Vulnerability Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":May 31, 2026, 6 p.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
226591	6	警告	guybedford	-	Drupal 用 Live CSS モジュールにおける任意のコードを実行される脆弱性	CWE-Other その他	CVE-2013-0206	2013-03-22 16:13	2013-01-9	Show	GitHub Exploit DB Packet Storm

226592	6.8	警告	Klaus Purer	-	Drupal 用 RESTful Web Services モジュールにおけるクロスサイトリクエストフォージェリの脆弱性	CWE-352 同一生成元ポリシー違反	CVE-2013-0205	2013-03-22 16:13	2013-01-16	Show	GitHub Exploit DB Packet Storm

226593	3.6	注意	レッドハット	-	libvirt におけるファイルを上書きされる脆弱性	CWE-264 認可・権限・アクセス制御	CVE-2013-1766	2013-03-22 16:08	2013-03-20	Show	GitHub Exploit DB Packet Storm

226594	5	警告	ZoneMinder	-	ZoneMinder におけるディレクトリトラバーサルの脆弱性	CWE-22 パス・トラバーサル	CVE-2013-0332	2013-03-22 15:52	2011-05-30	Show	GitHub Exploit DB Packet Storm

226595	7.5	危険	ZoneMinder	-	ZoneMinder の includes/functions.php における任意のコマンドを実行される脆弱性	CWE-noinfo 情報不足	CVE-2013-0232	2013-03-22 15:51	2013-01-25	Show	GitHub Exploit DB Packet Storm

226596	5.1	警告	David King	-	Vino における UPnP ルータのポートがオープンになる問題	CWE-Other その他	CVE-2011-1165	2013-03-22 14:43	2013-03-12	Show	GitHub Exploit DB Packet Storm

226597	4.6	警告	David King	-	Vino における外部ネットワークに接続される脆弱性	CWE-16 環境設定	CVE-2011-1164	2013-03-22 14:24	2013-03-12	Show	GitHub Exploit DB Packet Storm

226598	6	警告	Samba Project	-	Samba における任意のファイルを読まれる脆弱性	CWE-264 認可・権限・アクセス制御	CVE-2013-1863	2013-03-22 13:50	2013-03-19	Show	GitHub Exploit DB Packet Storm

226599	5	警告	シトリックス・システムズ	-	Citrix Access Gateway Standard Edition における脆弱性	CWE-264 認可・権限・アクセス制御	CVE-2013-2263	2013-03-22 13:46	2013-03-5	Show	GitHub Exploit DB Packet Storm

226600	7.2	危険	アップル	-	Apple iOS および Apple TV のカーネルにおける権限を取得される脆弱性	CWE-noinfo 情報不足	CVE-2013-0981	2013-03-22 12:30	2013-03-19	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:May 31, 2026, 4:16 a.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
209131	9.8	CRITICAL Network	heybbs_project	heybbs	Heybbs v1.2 has a SQL injection vulnerability in login.php file via the username parameter which may allow a remote attacker to execute arbitrary code.	CWE-89 SQL Injection	CVE-2020-25006	2024-11-21 14:16	2020-09-4	Show	GitHub Exploit DB Packet Storm

209132	9.8	CRITICAL Network	heybbs_project	heybbs	Heybbs v1.2 has a SQL injection vulnerability in msg.php file via the ID parameter which may allow a remote attacker to execute arbitrary code.	CWE-89 SQL Injection	CVE-2020-25005	2024-11-21 14:16	2020-09-4	Show	GitHub Exploit DB Packet Storm

209133	9.8	CRITICAL Network	heybbs_project	heybbs	Heybbs v1.2 has a SQL injection vulnerability in user.php file via the ID parameter which may allow a remote attacker to execute arbitrary code.	CWE-89 SQL Injection	CVE-2020-25004	2024-11-21 14:16	2020-09-4	Show	GitHub Exploit DB Packet Storm

209134	6.5	MEDIUM Network	xmlsoft debian fedoraproject opensuse netapp oracle	libxml2 debian_linux fedora leap snapdrive clustered_data_ontap clustered_data_ontap_antivirus_connector active_iq_unified_manager manageability_software_development_kit in…	GNOME project libxml2 v2.9.10 has a global buffer over-read vulnerability in xmlEncodeEntitiesInternal at libxml2/entities.c. The issue has been fixed in commit 50f06b3e.	CWE-125 Out-of-bounds Read	CVE-2020-24977	2024-11-21 14:16	2020-09-4	Show	GitHub Exploit DB Packet Storm

209135	9.8	CRITICAL Network	pancakeapp	pancake	Use of a hard-coded cryptographic key in Pancake versions < 4.13.29 allows an attacker to forge session cookies, which may lead to remote privilege escalation.	CWE-798 Use of Hard-coded Credentials	CVE-2020-24876	2024-11-21 14:16	2020-09-4	Show	GitHub Exploit DB Packet Storm

209136	7.2	HIGH Network	maracms	maracms	An arbitrary file upload issue exists in Mara CMS 7.5. In order to exploit this, an attacker must have a valid authenticated (admin/manager) session and make a codebase/dir.php?type=filenew request t…	CWE-434 Unrestricted Upload of File with Dangerous Type	CVE-2020-25042	2024-11-21 14:16	2020-09-4	Show	GitHub Exploit DB Packet Storm

209137	7.2	HIGH Network	autoptimize	autoptimize	The ao_ccss_import AJAX call in Autoptimize Wordpress Plugin 2.7.6 does not ensure that the file provided is a legitimate Zip file, allowing high privilege users to upload arbitrary files, such as PH…	CWE-434 Unrestricted Upload of File with Dangerous Type	CVE-2020-24948	2024-11-21 14:16	2020-09-4	Show	GitHub Exploit DB Packet Storm

209138	5.5	MEDIUM Local	midnightbsd freebsd	midnightbsd freebsd	A memory corruption vulnerability was found in the kernel function kern_getfsstat in MidnightBSD before 1.2.7 and 1.3 through 2020-08-19, and FreeBSD through 11.4, that allows an attacker to trigger …	CWE-787 Out-of-bounds Write	CVE-2020-24863	2024-11-21 14:16	2020-09-4	Show	GitHub Exploit DB Packet Storm

209139	8.8	HIGH Network	php-fusion	php-fusion	Privilege escalation in PHP-Fusion 9.03.50 downloads/downloads.php allows an authenticated user (not admin) to send a crafted request to the server and perform remote command execution (RCE).	NVD-CWE-noinfo	CVE-2020-24949	2024-11-21 14:16	2020-09-3	Show	GitHub Exploit DB Packet Storm

209140	7.8	HIGH Local	kaspersky	security_center_web_console security_center	Installers of Kaspersky Security Center and Kaspersky Security Center Web Console prior to 12 & prior to 12 Patch A were vulnerable to a DLL hijacking attack that allowed an attacker to elevate privi…	CWE-427 Uncontrolled Search Path Element	CVE-2020-25045	2024-11-21 14:16	2020-09-3	Show	GitHub Exploit DB Packet Storm

Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed