Vulnerability Search Top

Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

Vulnerability Information Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":May 24, 2026, 6 p.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
226371	2.6	注意	コンクリートファイブ	-	concrete5 におけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2012-5181	2013-02-20 16:01	2012-12-21	Show	GitHub Exploit DB Packet Storm

226372	7.2	危険	マイクロソフト	-	Microsoft Windows のカーネルモードドライバ内の win32k.sys における権限昇格の脆弱性	CWE-264 認可・権限・アクセス制御	CVE-2013-0008	2013-02-20 14:31	2013-01-8	Show	GitHub Exploit DB Packet Storm

226373	7.5	危険	Google	-	Linux 上で稼働する Google Chrome における脆弱性	CWE-264 認可・権限・アクセス制御	CVE-2013-0838	2013-02-20 13:41	2013-01-10	Show	GitHub Exploit DB Packet Storm

226374	7.5	危険	Google	-	Google Chrome におけるサービス運用妨害 (DoS) の脆弱性	CWE-20 不適切な入力確認	CVE-2013-0837	2013-02-20 13:40	2013-01-10	Show	GitHub Exploit DB Packet Storm

226375	6.8	警告	Google	-	Google Chrome で使用される Google V8 におけるサービス運用妨害 (DoS) の脆弱性	CWE-399 リソース管理の問題	CVE-2013-0836	2013-02-20 13:39	2013-01-10	Show	GitHub Exploit DB Packet Storm

226376	5	警告	Google	-	Google Chrome の Geolocation の実装におけるサービス運用妨害 (アプリケーションクラッシュ) の脆弱性	CWE-noinfo 情報不足	CVE-2013-0835	2013-02-20 13:37	2013-01-10	Show	GitHub Exploit DB Packet Storm

226377	5	警告	Google	-	Google Chrome におけるサービス運用妨害 (out-of-bounds read) の脆弱性	CWE-119 バッファエラー	CVE-2013-0834	2013-02-20 13:36	2013-01-10	Show	GitHub Exploit DB Packet Storm

226378	5	警告	Google	-	Google Chrome のサービス運用妨害 (out-of-bounds read) の脆弱性	CWE-119 バッファエラー	CVE-2013-0833	2013-02-20 13:35	2013-01-10	Show	GitHub Exploit DB Packet Storm

226379	7.5	危険	Google	-	Google Chrome におけるサービス運用妨害 (DoS) の脆弱性	CWE-399 リソース管理の問題	CVE-2013-0832	2013-02-20 13:31	2013-01-10	Show	GitHub Exploit DB Packet Storm

226380	7.5	危険	Google	-	Google Chrome におけるディレクトリトラバーサルの脆弱性	CWE-22 パス・トラバーサル	CVE-2013-0831	2013-02-20 13:30	2013-01-10	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:May 24, 2026, 4:05 a.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
209741	5.4	MEDIUM Network	altn	mdaemon_webmail	Stored cross-site scripting (XSS) in file attachment field in MDaemon webmail 19.5.5 allows an attacker to execute code on the email recipient side while forwarding an email to perform potentially ma…	CWE-79 Cross-site Scripting	CVE-2020-18723	2024-11-21 14:08	2021-02-4	Show	GitHub Exploit DB Packet Storm

209742	9.8	CRITICAL Network	apache	shiro	Apache Shiro before 1.7.1, when using Apache Shiro with Spring, a specially crafted HTTP request may cause an authentication bypass.	CWE-287 Improper Authentication	CVE-2020-17523	2024-11-21 14:08	2021-02-4	Show	GitHub Exploit DB Packet Storm

209743	7.5	HIGH Network	apache	cassandra	Apache Cassandra versions 2.1.0 to 2.1.22, 2.2.0 to 2.2.19, 3.0.0 to 3.0.23, and 3.11.0 to 3.11.9, when using 'dc' or 'rack' internode_encryption setting, allows both encrypted and unencrypted intern…	CWE-290 Authentication Bypass by Spoofing	CVE-2020-17516	2024-11-21 14:08	2021-02-4	Show	GitHub Exploit DB Packet Storm

209744	9.8	CRITICAL Network	dlink	dsr-250_firmware dsr-1000n_firmware	The D-Link DSR-250 (3.14) DSR-1000N (2.11B201) UPnP service contains a command injection vulnerability, which can cause remote command execution.	CWE-78 OS Command	CVE-2020-18568	2024-11-21 14:08	2021-02-2	Show	GitHub Exploit DB Packet Storm

209745	5.8	MEDIUM Network	apache	traffic_control	When ORT (now via atstccfg) generates ip_allow.config files in Apache Traffic Control 3.0.0 to 3.1.0 and 4.0.0 to 4.1.0, those files include permissions that allow bad actors to push arbitrary conten…	CWE-732 Incorrect Permission Assignment for Critical Resource	CVE-2020-17522	2024-11-21 14:08	2021-01-27	Show	GitHub Exploit DB Packet Storm

209746	8.8	HIGH Network	apache	java_chassis	When handler-router component is enabled in servicecomb-java-chassis, authenticated user may inject some data and cause arbitrary code execution. The problem happens in versions between 2.0.0 ~ 2.1.3…	CWE-502 Deserialization of Untrusted Data	CVE-2020-17532	2024-11-21 14:08	2021-01-25	Show	GitHub Exploit DB Packet Storm

209747	7.0	HIGH Local	apache	html\/java_api	There exists a race condition between the deletion of the temporary file and the creation of the temporary directory in `webkit` subproject of HTML/Java API version 1.7. A similar vulnerability has r…	CWE-362 Race Condition	CVE-2020-17534	2024-11-21 14:08	2021-01-12	Show	GitHub Exploit DB Packet Storm

209748	7.5	HIGH Network	apache	traffic_server	ATS negative cache option is vulnerable to a cache poisoning attack. If you have this option enabled, please upgrade or disable this feature. Apache Traffic Server versions 7.0.0 to 7.1.11 and 8.0.0 …	CWE-444 HTTP Request Smuggling	CVE-2020-17509	2024-11-21 14:08	2021-01-11	Show	GitHub Exploit DB Packet Storm

209749	7.5	HIGH Network	apache	traffic_server	The ATS ESI plugin has a memory disclosure vulnerability. If you are running the plugin please upgrade. Apache Traffic Server versions 7.0.0 to 7.1.11 and 8.0.0 to 8.1.0 are affected.	NVD-CWE-noinfo	CVE-2020-17508	2024-11-21 14:08	2021-01-11	Show	GitHub Exploit DB Packet Storm

209750	7.2	HIGH Network	barco	transform_n	The NDN-210 has a web administration panel which is made available over https. There is a command injection issue that will allow authenticated users to the administration panel to perform authentica…	CWE-77 Command Injection	CVE-2020-17504	2024-11-21 14:08	2021-01-9	Show	GitHub Exploit DB Packet Storm