Vulnerability Search Top

Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

Vulnerability Information Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":May 31, 2026, 4 p.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
227851	4.3	警告	tristan barczyk	-	KloNews の cat.php におけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2010-1112	2012-12-20 19:29	2010-03-25	Show	GitHub Exploit DB Packet Storm

227852	7.5	危険	ScriptsFeed.com	-	ScriptsFeed Dating Software の searchmatch.php における SQL インジェクションの脆弱性	CWE-89 SQLインジェクション	CVE-2010-1096	2012-12-20 19:29	2010-03-24	Show	GitHub Exploit DB Packet Storm

227853	7.5	危険	ScriptsFeed.com	-	ScriptsFeed Business Directory Software の login.php における SQL インジェクションの脆弱性	CWE-89 SQLインジェクション	CVE-2010-1092	2012-12-20 19:29	2010-03-24	Show	GitHub Exploit DB Packet Storm

227854	4.3	警告	tornadostore	-	TornadoStore におけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2010-1328	2012-12-20 19:29	2010-07-6	Show	GitHub Exploit DB Packet Storm

227855	7.5	危険	tornadostore	-	TornadoStore における SQL インジェクションの脆弱性	CWE-89 SQLインジェクション	CVE-2010-1327	2012-12-20 19:29	2010-07-6	Show	GitHub Exploit DB Packet Storm

227856	10	危険	リアルネットワークス	-	RealNetworks Helix Server などで使用されている AgentX++ における整数オーバーフローの脆弱性	CWE-189 数値処理の問題	CVE-2010-1319	2012-12-20 19:29	2010-04-20	Show	GitHub Exploit DB Packet Storm

227857	10	危険	リアルネットワークス	-	RealNetworks Helix Server などで使用されている AgentX++ におけるスタックベースのバッファオーバーフローの脆弱性	CWE-119 バッファエラー	CVE-2010-1318	2012-12-20 19:29	2010-04-20	Show	GitHub Exploit DB Packet Storm

227858	7.5	危険	リアルネットワークス	-	RealNetworks Helix Server および Helix Mobile Server の NTLM 認証機能におけるヒープベースのバッファオーバーフローの脆弱性	CWE-119 バッファエラー	CVE-2010-1317	2012-12-20 19:29	2010-04-20	Show	GitHub Exploit DB Packet Storm

227859	5	警告	Tembria	-	Tembria Server Monitor におけるスタックベースのバッファオーバーフローの脆弱性	CWE-119 バッファエラー	CVE-2010-1316	2012-12-20 19:29	2010-04-14	Show	GitHub Exploit DB Packet Storm

227860	4.3	警告	seber	-	Joomla! 用の Seber Cart コンポーネントにおけるディレクトリトラバーサルの脆弱性	CWE-22 パス・トラバーサル	CVE-2010-1313	2012-12-20 19:29	2010-04-8	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:May 31, 2026, 4:16 a.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
208481	8.1	HIGH Network	samba debian fedoraproject redhat canonical	samba debian_linux fedora enterprise_linux_desktop enterprise_linux_workstation enterprise_linux_for_scientific_computing enterprise_linux enterprise_linux_server enterprise_l…	A flaw was found in the way Samba maps domain users to local users. An authenticated attacker could use this flaw to cause possible privilege escalation.	CWE-20 Improper Input Validation	CVE-2020-25717	2024-11-21 14:18	2022-02-19	Show	GitHub Exploit DB Packet Storm

208482	9.8	CRITICAL Network	mobile_shop_system_project	mobile_shop_system	An SQL Injection vulnerabilty exists in Sourcecodester Mobile Shop System in PHP MySQL 1.0 via the email parameter in (1) login.php or (2) LoginAsAdmin.php.	CWE-89 SQL Injection	CVE-2020-25905	2024-11-21 14:18	2022-01-29	Show	GitHub Exploit DB Packet Storm

208483	9.1	CRITICAL Network	getsymphony	symphony	A XML External Entity (XXE) vulnerability was discovered in symphony\lib\toolkit\class.xmlelement.php in Symphony 2.7.10 which can lead to an information disclosure or denial of service (DOS).	CWE-611 XXE	CVE-2020-25912	2024-11-21 14:18	2021-11-1	Show	GitHub Exploit DB Packet Storm

208484	9.1	CRITICAL Network	modx	modx_revolution	A XML External Entity (XXE) vulnerability was discovered in the modRestServiceRequest component in MODX CMS 2.7.3 which can lead to an information disclosure or denial of service (DOS).	CWE-611 XXE	CVE-2020-25911	2024-11-21 14:18	2021-11-1	Show	GitHub Exploit DB Packet Storm

208485	5.5	MEDIUM Local	ranko	rkcms	A vulnerability was discovered in the filename parameter in pathindex.php?r=cms-backend/attachment/delete&sub=&filename=../../../../111.txt&filetype=image/jpeg of the master version of RKCMS. This vu…	CWE-22 Path Traversal	CVE-2020-25881	2024-11-21 14:18	2021-10-30	Show	GitHub Exploit DB Packet Storm

208486	6.5	MEDIUM Network	baijiacms_project	baijiacms	A directory traversal vulnerability in the component system/manager/class/web/database.php was discovered in Baijiacms V4 which allows attackers to arbitrarily delete folders on the server via the "i…	CWE-22 Path Traversal	CVE-2020-25873	2024-11-21 14:18	2021-10-30	Show	GitHub Exploit DB Packet Storm

208487	4.9	MEDIUM Network	frogcms_project	frogcms	A vulnerability exists within the FileManagerController.php function in FrogCMS 0.9.5 which allows an attacker to perform a directory traversal attack via a GET request urlencode parameter.	CWE-22 Path Traversal	CVE-2020-25872	2024-11-21 14:18	2021-10-30	Show	GitHub Exploit DB Packet Storm

208488	7.5	HIGH Network	hcc-embedded	nichestack_ipv4	An issue was discovered in HCC Embedded NicheStack IPv4 4.1. The dnc_copy_in routine for parsing DNS domain names does not check whether a domain name compression pointer is pointing within the bound…	CWE-125 Out-of-bounds Read	CVE-2020-25767	2024-11-21 14:18	2021-08-19	Show	GitHub Exploit DB Packet Storm

208489	9.8	CRITICAL Network	sapphireims	sapphireims	In SapphireIMS 5.0, it is possible to take over an account by sending a request to the Save_Password form as shown in POC. Notice that we do not require a JSESSIONID in this request and can reset any…	CWE-306 Missing Authentication for Critical Function	CVE-2020-25566	2024-11-21 14:18	2021-08-12	Show	GitHub Exploit DB Packet Storm

208490	9.8	CRITICAL Network	sapphireims	sapphireims	In SapphireIMS 5.0, it is possible to use the hardcoded credential in clients (username: sapphire, password: ims) and gain access to the portal. Once the access is available, the attacker can inject …	CWE-798 Use of Hard-coded Credentials	CVE-2020-25565	2024-11-21 14:18	2021-08-12	Show	GitHub Exploit DB Packet Storm