020-28916 2024-11-21 14:23 2020-12-4 Show GitHub Exploit DB Packet Storm
213547 2.7 LOW
Network
lightbend play_framework An issue was discovered in Play Framework 2.8.0 through 2.8.4. Carefully crafted JSON payloads sent as a form field lead to Data Amplification. This affects users migrating from a Play version prior … NVD-CWE-Other
CVE-2020-28923 2024-11-21 14:23 2020-12-4 Show GitHub Exploit DB Packet Storm
213548 7.2 HIGH
Network
openclinic_project openclinic OpenClinic version 0.8.2 is affected by a medical/test_new.php insecure file upload vulnerability. This vulnerability allows authenticated users (with substantial privileges) to upload malicious file… CWE-434
 Unrestricted Upload of File with Dangerous Type 
CVE-2020-28939 2024-11-21 14:23 2020-12-4 Show GitHub Exploit DB Packet Storm
213549 5.4 MEDIUM
Network
openclinic_project openclinic OpenClinic version 0.8.2 is affected by a stored XSS vulnerability in lib/Check.php that allows users of the application to force actions on behalf of other users. CWE-79
Cross-site Scripting
CVE-2020-28938 2024-11-21 14:23 2020-12-4 Show GitHub Exploit DB Packet Storm
213550 7.5 HIGH
Network
openclinic_project openclinic OpenClinic version 0.8.2 is affected by a missing authentication vulnerability that allows unauthenticated users to access any patient's medical test results, possibly resulting in disclosure of Prot… CWE-306
CWE-425
Missing Authentication for Critical Function
 Direct Request ('Forced Browsing')
CVE-2020-28937 2024-11-21 14:23 2020-12-4 Show GitHub Exploit DB Packet Storm