Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":May 17, 2026, 6 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
226371 7.5 危険 flex project - Fast Lexical Analyzer Generator における脆弱性 CWE-noinfo
情報不足 		CVE-2010-0634 2012-12-20 19:28 2010-02-12 Show GitHub Exploit DB Packet Storm
226372 7.5 危険 webguerilla - Joomla! 用の Photoblog コンポーネントにおける SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2010-0610 2012-12-20 19:28 2010-02-11 Show GitHub Exploit DB Packet Storm
226373 4.3 警告 sterlitetechnologies - Sterlite SAM300 AX Router の Forms/status_statistics_1 におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2010-0607 2012-12-20 19:28 2010-02-11 Show GitHub Exploit DB Packet Storm
226374 7.5 危険 サン・マイクロシステムズ - Oracle OpenSolaris のデフォルト設定における脆弱性 CWE-16
環境設定 		CVE-2010-0559 2012-12-20 19:28 2010-01-25 Show GitHub Exploit DB Packet Storm
226375 7.5 危険 サン・マイクロシステムズ - Oracle OpenSolaris のデフォルト設定における脆弱性 CWE-16
環境設定 		CVE-2010-0558 2012-12-20 19:28 2010-01-25 Show GitHub Exploit DB Packet Storm
226376 5 警告 Xerox - Xerox WorkCentre 6400 System Software および Net Controller の Network Controller における "ディレクトリ構造" へアクセスされる脆弱性 CWE-200
情報漏えい 		CVE-2010-0549 2012-12-20 19:28 2010-01-22 Show GitHub Exploit DB Packet Storm
226377 5 警告 Xerox - Xerox WorkCentre 5632 などにおけるメールボックスへアクセスされる脆弱性 CWE-200
情報漏えい 		CVE-2010-0548 2012-12-20 19:28 2010-01-22 Show GitHub Exploit DB Packet Storm
226378 4.3 警告 SugarCRM - SugarCRM のオンライン Documents 機能におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2010-0465 2012-12-20 19:28 2010-03-19 Show GitHub Exploit DB Packet Storm
226379 5 警告 Roundcube.net - Roundcube における Web メールユーザのネットワークロケーションを特定される脆弱性 CWE-200
情報漏えい 		CVE-2010-0464 2012-12-20 19:28 2010-01-29 Show GitHub Exploit DB Packet Storm
226380 7.5 危険 yoflash - Joomla! 用の Mochigames における SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2010-0459 2012-12-20 19:28 2010-01-28 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:May 18, 2026, 4:12 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
213791 7.8 HIGH
Local 		cmsmadesimple cms_made_simple The Filemanager in CMS Made Simple 2.2.13 allows remote code execution via a .php.jpegd JPEG file, as demonstrated by m1_files[] to admin/moduleinterface.php. The file should be sent as application/o… CWE-434
 Unrestricted Upload of File with Dangerous Type  		CVE-2020-10682 2024-11-21 13:55 2020-03-20 Show GitHub Exploit DB Packet Storm
213792 5.4 MEDIUM
Network 		cmsmadesimple cms_made_simple The Filemanager in CMS Made Simple 2.2.13 has stored XSS via a .pxd file, as demonstrated by m1_files[] to admin/moduleinterface.php. CWE-79
Cross-site Scripting 		CVE-2020-10681 2024-11-21 13:55 2020-03-20 Show GitHub Exploit DB Packet Storm
213793 7.5 HIGH
Network 		canon oce_colorwave_500_firmware The web application exposed by the Canon Oce Colorwave 500 4.0.0.0 printer is vulnerable to authentication bypass on the page /home.jsp. An unauthenticated attacker able to connect to the device's we… CWE-287
Improper Authentication 		CVE-2020-10669 2024-11-21 13:55 2020-03-20 Show GitHub Exploit DB Packet Storm
213794 8.8 HIGH
Network 		canon oce_colorwave_500_firmware The Canon Oce Colorwave 500 4.0.0.0 printer's web application is missing any form of CSRF protections. This is a system-wide issue. An attacker could perform administrative actions by targeting a log… CWE-352
 Origin Validation Error 		CVE-2020-10671 2024-11-21 13:55 2020-03-20 Show GitHub Exploit DB Packet Storm
213795 6.1 MEDIUM
Network 		canon oce_colorwave_500_firmware The web application exposed by the Canon Oce Colorwave 500 4.0.0.0 printer is vulnerable to Reflected XSS in the parameter settingId of the settingDialogContent.jsp page. NOTE: this is fixed in the l… CWE-79
Cross-site Scripting 		CVE-2020-10670 2024-11-21 13:55 2020-03-20 Show GitHub Exploit DB Packet Storm
213796 6.1 MEDIUM
Network 		canon oce_colorwave_500_firmware The web application exposed by the Canon Oce Colorwave 500 4.0.0.0 printer is vulnerable to Reflected XSS in /home.jsp. The vulnerable parameter is openSI. NOTE: this is fixed in the latest version. CWE-79
Cross-site Scripting 		CVE-2020-10668 2024-11-21 13:55 2020-03-20 Show GitHub Exploit DB Packet Storm
213797 6.1 MEDIUM
Network 		canon oce_colorwave_500_firmware The web application exposed by the Canon Oce Colorwave 500 4.0.0.0 printer is vulnerable to Stored XSS in /TemplateManager/indexExternalLocation.jsp. The vulnerable parameter is map(template_name). N… CWE-79
Cross-site Scripting 		CVE-2020-10667 2024-11-21 13:55 2020-03-20 Show GitHub Exploit DB Packet Storm
213798 8.8 HIGH
Network 		octopus octopus_deploy In Octopus Deploy before 2020.1.5, for customers running on-premises Active Directory linked to their Octopus server, an authenticated user can leverage a bug to escalate privileges. NVD-CWE-noinfo
CVE-2020-10678 2024-11-21 13:55 2020-03-20 Show GitHub Exploit DB Packet Storm
213799 7.5 HIGH
Network 		jsonparser_project
fedoraproject 		jsonparser
fedora 		The Library API in buger jsonparser through 2019-12-04 allows attackers to cause a denial of service (infinite loop) via a Delete call. CWE-835
 Loop with Unreachable Exit Condition ('Infinite Loop') 		CVE-2020-10675 2024-11-21 13:55 2020-03-19 Show GitHub Exploit DB Packet Storm
213800 7.8 HIGH
Local 		denx
opensuse 		u-boot
leap 		Das U-Boot through 2020.01 allows attackers to bypass verified boot restrictions and subsequently boot arbitrary images by providing a crafted FIT image to a system configured to boot the default con… CWE-20
 Improper Input Validation  		CVE-2020-10648 2024-11-21 13:55 2020-03-19 Show GitHub Exploit DB Packet Storm