Vulnerability Search Top

Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

Vulnerability Information Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":May 15, 2026, 6 p.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
226611	7.5	危険	Secure Ideas	-	BASE の base_local_rules.php における任意のフォーカルファイルをインクルードされる脆弱性	CWE-noinfo 情報不足	CVE-2009-4592	2012-12-20 19:28	2009-10-4	Show	GitHub Exploit DB Packet Storm

226612	7.5	危険	Secure Ideas	-	BASE における SQL インジェクションの脆弱性	CWE-89 SQLインジェクション	CVE-2009-4591	2012-12-20 19:28	2009-10-4	Show	GitHub Exploit DB Packet Storm

226613	4.3	警告	Secure Ideas	-	BASE の base_local_rules.php におけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2009-4590	2012-12-20 19:28	2009-10-4	Show	GitHub Exploit DB Packet Storm

226614	5	警告	unleashedmind	-	Drupal 用の Image Assist モジュールにおける任意のノードタイトルを読まれる脆弱性	CWE-264 認可・権限・アクセス制御	CVE-2009-4558	2012-12-20 19:28	2009-07-15	Show	GitHub Exploit DB Packet Storm

226615	2.1	注意	unleashedmind	-	Drupal 用の Image Assist モジュールにおけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2009-4557	2012-12-20 19:28	2009-07-15	Show	GitHub Exploit DB Packet Storm

226616	4.3	警告	viart	-	ViArt Helpdesk におけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2009-4548	2012-12-20 19:28	2010-01-4	Show	GitHub Exploit DB Packet Storm

226617	4.3	警告	viart	-	ViArt CMS におけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2009-4547	2012-12-20 19:28	2010-01-4	Show	GitHub Exploit DB Packet Storm

226618	4.3	警告	SQLiteManager	-	SQLiteManager の main.php におけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2009-4539	2012-12-20 19:28	2010-01-4	Show	GitHub Exploit DB Packet Storm

226619	4	警告	vsecurity	-	TANDBERG Video Communication Server (VCS) が稼動している Web 管理インターフェースにおけるディレクトリトラバーサルの脆弱性	CWE-200 情報漏えい	CVE-2009-4511	2012-12-20 19:28	2010-04-9	Show	GitHub Exploit DB Packet Storm

226620	8.5	危険	vsecurity	-	TANDBERG VCS 上で稼動している SSH サービスにおける任意のサーバになりすまされる脆弱性	CWE-310 暗号の問題	CVE-2009-4510	2012-12-20 19:28	2010-04-9	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:May 16, 2026, 4 a.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
210181	7.8	HIGH Local	freedroid	freedroidrpg	An issue was discovered in savestruct_internal.c in FreedroidRPG 1.0rc2. Saved game files are composed of Lua scripts that recover a game's state. A file can be modified to put any Lua code inside, l…	CWE-20 Improper Input Validation	CVE-2020-14939	2024-11-21 14:04	2020-06-23	Show	GitHub Exploit DB Packet Storm

210182	9.8	CRITICAL Network	freedroid	freedroidrpg	An issue was discovered in map.c in FreedroidRPG 1.0rc2. It assumes lengths of data sets read from saved game files. It copies data from a file into a fixed-size heap-allocated buffer without size ve…	CWE-787 Out-of-bounds Write	CVE-2020-14938	2024-11-21 14:04	2020-06-23	Show	GitHub Exploit DB Packet Storm

210183	4.3	MEDIUM Network	globalradar	bsa_radar	downloadFile.ashx in the Administrator section of the Surveillance module in Global RADAR BSA Radar 1.6.7234.24750 and earlier allows users to download transaction files. When downloading the files, …	CWE-22 Path Traversal	CVE-2020-14946	2024-11-21 14:04	2020-06-23	Show	GitHub Exploit DB Packet Storm

210184	8.8	HIGH Network	globalradar	bsa_radar	A privilege escalation vulnerability exists within Global RADAR BSA Radar 1.6.7234.24750 and earlier that allows an authenticated, low-privileged user to escalate their privileges to administrator ri…	NVD-CWE-noinfo	CVE-2020-14945	2024-11-21 14:04	2020-06-23	Show	GitHub Exploit DB Packet Storm

210185	9.8	CRITICAL Network	globalradar	bsa_radar	Global RADAR BSA Radar 1.6.7234.24750 and earlier lacks valid authorization controls in multiple functions. This can allow for manipulation and takeover of user accounts if successfully exploited. Th…	CWE-862 Missing Authorization	CVE-2020-14944	2024-11-21 14:04	2020-06-23	Show	GitHub Exploit DB Packet Storm

210186	5.4	MEDIUM Network	globalradar	bsa_radar	The Firstname and Lastname parameters in Global RADAR BSA Radar 1.6.7234.24750 and earlier are vulnerable to stored cross-site scripting (XSS) via Update User Profile.	CWE-79 Cross-site Scripting	CVE-2020-14943	2024-11-21 14:04	2020-06-23	Show	GitHub Exploit DB Packet Storm

210187	7.1	HIGH Local	iobit	advanced_systemcare	IOBit Advanced SystemCare Free 13.5.0.263 allows local users to gain privileges for file deletion by manipulating the Clean & Optimize feature with an NTFS junction and an Object Manager symbolic lin…	CWE-59 Link Following	CVE-2020-14990	2024-11-21 14:04	2020-06-23	Show	GitHub Exploit DB Packet Storm

210188	9.8	CRITICAL Network	chocolate-doom opensuse	crispy_doom chocolate_doom leap backports	The server in Chocolate Doom 3.0.0 and Crispy Doom 5.8.0 doesn't validate the user-controlled num_players value, leading to a buffer overflow. A malicious user can overwrite the server's stack.	CWE-120 Classic Buffer Overflow	CVE-2020-14983	2024-11-21 14:04	2020-06-23	Show	GitHub Exploit DB Packet Storm

210189	5.9	MEDIUM Network	vipre	password_vault	The ThreatTrack VIPRE Password Vault app through 1.100.1090 for iOS has Missing SSL Certificate Validation.	CWE-295 Improper Certificate Validation	CVE-2020-14981	2024-11-21 14:04	2020-06-23	Show	GitHub Exploit DB Packet Storm

210190	5.9	MEDIUM Network	sophos	sophos_secure_email	The Sophos Secure Email application through 3.9.4 for Android has Missing SSL Certificate Validation.	CWE-295 Improper Certificate Validation	CVE-2020-14980	2024-11-21 14:04	2020-06-23	Show	GitHub Exploit DB Packet Storm