Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":May 27, 2026, 6 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
226981 3.7 注意 レッドハット - Red Hat Enterprise Virtualization Manager における他のユーザのデスクトップセッションへアクセスされる脆弱性 CWE-264
認可・権限・アクセス制御 		CVE-2011-4316 2013-01-8 15:31 2012-12-4 Show GitHub Exploit DB Packet Storm
226982 3.3 注意 Centrify - Centrify Suite に同梱されている Centrify Deployment Manager における任意のファイルを上書きされる脆弱性 CWE-59
リンク解釈の問題 		CVE-2012-6348 2013-01-8 15:25 2013-01-4 Show GitHub Exploit DB Packet Storm
226983 4.3 警告 Digium - 複数の Asterisk 製品におけるサービス運用妨害 (リソース消費) の脆弱性 CWE-119
バッファエラー 		CVE-2012-5977 2013-01-7 18:36 2013-01-2 Show GitHub Exploit DB Packet Storm
226984 7.5 危険 SWI-Prolog - SWI-Prolog の os/pl-glob.c におけるスタックベースのバッファオーバーフローの脆弱性 CWE-119
バッファエラー 		CVE-2012-6090 2013-01-7 18:34 2012-12-16 Show GitHub Exploit DB Packet Storm
226985 7.5 危険 SWI-Prolog - SWI-Prolog の os/pl-os.c におけるスタックベースのバッファオーバーフローの脆弱性 CWE-119
バッファエラー 		CVE-2012-6089 2013-01-7 18:33 2012-12-16 Show GitHub Exploit DB Packet Storm
226986 5 警告 Digium - 複数の Asterisk 製品におけるサービス運用妨害 (デーモンクラッシュ) の脆弱性 CWE-119
バッファエラー 		CVE-2012-5976 2013-01-7 18:23 2013-01-2 Show GitHub Exploit DB Packet Storm
226987 5 警告 Ruby on Rails project - Ruby on Rails 用 Authlogic gem における SQL インジェクションの脆弱性 CWE-200
情報漏えい 		CVE-2012-6497 2013-01-7 18:04 2013-01-4 Show GitHub Exploit DB Packet Storm
226988 4.6 警告 Opera Software ASA - UNIX 上で稼働する Opera における重要な情報を取得される脆弱性 CWE-264
認可・権限・アクセス制御 		CVE-2012-6472 2013-01-7 16:52 2012-12-18 Show GitHub Exploit DB Packet Storm
226989 5 警告 Opera Software ASA - Opera におけるアドレスフィールドを偽装される脆弱性 CWE-Other
その他 		CVE-2012-6471 2013-01-7 16:52 2012-12-18 Show GitHub Exploit DB Packet Storm
226990 9.3 危険 Opera Software ASA - Opera における任意のコードを実行される脆弱性 CWE-119
バッファエラー 		CVE-2012-6470 2013-01-7 16:50 2012-12-18 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:May 28, 2026, 4:16 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
214931 9.8 CRITICAL
Network 		rukovoditel rukovoditel In Rukovoditel 2.5.2, an attacker may inject an arbitrary .php file location instead of a language file and thus achieve command execution. CWE-22
Path Traversal 		CVE-2020-11819 2024-11-21 13:58 2020-04-17 Show GitHub Exploit DB Packet Storm
214932 8.8 HIGH
Network 		rukovoditel rukovoditel In Rukovoditel 2.5.2 has a form_session_token value to prevent CSRF attacks. This protection mechanism can be bypassed with another user's valid token. Thus, an attacker can change the Admin password… CWE-352
 Origin Validation Error 		CVE-2020-11818 2024-11-21 13:58 2020-04-17 Show GitHub Exploit DB Packet Storm
214933 9.8 CRITICAL
Network 		rukovoditel rukovoditel Rukovoditel 2.5.2 is affected by a SQL injection vulnerability because of improper handling of the reports_id (POST) parameter. CWE-89
SQL Injection 		CVE-2020-11816 2024-11-21 13:58 2020-04-17 Show GitHub Exploit DB Packet Storm
214934 9.8 CRITICAL
Network 		rukovoditel rukovoditel In Rukovoditel 2.5.2, attackers can upload arbitrary file to the server by just changing the content-type value. As a result of that, an attacker can execute a command on the server. This specific at… CWE-434
 Unrestricted Upload of File with Dangerous Type  		CVE-2020-11815 2024-11-21 13:58 2020-04-17 Show GitHub Exploit DB Packet Storm
214935 5.4 MEDIUM
Network 		qdpm qdpm A Host Header Injection vulnerability in qdPM 9.1 may allow an attacker to spoof a particular header and redirect users to malicious websites. CWE-74
Injection 		CVE-2020-11814 2024-11-21 13:58 2020-04-17 Show GitHub Exploit DB Packet Storm
214936 5.4 MEDIUM
Network 		rukovoditel rukovoditel In Rukovoditel 2.5.2, there is a stored XSS vulnerability on the configuration page via the copyright text input. Thus, an attacker can inject a malicious script to steal all users' valuable data. Th… CWE-79
Cross-site Scripting 		CVE-2020-11813 2024-11-21 13:58 2020-04-17 Show GitHub Exploit DB Packet Storm
214937 9.8 CRITICAL
Network 		rukovoditel rukovoditel Rukovoditel 2.5.2 is affected by a SQL injection vulnerability because of improper handling of the filters[0][value] or filters[1][value] parameter. CWE-89
SQL Injection 		CVE-2020-11812 2024-11-21 13:58 2020-04-17 Show GitHub Exploit DB Packet Storm
214938 9.8 CRITICAL
Network 		qdpm qdpm In qdPM 9.1, an attacker can upload a malicious .php file to the server by exploiting the Add Profile Photo capability with a crafted content-type value. After that, the attacker can execute an arbit… CWE-434
 Unrestricted Upload of File with Dangerous Type  		CVE-2020-11811 2024-11-21 13:58 2020-04-17 Show GitHub Exploit DB Packet Storm
214939 6.5 MEDIUM
Network 		broadcom ca_api_developer_portal CA API Developer Portal 4.3.1 and earlier contains an access control flaw that allows privileged users to view restricted sensitive information. NVD-CWE-noinfo
CVE-2020-11660 2024-11-21 13:58 2020-04-16 Show GitHub Exploit DB Packet Storm
214940 4.3 MEDIUM
Network 		broadcom ca_api_developer_portal CA API Developer Portal 4.3.1 and earlier contains an access control flaw that allows privileged users to perform a restricted user administration action. CWE-639
 Authorization Bypass Through User-Controlled Key 		CVE-2020-11659 2024-11-21 13:58 2020-04-16 Show GitHub Exploit DB Packet Storm