Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":May 14, 2026, 6:01 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
226611 6.5 警告 Plume CMS - Plume CMS における SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2009-3418 2012-12-20 19:28 2009-09-25 Show GitHub Exploit DB Packet Storm
226612 4.3 警告 Plohni - An image gallery におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2009-3367 2012-12-20 19:28 2009-09-24 Show GitHub Exploit DB Packet Storm
226613 5 警告 Plohni - An image gallery の navigation.php におけるディレクトリトラバーサルの脆弱性 CWE-22
パス・トラバーサル 		CVE-2009-3366 2012-12-20 19:28 2009-09-24 Show GitHub Exploit DB Packet Storm
226614 7.5 危険 traza - Aurora CMS の add-ons/modules/sysmanager/plugins/install.plugin.php における PHP リモートファイルインクルージョンの脆弱性 CWE-94
コード・インジェクション 		CVE-2009-3365 2012-12-20 19:28 2009-09-24 Show GitHub Exploit DB Packet Storm
226615 4.3 警告 ufku bayburt - Drupal 用の BUEditor モジュールにおけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2009-3363 2012-12-20 19:28 2009-09-9 Show GitHub Exploit DB Packet Storm
226616 7.5 危険 sznews - SZNews の printnews.php3 における PHP リモートファイルインクルージョンの脆弱性 CWE-94
コード・インジェクション 		CVE-2009-3362 2012-12-20 19:28 2009-09-24 Show GitHub Exploit DB Packet Storm
226617 7.5 危険 tourismscripts - Tourism Scripts Adult Portal エスコートリストの profile.php における SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2009-3358 2012-12-20 19:28 2009-09-24 Show GitHub Exploit DB Packet Storm
226618 7.5 危険 Plohni - Image voting の index.php における SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2009-3356 2012-12-20 19:28 2009-09-24 Show GitHub Exploit DB Packet Storm
226619 10 危険 Steve Lockwood - Drupal 用の Node2Node モジュールにおける脆弱性 CWE-noinfo
情報不足 		CVE-2009-3353 2012-12-20 19:28 2009-09-9 Show GitHub Exploit DB Packet Storm
226620 10 危険 roshan shah - Drupal 用の Quota by role モジュールにおける脆弱性 CWE-noinfo
情報不足 		CVE-2009-3352 2012-12-20 19:28 2009-09-9 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:May 14, 2026, 4 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
196511 7.4 HIGH
Network 		nextcloud social Missing validation of server certificates for out-going connections in Nextcloud Social < 0.4.0 allowed a man-in-the-middle attack. CWE-295
Improper Certificate Validation  		CVE-2020-8279 2024-11-21 14:38 2020-11-19 Show GitHub Exploit DB Packet Storm
196512 5.3 MEDIUM
Network 		nextcloud social Improper access control in Nextcloud Social app version 0.3.1 allowed to read posts of any user. CWE-863
 Incorrect Authorization 		CVE-2020-8278 2024-11-21 14:38 2020-11-19 Show GitHub Exploit DB Packet Storm
196513 7.5 HIGH
Network 		nodejs
fedoraproject
oracle
c-ares_project 		node.js
fedora
graalvm
retail_xstore_point_of_service
jd_edwards_enterpriseone_tools
mysql_cluster
blockchain_platform
c-ares 		A Node.js application that allows an attacker to trigger a DNS request for a host of their choice could trigger a Denial of Service in versions < 15.2.1, < 14.15.1, and < 12.19.1 by getting the appli… CWE-400
 Uncontrolled Resource Consumption 		CVE-2020-8277 2024-11-21 14:38 2020-11-19 Show GitHub Exploit DB Packet Storm
196514 8.8 HIGH
Network 		citrix sd-wan Privilege escalation of an authenticated user to root in Citrix SD-WAN center versions before 11.2.2, 11.1.2b and 10.2.8. CWE-78
OS Command  		CVE-2020-8273 2024-11-21 14:38 2020-11-16 Show GitHub Exploit DB Packet Storm
196515 7.5 HIGH
Network 		citrix sd-wan Authentication Bypass resulting in exposure of SD-WAN functionality in Citrix SD-WAN Center versions before 11.2.2, 11.1.2b and 10.2.8 CWE-287
Improper Authentication 		CVE-2020-8272 2024-11-21 14:38 2020-11-16 Show GitHub Exploit DB Packet Storm
196516 9.8 CRITICAL
Network 		citrix sd-wan Unauthenticated remote code execution with root privileges in Citrix SD-WAN Center versions before 11.2.2, 11.1.2b and 10.2.8 CWE-22
Path Traversal 		CVE-2020-8271 2024-11-21 14:38 2020-11-16 Show GitHub Exploit DB Packet Storm
196517 8.8 HIGH
Network 		citrix virtual_apps_and_desktops An unprivileged Windows user on the VDA or an SMB user can perform arbitrary command execution as SYSTEM in CVAD versions before 2009, 1912 LTSR CU1 hotfixes CTX285871 and CTX285872, 7.15 LTSR CU6 ho… CWE-78
OS Command  		CVE-2020-8270 2024-11-21 14:38 2020-11-16 Show GitHub Exploit DB Packet Storm
196518 8.8 HIGH
Network 		citrix xendesktop
xenapp
virtual_apps_and_desktops 		An unprivileged Windows user on the VDA can perform arbitrary command execution as SYSTEM in CVAD versions before 2009, 1912 LTSR CU1 hotfixes CTX285870 and CTX286120, 7.15 LTSR CU6 hotfix CTX285344 … CWE-269
 Improper Privilege Management 		CVE-2020-8269 2024-11-21 14:38 2020-11-16 Show GitHub Exploit DB Packet Storm
196519 8.1 HIGH
Network 		nextcloud nextcloud_server Insufficient protection of the server-side encryption keys in Nextcloud Server 19.0.1 allowed an attacker to replace the encryption keys. CWE-522
 Insufficiently Protected Credentials 		CVE-2020-8259 2024-11-21 14:38 2020-11-16 Show GitHub Exploit DB Packet Storm
196520 4.4 MEDIUM
Local 		nextcloud nextcloud_server Insufficient protection of the server-side encryption keys in Nextcloud Server 19.0.1 allowed an attacker to replace the public key to decrypt them later on. CWE-522
 Insufficiently Protected Credentials 		CVE-2020-8152 2024-11-21 14:38 2020-11-16 Show GitHub Exploit DB Packet Storm