Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":May 12, 2026, 6 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
226801 10 危険 zeroshell - ZeroShell の cgi-bin/kerbynet における任意のコマンドを実行される脆弱性 CWE-20
不適切な入力確認 		CVE-2009-0545 2012-12-20 19:10 2009-02-12 Show GitHub Exploit DB Packet Storm
226802 10 危険 pycrypto - PyCrypto ARC2 モジュールにおけるバッファオーバーフローの脆弱性 CWE-119
バッファエラー 		CVE-2009-0544 2012-12-20 19:10 2009-02-12 Show GitHub Exploit DB Packet Storm
226803 4.3 警告 scripts-for-sites - Scripts for Sites EZ Reminder の password.php におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2009-0533 2012-12-20 19:10 2009-02-11 Show GitHub Exploit DB Packet Storm
226804 4.3 警告 scripts-for-sites - SFS EZ Baby の password.php におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2009-0532 2012-12-20 19:10 2009-02-11 Show GitHub Exploit DB Packet Storm
226805 7.5 危険 rhadrix - Rhadrix If-CMS の frame.php における SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2009-0528 2012-12-20 19:10 2009-02-11 Show GitHub Exploit DB Packet Storm
226806 10 危険 phpslash - phpSlash の index.php における任意の PHP コードを実行される脆弱性 CWE-94
コード・インジェクション 		CVE-2009-0517 2012-12-20 19:10 2009-02-10 Show GitHub Exploit DB Packet Storm
226807 6.8 警告 yanocc - YANOCC の check_lang.php におけるディレクトリトラバーサルの脆弱性 CWE-22
パス・トラバーサル 		CVE-2009-0515 2012-12-20 19:10 2009-02-10 Show GitHub Exploit DB Packet Storm
226808 7.5 危険 webframe - WebFrame におけるディレクトリトラバーサルの脆弱性 CWE-22
パス・トラバーサル 		CVE-2009-0514 2012-12-20 19:10 2009-02-10 Show GitHub Exploit DB Packet Storm
226809 7.5 危険 webframe - WebFrame における PHP リモートファイルインクルージョンの脆弱性 CWE-94
コード・インジェクション 		CVE-2009-0513 2012-12-20 19:10 2009-02-10 Show GitHub Exploit DB Packet Storm
226810 10 危険 simpleircbot - SimpleIrcBot における脆弱性 CWE-287
不適切な認証 		CVE-2009-0492 2012-12-20 19:10 2009-02-9 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:May 13, 2026, 5:05 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
210261 7.8 HIGH
Local 		qbik wingate WinGate v9.4.1.5998 has insecure permissions for the installation directory, which allows local users to gain privileges by replacing an executable file with a Trojan horse. CWE-732
 Incorrect Permission Assignment for Critical Resource 		CVE-2020-13866 2024-11-21 14:02 2020-06-9 Show GitHub Exploit DB Packet Storm
210262 7.3 HIGH
Local 		solarwinds advanced_monitoring_agent SolarWinds Advanced Monitoring Agent before 10.8.9 allows local users to gain privileges via a Trojan horse .exe file, because everyone can write to a certain .exe file. CWE-732
 Incorrect Permission Assignment for Critical Resource 		CVE-2020-13912 2024-11-21 14:02 2020-06-8 Show GitHub Exploit DB Packet Storm
210263 9.1 CRITICAL
Network 		pengutronix barebox Pengutronix Barebox through v2020.05.0 has an out-of-bounds read in nfs_read_reply in net/nfs.c because a field of an incoming network packet is directly used as a length field without any bounds che… CWE-125
Out-of-bounds Read 		CVE-2020-13910 2024-11-21 14:02 2020-06-8 Show GitHub Exploit DB Packet Storm
210264 9.8 CRITICAL
Network 		facade ignition The Ignition component before 2.0.5 for Laravel mishandles globals, _get, _post, _cookie, and _env. NOTE: in the 1.x series, versions 1.16.15 and later are unaffected as a consequence of the CVE-2021… NVD-CWE-noinfo
CVE-2020-13909 2024-11-21 14:02 2020-06-8 Show GitHub Exploit DB Packet Storm
210265 5.5 MEDIUM
Local 		ffmpeg
canonical
debian 		ffmpeg
ubuntu_linux
debian_linux 		FFmpeg 2.8 and 4.2.3 has a use-after-free via a crafted EXTINF duration in an m3u8 file because parse_playlist in libavformat/hls.c frees a pointer, and later that pointer is accessed in av_probe_inp… CWE-416
 Use After Free 		CVE-2020-13904 2024-11-21 14:02 2020-06-8 Show GitHub Exploit DB Packet Storm
210266 7.1 HIGH
Local 		imagemagick imagemagick ImageMagick 7.0.9-27 through 7.0.10-17 has a heap-based buffer over-read in BlobToStringInfo in MagickCore/string.c during TIFF image decoding. CWE-125
Out-of-bounds Read 		CVE-2020-13902 2024-11-21 14:02 2020-06-8 Show GitHub Exploit DB Packet Storm
210267 6.1 MEDIUM
Network 		hesk hesk HESK before 3.1.10 allows reflected XSS. CWE-79
Cross-site Scripting 		CVE-2020-13897 2024-11-21 14:02 2020-06-7 Show GitHub Exploit DB Packet Storm
210268 8.8 HIGH
Network 		p5-crypt-perl_project p5-crypt-perl Crypt::Perl::ECDSA in the Crypt::Perl (aka p5-Crypt-Perl) module before 0.32 for Perl fails to verify correct ECDSA signatures when r and s are small and when s = 1. This happens when using the curve… CWE-347
 Improper Verification of Cryptographic Signature 		CVE-2020-13895 2024-11-21 14:02 2020-06-7 Show GitHub Exploit DB Packet Storm
210269 7.5 HIGH
Network 		dext5 dext5 handler/upload_handler.jsp in DEXT5 Editor through 3.5.1402961 allows an attacker to download arbitrary files via the savefilepath field. CWE-276
Incorrect Default Permissions  		CVE-2020-13894 2024-11-21 14:02 2020-06-7 Show GitHub Exploit DB Packet Storm
210270 5.4 MEDIUM
Network 		laborator neon The Neon theme 2.0 before 2020-06-03 for Bootstrap allows XSS via an Add Task Input operation in a dashboard. CWE-79
Cross-site Scripting 		CVE-2020-13890 2024-11-21 14:02 2020-06-7 Show GitHub Exploit DB Packet Storm