Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":May 23, 2026, 4 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
227111 4.3 警告 tomaz-muraus - Tomaz Muraus Open Blog の application/modules/admin/controllers/users.php におけるクロスサイトリクエストフォージェリの脆弱性 CWE-352
同一生成元ポリシー違反 		CVE-2010-3026 2012-12-20 19:29 2010-08-16 Show GitHub Exploit DB Packet Storm
227112 4.3 警告 tomaz-muraus - Tomaz Muraus Open Blog におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2010-3025 2012-12-20 19:29 2010-08-16 Show GitHub Exploit DB Packet Storm
227113 7.5 危険 Pligg - Pligg の groupadmin.php における SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2010-3013 2012-12-20 19:29 2010-08-11 Show GitHub Exploit DB Packet Storm
227114 10 危険 Wireshark - Wireshark の ASN.1 BER 解析子におけるスタックベースのバッファオーバーフローの脆弱性 CWE-119
バッファエラー 		CVE-2010-2994 2012-12-20 19:29 2010-08-13 Show GitHub Exploit DB Packet Storm
227115 5 警告 Wireshark - Wireshark の IPMI 解析子におけるサービス運用妨害 (DoS) の脆弱性 CWE-20
不適切な入力確認 		CVE-2010-2993 2012-12-20 19:29 2010-08-13 Show GitHub Exploit DB Packet Storm
227116 7.5 危険 rightinpoint - RightInPoint Lyrics Script の index.php における SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2010-2721 2012-12-20 19:29 2010-07-13 Show GitHub Exploit DB Packet Storm
227117 7.5 危険 rich kavanagh - PsNews における SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2010-2716 2012-12-20 19:29 2010-07-13 Show GitHub Exploit DB Packet Storm
227118 4.3 警告 tcwonline - TCW PHP Album の photos/index.php におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2010-2715 2012-12-20 19:29 2010-07-13 Show GitHub Exploit DB Packet Storm
227119 7.5 危険 tcwonline - TCW PHP Album の photos/index.php における SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2010-2714 2012-12-20 19:29 2010-07-13 Show GitHub Exploit DB Packet Storm
227120 3.5 注意 sijio - Sijio Community Software におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2010-2698 2012-12-20 19:29 2010-07-12 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:May 23, 2026, 4:08 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
214831 5.4 MEDIUM
Adjacent 		bluetooth
opensuse 		bluetooth_core
leap 		Legacy pairing and secure-connections pairing authentication in Bluetooth BR/EDR Core Specification v5.2 and earlier may allow an unauthenticated user to complete authentication without pairing crede… CWE-290
 Authentication Bypass by Spoofing 		CVE-2020-10135 2024-11-21 13:54 2020-05-20 Show GitHub Exploit DB Packet Storm
214832 6.3 MEDIUM
Adjacent 		bluetooth bluetooth_core Pairing in Bluetooth® Core v5.2 and earlier may permit an unauthenticated attacker to acquire credentials with two pairing devices via adjacent access when the unauthenticated user initiates differen… CWE-436
 Interpretation Conflict 		CVE-2020-10134 2024-11-21 13:54 2020-05-20 Show GitHub Exploit DB Packet Storm
214833 8.8 HIGH
Network 		powerdns recursor An issue has been found in PowerDNS Recursor 4.1.0 up to and including 4.3.0. It allows an attacker (with enough privileges to change the system's hostname) to cause disclosure of uninitialized memor… CWE-125
Out-of-bounds Read 		CVE-2020-10030 2024-11-21 13:54 2020-05-20 Show GitHub Exploit DB Packet Storm
214834 7.8 HIGH
Local 		zephyrproject zephyr A malicious userspace application can cause a integer overflow and bypass security checks performed by system call handlers. The impact would depend on the underlying system call and can range from d… CWE-190
 Integer Overflow or Wraparound 		CVE-2020-10067 2024-11-21 13:54 2020-05-12 Show GitHub Exploit DB Packet Storm
214835 6.5 MEDIUM
Network 		zephyrproject zephyr In updatehub_probe, right after JSON parsing is complete, objects\[1] is accessed from the output structure in two different places. If the JSON contained less than two elements, this access would re… CWE-824
 Access of Uninitialized Pointer 		CVE-2020-10060 2024-11-21 13:54 2020-05-12 Show GitHub Exploit DB Packet Storm
214836 4.8 MEDIUM
Network 		zephyrproject zephyr The UpdateHub module disables DTLS peer checking, which allows for a man in the middle attack. This is mitigated by firmware images requiring valid signatures. However, there is no benefit to using D… CWE-295
Improper Certificate Validation  		CVE-2020-10059 2024-11-21 13:54 2020-05-12 Show GitHub Exploit DB Packet Storm
214837 7.8 HIGH
Local 		zephyrproject zephyr Multiple syscalls in the Kscan subsystem perform insufficient argument validation, allowing code executing in userspace to potentially gain elevated privileges. See NCC-ZEP-006 This issue affects: ze… CWE-20
 Improper Input Validation  		CVE-2020-10058 2024-11-21 13:54 2020-05-12 Show GitHub Exploit DB Packet Storm
214838 7.8 HIGH
Local 		zephyrproject zephyr Multiple syscalls with insufficient argument validation See NCC-ZEP-006 This issue affects: zephyrproject-rtos zephyr version 1.14.0 and later versions. version 2.1.0 and later versions. CWE-20
 Improper Input Validation  		CVE-2020-10028 2024-11-21 13:54 2020-05-12 Show GitHub Exploit DB Packet Storm
214839 7.8 HIGH
Local 		zephyrproject zephyr An attacker who has obtained code execution within a user thread is able to elevate privileges to that of the kernel. See NCC-ZEP-001 This issue affects: zephyrproject-rtos zephyr version 1.14.0 and … CWE-697
 Incorrect Comparison 		CVE-2020-10027 2024-11-21 13:54 2020-05-12 Show GitHub Exploit DB Packet Storm
214840 7.8 HIGH
Local 		zephyrproject zephyr The arm platform-specific code uses a signed integer comparison when validating system call numbers. An attacker who has obtained code execution within a user thread is able to elevate privileges to … CWE-697
 Incorrect Comparison 		CVE-2020-10024 2024-11-21 13:54 2020-05-12 Show GitHub Exploit DB Packet Storm