Vulnerability Search Top

Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

Vulnerability Information Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":May 27, 2026, 4 p.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
227881	8.8	危険	softcab	-	SoftCab Sound Converter ActiveX コントロールにおける任意のファイルを作成される脆弱性	CWE-Other その他	CVE-2009-4453	2012-12-20 19:28	2009-12-29	Show	GitHub Exploit DB Packet Storm

227882	4.3	警告	サン・マイクロシステムズ	-	Sun Java System Directory Server Enterprise Edition の DPS におけるサービス運用妨害 (DoS) の脆弱性	CWE-noinfo 情報不足	CVE-2009-4443	2012-12-20 19:28	2009-12-23	Show	GitHub Exploit DB Packet Storm

227883	5	警告	サン・マイクロシステムズ	-	Sun Java System Directory Server Enterprise Edition の DPS におけるサービス運用妨害 (DoS) の脆弱性	CWE-16 環境設定	CVE-2009-4442	2012-12-20 19:28	2009-12-23	Show	GitHub Exploit DB Packet Storm

227884	5	警告	サン・マイクロシステムズ	-	Sun Java System Directory Server Enterprise Edition の DPS におけるサービス運用妨害 (DoS) の脆弱性	CWE-Other その他	CVE-2009-4441	2012-12-20 19:28	2009-12-23	Show	GitHub Exploit DB Packet Storm

227885	6.8	警告	サン・マイクロシステムズ	-	Sun Java System Directory Server Enterprise Edition の DPS における認証されたユーザのバックエンドの接続をハイジャックされる脆弱性	CWE-362 競合状態	CVE-2009-4440	2012-12-20 19:28	2009-12-23	Show	GitHub Exploit DB Packet Storm

227886	7.5	危険	VirtueMart	-	VirtueMart の index.php における SQL インジェクションの脆弱性	CWE-89 SQLインジェクション	CVE-2009-4430	2012-12-20 19:28	2009-12-28	Show	GitHub Exploit DB Packet Storm

227887	7.5	危険	weentech	-	weenCompany の index.php における SQL インジェクションの脆弱性	CWE-89 SQLインジェクション	CVE-2009-4423	2012-12-20 19:28	2009-12-24	Show	GitHub Exploit DB Packet Storm

227888	5	警告	Zend Technologies Ltd.	-	Zend Framework の Zend_Log_Writer_Mail クラスにおける任意の電子メールメッセージを送信される脆弱性	CWE-264 認可・権限・アクセス制御	CVE-2009-4417	2012-12-20 19:28	2009-12-24	Show	GitHub Exploit DB Packet Storm

227889	4.3	警告	phpgroupware	-	phpGroupWare の login.php におけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2009-4416	2012-12-20 19:28	2009-12-24	Show	GitHub Exploit DB Packet Storm

227890	7.5	危険	phpgroupware	-	phpGroupWare におけるディレクトリトラバーサルの脆弱性	CWE-22 パス・トラバーサル	CVE-2009-4415	2012-12-20 19:28	2009-12-24	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:May 27, 2026, 4:52 a.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
208871	5.3	MEDIUM Network	moodle	moodle	In Moodle before 3.8.2, 3.7.5, 3.6.9 and 3.5.11, X-Forwarded-For headers could be used to spoof a user's IP, in order to bypass remote address checks.	CWE-345 Insufficient Verification of Data Authenticity	CVE-2020-1755	2024-11-21 14:11	2022-08-17	Show	GitHub Exploit DB Packet Storm

208872	4.3	MEDIUM Network	moodle	moodle	In Moodle before 3.8.2, 3.7.5, 3.6.9 and 3.5.11, users viewing the grade history report without the 'access all groups' capability were not restricted to viewing grades of users within their own grou…	CWE-732 Incorrect Permission Assignment for Critical Resource	CVE-2020-1754	2024-11-21 14:11	2022-08-6	Show	GitHub Exploit DB Packet Storm

208873	5.4	MEDIUM Network	moodle	moodle	In Moodle 3.8, messages required extra sanitizing before updating the conversation overview, to prevent the risk of stored cross-site scripting.	CWE-79 Cross-site Scripting	CVE-2020-1691	2024-11-21 14:11	2022-08-6	Show	GitHub Exploit DB Packet Storm

208874	6.5	MEDIUM Network	whatsapp	whatsapp	Whatsapp iOS 2.19.80 and prior and Android 2.19.222 and prior user interface does not properly represent URI messages to the user, which results in URI spoofing via specially crafted messages.	NVD-CWE-Other	CVE-2020-20096	2024-11-21 14:11	2022-03-24	Show	GitHub Exploit DB Packet Storm

208875	6.5	MEDIUM Network	apple	imessage	iMessage (Messages app) iOS 12.4 and prior user interface does not properly represent URI messages to the user, which results in URI spoofing via specially crafted messages.	NVD-CWE-Other	CVE-2020-20095	2024-11-21 14:11	2022-03-24	Show	GitHub Exploit DB Packet Storm

208876	6.5	MEDIUM Network	facebook	instagram	Instagram iOS 106.0 and prior and Android 107.0.0.11 and prior user interface does not properly represent URI messages to the user, which results in URI spoofing via specially crafted messages	NVD-CWE-Other	CVE-2020-20094	2024-11-21 14:11	2022-03-24	Show	GitHub Exploit DB Packet Storm

208877	6.5	MEDIUM Network	facebook	messenger	The Facebook Messenger app for iOS 227.0 and prior and Android 228.1.0.10.116 and prior user interface does not properly represent URI messages to the user, which results in URI spoofing via speciall…	NVD-CWE-Other	CVE-2020-20093	2024-11-21 14:11	2022-03-24	Show	GitHub Exploit DB Packet Storm

208878	5.4	MEDIUM Network	laracms_project	laracms	LaraCMS v1.0.1 contains a stored cross-site scripting (XSS) vulnerability which allows atackers to execute arbitrary web scripts or HTML via a crafted payload in the page management module.	CWE-79 Cross-site Scripting	CVE-2020-20131	2024-11-21 14:11	2021-09-30	Show	GitHub Exploit DB Packet Storm

208879	5.4	MEDIUM Network	laracms_project	laracms	LaraCMS v1.0.1 contains a stored cross-site scripting (XSS) vulnerability which allows attackers to execute arbitrary web scripts or HTML via a crafted payload in the content editor.	CWE-79 Cross-site Scripting	CVE-2020-20129	2024-11-21 14:11	2021-09-30	Show	GitHub Exploit DB Packet Storm

208880	7.5	HIGH Network	laracms_project	laracms	LaraCMS v1.0.1 transmits sensitive information in cleartext which can be intercepted by attackers.	CWE-319 Cleartext Transmission of Sensitive Information	CVE-2020-20128	2024-11-21 14:11	2021-09-30	Show	GitHub Exploit DB Packet Storm