Vulnerability Search Top

Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

Vulnerability Information Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":June 1, 2026, 4:01 p.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
228071	7.5	危険	webmobo	-	WB News における認証を回避される脆弱性	CWE-287 不適切な認証	CVE-2009-4927	2012-12-20 19:28	2010-07-12	Show	GitHub Exploit DB Packet Storm

228072	6.8	警告	UnrealIRCd	-	UnrealIRCd におけるバッファオーバーフローの脆弱性	CWE-119 バッファエラー	CVE-2009-4893	2012-12-20 19:28	2010-06-15	Show	GitHub Exploit DB Packet Storm

228073	7.5	危険	webjump	-	Content Management System WEBjump! における SQL インジェクションの脆弱性	CWE-89 SQLインジェクション	CVE-2009-4892	2012-12-20 19:28	2010-06-11	Show	GitHub Exploit DB Packet Storm

228074	4.3	警告	retrieve	-	vBook のログインアプリケーションにおけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2009-4890	2012-12-20 19:28	2010-06-11	Show	GitHub Exploit DB Packet Storm

228075	6.8	警告	sbuilder	-	CMS S.Builder の index.php における PHP リモートファイルインクルージョンの脆弱性	CWE-94 コード・インジェクション	CVE-2009-4887	2012-12-20 19:28	2010-06-11	Show	GitHub Exploit DB Packet Storm

228076	7.5	危険	todd rogers	-	PHPRecipeBook の index.php における SQL インジェクションの脆弱性	CWE-89 SQLインジェクション	CVE-2009-4883	2012-12-20 19:28	2010-06-11	Show	GitHub Exploit DB Packet Storm

228077	4.3	警告	zonecheck	-	ZoneCheck の zc/publisher/html.rb におけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2009-4882	2012-12-20 19:28	2010-05-26	Show	GitHub Exploit DB Packet Storm

228078	6.8	警告	plain black	-	WebGUI におけるクロスサイトリクエストフォージェリの脆弱性	CWE-352 同一生成元ポリシー違反	CVE-2009-4877	2012-12-20 19:28	2010-05-26	Show	GitHub Exploit DB Packet Storm

228079	6.4	警告	scripts.oldguy	-	TalkBack におけるコメントを変更される脆弱性	CWE-264 認可・権限・アクセス制御	CVE-2009-4874	2012-12-20 19:28	2010-05-26	Show	GitHub Exploit DB Packet Storm

228080	10	危険	rhinosoft	-	Rhino Software Serv-U Web Client の HTTP サーバにおけるスタックベースのバッファオーバーフローの脆弱性	CWE-119 バッファエラー	CVE-2009-4873	2012-12-20 19:28	2010-05-26	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:June 1, 2026, 4:12 a.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
202531	8.8	HIGH Network	google opensuse fedoraproject redhat debian	chrome leap backports_sle fedora enterprise_linux_desktop enterprise_linux_workstation debian_linux	Use after free in audio in Google Chrome prior to 79.0.3945.117 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.	CWE-416 Use After Free	CVE-2020-6377	2024-11-21 14:35	2020-01-11	Show	GitHub Exploit DB Packet Storm

202532	7.5	HIGH Network	sap	netweaver_internet_communication_manager_\(kernel\) netweaver_internet_communication_manager_\(krnl32nuc\) netweaver_internet_communication_manager_\(krnl32uc\) netweaver_internet_communicat…	Improper input validation in SAP NetWeaver Internet Communication Manager (update provided in KRNL32NUC & KRNL32UC 7.21, 7.21EXT, 7.22, 7.22EXT KRNL64NUC & KRNL64UC 7.21, 7.21EXT, 7.22, 7.22EXT, 7.49…	CWE-20 Improper Input Validation	CVE-2020-6304	2024-11-21 14:35	2020-01-15	Show	GitHub Exploit DB Packet Storm

202533	9.1	CRITICAL Network	bftpd_project	bftpd	An issue was discovered in Bftpd 5.3. Under certain circumstances, an out-of-bounds read is triggered due to an uninitialized value. The daemon crashes at startup in the hidegroups_init function in d…	CWE-125 Out-of-bounds Read	CVE-2020-6162	2024-11-21 14:35	2020-01-11	Show	GitHub Exploit DB Packet Storm

202534	7.6	HIGH Network	webfactoryltd	minimal_coming_soon_\&_maintenance_mode	A flaw in the WordPress plugin, Minimal Coming Soon & Maintenance Mode through 2.10, allows authenticated users with basic access to enable and disable maintenance-mode settings (impacting the availa…	CWE-862 Missing Authorization	CVE-2020-6168	2024-11-21 14:35	2020-01-10	Show	GitHub Exploit DB Packet Storm

202535	5.4	MEDIUM Network	webfactoryltd	minimal_coming_soon_\&_maintenance_mode	A flaw in the WordPress plugin, Minimal Coming Soon & Maintenance Mode through 2.15, allows authenticated users with basic access to export settings and change maintenance-mode themes.	CWE-276 Incorrect Default Permissions	CVE-2020-6166	2024-11-21 14:35	2020-01-10	Show	GitHub Exploit DB Packet Storm

202536	8.8	HIGH Network	webfactoryltd	minimal_coming_soon_\&_maintenance_mode	A flaw in the WordPress plugin, Minimal Coming Soon & Maintenance Mode through 2.10, allows a CSRF attack to enable maintenance mode, inject XSS, modify several important settings, or include remote …	CWE-352 Origin Validation Error	CVE-2020-6167	2024-11-21 14:35	2020-01-10	Show	GitHub Exploit DB Packet Storm

202537	9.8	CRITICAL Network	genexis	platinum-4410_firmware	An authentication bypass vulnerability on Genexis Platinum-4410 v2.1 P4410-V2 1.28 devices allows attackers to obtain cleartext credentials from the HTML source code of the cgi-bin/index2.asp URI.	CWE-200 CWE-306 Information Exposure Missing Authentication for Critical Function	CVE-2020-6170	2024-11-21 14:35	2020-01-8	Show	GitHub Exploit DB Packet Storm

202538	6.1	MEDIUM Network	mediawiki	mediawiki	The WikibaseMediaInfo extension 1.35 for MediaWiki allows XSS because of improper template syntax within the PropertySuggestionsWidget template (in the templates/search/PropertySuggestionsWidget.must…	CWE-79 Cross-site Scripting	CVE-2020-6163	2024-11-21 14:35	2020-01-8	Show	GitHub Exploit DB Packet Storm

202539	7.5	HIGH Local	insyde siemens	insydeh2o ruggedcom_ape1808_firmware simatic_field_pg_m6_firmware simatic_ipc127e_firmware simatic_ipc227g_firmware simatic_ipc277g_firmware simatic_itp1000_firmware simatic_ipc4…	A vulnerability exists in System Management Interrupt (SWSMI) handler of InsydeH2O UEFI Firmware code located in SWSMI handler that dereferences gRT (EFI_RUNTIME_SERVICES) pointer to call a GetVariab…	NVD-CWE-noinfo	CVE-2020-5953	2024-11-21 14:34	2022-02-3	Show	GitHub Exploit DB Packet Storm

202540	7.5	HIGH Network	insyde	insydeh2o	An issue was discovered in SdLegacySmm in Insyde InsydeH2O with kernel 5.1 before 05.15.11, 5.2 before 05.25.11, 5.3 before 05.34.11, and 5.4 before 05.42.11. The software SMI handler allows untruste…	CWE-20 Improper Input Validation	CVE-2020-5956	2024-11-21 14:34	2022-01-6	Show	GitHub Exploit DB Packet Storm