Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":May 21, 2026, 4 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
228101 7.5 危険 SUSE - SUSE Linux 上で稼動する yast2-ldap-server の YaST2 LDAP モジュールにおけるネットワークサービスをアクセスされる脆弱性 CWE-16
環境設定 		CVE-2009-1648 2012-12-20 19:10 2009-07-3 Show GitHub Exploit DB Packet Storm
228102 9.3 危険 ultrafunk - Ultrafunk Popcorn の popcorn.exe におけるヒープベースのバッファオーバーフローの脆弱性 CWE-119
バッファエラー 		CVE-2009-1647 2012-12-20 19:10 2009-05-15 Show GitHub Exploit DB Packet Storm
228103 9.3 危険 sorinara - Sorinara Streaming Audio Player におけるスタックベースのバッファオーバーフローの脆弱性 CWE-119
バッファエラー 		CVE-2009-1644 2012-12-20 19:10 2009-05-15 Show GitHub Exploit DB Packet Storm
228104 9.3 危険 sorinara - Sorinara Soritong MP3 Player におけるスタックベースのバッファオーバーフローの脆弱性 CWE-119
バッファエラー 		CVE-2009-1643 2012-12-20 19:10 2009-05-15 Show GitHub Exploit DB Packet Storm
228105 7.5 危険 t-dreams - Techno Dreams Job Career Package における認証を回避される脆弱性 CWE-287
不適切な認証 		CVE-2009-1638 2012-12-20 19:10 2009-05-15 Show GitHub Exploit DB Packet Storm
228106 6.4 警告 simplecustomer - Simple Customer の profile.php における admin 電子メールアドレスなどを変更される脆弱性 CWE-264
認可・権限・アクセス制御 		CVE-2009-1637 2012-12-20 19:10 2009-05-15 Show GitHub Exploit DB Packet Storm
228107 10 危険 Unisys - Windows 上で稼動している Unisys BIS におけるスタックベースのバッファオーバーフローの脆弱性 CWE-119
バッファエラー 		CVE-2009-1628 2012-12-20 19:10 2009-06-26 Show GitHub Exploit DB Packet Storm
228108 9.3 危険 sdp multimedia - SDP Downloader におけるスタックベースのバッファオーバーフローの脆弱性 CWE-119
バッファエラー 		CVE-2009-1627 2012-12-20 19:10 2009-05-12 Show GitHub Exploit DB Packet Storm
228109 7.5 危険 will kraft - EZ-Blog の public/specific.php における SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2009-1626 2012-12-20 19:10 2009-05-12 Show GitHub Exploit DB Packet Storm
228110 7.5 危険 teraway - Teraway FileStream における認証を回避される脆弱性 CWE-287
不適切な認証 		CVE-2009-1619 2012-12-20 19:10 2009-05-12 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:May 21, 2026, 4:10 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
201931 7.5 HIGH
Network 		vareille tinyfiledialogs tinyfiledialogs (aka tiny file dialogs) before 3.8.0 allows shell metacharacters in titles, messages, and other input data. NVD-CWE-noinfo
CVE-2020-36767 2024-11-21 14:30 2023-10-31 Show GitHub Exploit DB Packet Storm
201932 5.4 MEDIUM
Network 		duxcms_project duxcms Cross Site Scripting (XSS) vulnerability in DuxCMS 2.1 allows remote attackers to run arbitrary code via the content, time, copyfrom parameters when adding or editing a post. CWE-79
Cross-site Scripting 		CVE-2020-36763 2024-11-21 14:30 2023-08-1 Show GitHub Exploit DB Packet Storm
201933 9.8 CRITICAL
Network 		ons ras_collection_instrument A vulnerability was found in ONS Digital RAS Collection Instrument up to 2.0.27 and classified as critical. Affected by this issue is the function jobs of the file .github/workflows/comment.yml. The … - CVE-2020-36762 2024-11-21 14:30 2023-07-19 Show GitHub Exploit DB Packet Storm
201934 7.8 HIGH
Local 		hitachi compute_systems_manager
device_manager
replication_manager
tiered_storage_manager
tuning_manager 		Incorrect Default Permissions vulnerability in Hitachi Device Manager on Linux (Device Manager Server component), Hitachi Tiered Storage Manager on Linux, Hitachi Replication Manager on Linux, Hitach… CWE-276
Incorrect Default Permissions  		CVE-2020-36695 2024-11-21 14:30 2023-07-18 Show GitHub Exploit DB Packet Storm
201935 5.3 MEDIUM
Network 		crypto-js_project crypto-js The crypto-js package before 3.2.1 for Node.js generates random numbers by concatenating the string "0." with an integer, which makes the output more predictable than necessary. CWE-330
 Use of Insufficiently Random Values 		CVE-2020-36732 2024-11-21 14:30 2023-06-12 Show GitHub Exploit DB Packet Storm
201936 6.7 MEDIUM
Local 		linux linux_kernel An issue was discovered in netfilter in the Linux kernel before 5.10. There can be a use-after-free in the packet processing context, because the per-CPU sequence count is mishandled during concurren… CWE-416
 Use After Free 		CVE-2020-36694 2024-11-21 14:30 2023-05-22 Show GitHub Exploit DB Packet Storm
201937 5.4 MEDIUM
Network 		sophos web_appliance A reflected XSS via POST vulnerability in report scheduler of Sophos Web Appliance versions older than 4.3.10.4 allows execution of JavaScript code in the victim browser via a malicious form that mus… CWE-79
Cross-site Scripting 		CVE-2020-36692 2024-11-21 14:30 2023-04-4 Show GitHub Exploit DB Packet Storm
201938 8.8 HIGH
Network 		e-plugins wp_membership
fitness_trainer
hotel_directory
hospital_\&_doctor_directory
lawyer_directory
institutions_directory
real_estate_pro
final_user
directory_pro
photographer… 		The directory-pro WordPress plugin before 1.9.5, final-user-wp-frontend-user-profiles WordPress plugin before 1.2.2, producer-retailer WordPress plugin through TODO, photographer-directory WordPress … NVD-CWE-noinfo
CVE-2020-36666 2024-11-21 14:30 2023-03-28 Show GitHub Exploit DB Packet Storm
201939 5.5 MEDIUM
Local 		linux linux_kernel An issue was discovered in the Linux kernel before 5.8. lib/nlattr.c allows attackers to cause a denial of service (unbounded recursion) via a nested Netlink policy with a back reference. CWE-674
 Uncontrolled Recursion 		CVE-2020-36691 2024-11-21 14:30 2023-03-25 Show GitHub Exploit DB Packet Storm
201940 6.1 MEDIUM
Network 		seotool_project seotool A vulnerability was found in Artesãos SEOTools up to 0.17.1 and classified as critical. This issue affects the function eachValue of the file TwitterCards.php. The manipulation of the argument value … CWE-601
Open Redirect 		CVE-2020-36665 2024-11-21 14:30 2023-03-5 Show GitHub Exploit DB Packet Storm