Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":May 25, 2026, 12:07 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
226881 4.3 警告 マイクロソフト - Microsoft .NET Framework の Windows Forms コンポーネントにおける重要な情報を取得される脆弱性 CWE-DesignError
CVE-2013-0001 2013-01-22 09:51 2013-01-8 Show GitHub Exploit DB Packet Storm
226882 9.3 危険 マイクロソフト - Microsoft .NET Framework における権限昇格の脆弱性 CWE-20
不適切な入力確認 		CVE-2013-0004 2013-01-22 09:47 2013-01-8 Show GitHub Exploit DB Packet Storm
226883 2.1 注意 OpenStack - OpenStack Keystone の tools/sample_data.sh における Amazon EC2 へのアクセス権を取得される脆弱性 CWE-264
認可・権限・アクセス制御 		CVE-2012-5483 2013-01-21 17:53 2012-12-26 Show GitHub Exploit DB Packet Storm
226884 5 警告 TWiki
Foswiki		 - TWiki および Foswiki におけるサービス運用妨害 (メモリ消費) の脆弱性 CWE-189
数値処理の問題 		CVE-2012-6330 2013-01-21 17:50 2012-12-14 Show GitHub Exploit DB Packet Storm
226885 5.5 警告 オラクル - Oracle E-Business Suite の Human Resources におけるセキュリティ・グループの処理に関する脆弱性 CWE-noinfo
情報不足 		CVE-2012-3218 2013-01-21 16:19 2013-01-15 Show GitHub Exploit DB Packet Storm
226886 4.3 警告 オラクル - 複数の Oracle Enterprise Manager 製品における User Interface Framework の処理に関する脆弱性 CWE-noinfo
情報不足 		CVE-2012-5062 2013-01-21 16:16 2013-01-15 Show GitHub Exploit DB Packet Storm
226887 5 警告 オラクル - Oracle Siebel CRM における Highly Interactive Web UI の処理に関する脆弱性 CWE-noinfo
情報不足 		CVE-2012-1701 2013-01-21 16:13 2013-01-15 Show GitHub Exploit DB Packet Storm
226888 5 警告 オラクル - Oracle Siebel CRM における Siebel Core - Server Infrastructure の処理に関する脆弱性 CWE-noinfo
情報不足 		CVE-2012-3170 2013-01-21 16:13 2013-01-15 Show GitHub Exploit DB Packet Storm
226889 5 警告 オラクル - Oracle Siebel CRM における Siebel Core - Server Infrastructure の処理に関する脆弱性 CWE-noinfo
情報不足 		CVE-2012-3169 2013-01-21 16:13 2013-01-15 Show GitHub Exploit DB Packet Storm
226890 4 警告 オラクル - Oracle Siebel CRM における Siebel Apps - Multi-channel Technologies の処理に関する脆弱性 CWE-noinfo
情報不足 		CVE-2012-1680 2013-01-21 16:13 2013-01-15 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:May 25, 2026, 4:01 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
214551 8.8 HIGH
Network 		canon oce_colorwave_500_firmware The Canon Oce Colorwave 500 4.0.0.0 printer's web application is missing any form of CSRF protections. This is a system-wide issue. An attacker could perform administrative actions by targeting a log… CWE-352
 Origin Validation Error 		CVE-2020-10671 2024-11-21 13:55 2020-03-20 Show GitHub Exploit DB Packet Storm
214552 6.1 MEDIUM
Network 		canon oce_colorwave_500_firmware The web application exposed by the Canon Oce Colorwave 500 4.0.0.0 printer is vulnerable to Reflected XSS in the parameter settingId of the settingDialogContent.jsp page. NOTE: this is fixed in the l… CWE-79
Cross-site Scripting 		CVE-2020-10670 2024-11-21 13:55 2020-03-20 Show GitHub Exploit DB Packet Storm
214553 6.1 MEDIUM
Network 		canon oce_colorwave_500_firmware The web application exposed by the Canon Oce Colorwave 500 4.0.0.0 printer is vulnerable to Reflected XSS in /home.jsp. The vulnerable parameter is openSI. NOTE: this is fixed in the latest version. CWE-79
Cross-site Scripting 		CVE-2020-10668 2024-11-21 13:55 2020-03-20 Show GitHub Exploit DB Packet Storm
214554 6.1 MEDIUM
Network 		canon oce_colorwave_500_firmware The web application exposed by the Canon Oce Colorwave 500 4.0.0.0 printer is vulnerable to Stored XSS in /TemplateManager/indexExternalLocation.jsp. The vulnerable parameter is map(template_name). N… CWE-79
Cross-site Scripting 		CVE-2020-10667 2024-11-21 13:55 2020-03-20 Show GitHub Exploit DB Packet Storm
214555 8.8 HIGH
Network 		octopus octopus_deploy In Octopus Deploy before 2020.1.5, for customers running on-premises Active Directory linked to their Octopus server, an authenticated user can leverage a bug to escalate privileges. NVD-CWE-noinfo
CVE-2020-10678 2024-11-21 13:55 2020-03-20 Show GitHub Exploit DB Packet Storm
214556 7.5 HIGH
Network 		jsonparser_project
fedoraproject 		jsonparser
fedora 		The Library API in buger jsonparser through 2019-12-04 allows attackers to cause a denial of service (infinite loop) via a Delete call. CWE-835
 Loop with Unreachable Exit Condition ('Infinite Loop') 		CVE-2020-10675 2024-11-21 13:55 2020-03-19 Show GitHub Exploit DB Packet Storm
214557 7.8 HIGH
Local 		denx
opensuse 		u-boot
leap 		Das U-Boot through 2020.01 allows attackers to bypass verified boot restrictions and subsequently boot arbitrary images by providing a crafted FIT image to a system configured to boot the default con… CWE-20
 Improper Input Validation  		CVE-2020-10648 2024-11-21 13:55 2020-03-19 Show GitHub Exploit DB Packet Storm
214558 9.8 CRITICAL
Network 		perlspeak_project perlspeak PerlSpeak through 2.01 allows attackers to execute arbitrary OS commands, as demonstrated by use of system and 2-argument open. CWE-78
OS Command  		CVE-2020-10674 2024-11-21 13:55 2020-03-19 Show GitHub Exploit DB Packet Storm
214559 6.5 MEDIUM
Network 		logicaldoc logicaldoc LogicalDoc before 8.3.3 allows SQL Injection. LogicalDoc populates the list of available documents by querying the database. This list could be filtered by modifying some of the parameters. Some of t… CWE-89
SQL Injection 		CVE-2020-10365 2024-11-21 13:55 2020-03-19 Show GitHub Exploit DB Packet Storm
214560 8.8 HIGH
Network 		fasterxml
debian
netapp
oracle 		jackson-databind
debian_linux
steelstore_cloud_integrated_storage
retail_xstore_point_of_service
primavera_unifier
retail_service_backbone
weblogic_server
retail_merchandising_sy… 		FasterXML jackson-databind 2.x before 2.9.10.4 mishandles the interaction between serialization gadgets and typing, related to com.caucho.config.types.ResourceRef (aka caucho-quercus). NVD-CWE-Other
CVE-2020-10673 2024-11-21 13:55 2020-03-19 Show GitHub Exploit DB Packet Storm