Vulnerability Search Top

Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

Vulnerability Information Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":June 4, 2026, 4 p.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
228231	6.5	警告	wikyblog	-	WikyBlog の index.php/Attach における任意のコードを実行される脆弱性	CWE-Other その他	CVE-2010-0757	2012-12-20 19:28	2010-02-26	Show	GitHub Exploit DB Packet Storm

228232	5.8	警告	wikyblog	-	WikyBlog におけるセッションをハイジャックされる脆弱性	CWE-287 不適切な認証	CVE-2010-0756	2012-12-20 19:28	2010-02-26	Show	GitHub Exploit DB Packet Storm

228233	7.5	危険	wikyblog	-	WikyBlog の include/WBmap.php における PHP リモートファイルインクルージョンの脆弱性	CWE-94 コード・インジェクション	CVE-2010-0755	2012-12-20 19:28	2010-02-26	Show	GitHub Exploit DB Packet Storm

228234	4.3	警告	wikyblog	-	WikyBlog の index.php/Special/Main/Templates におけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2010-0754	2012-12-20 19:28	2010-02-26	Show	GitHub Exploit DB Packet Storm

228235	5	警告	rafal wojtczuk	-	dsniff などの製品で使用されている libnids におけるサービス運用妨害 (DoS) の脆弱性	CWE-Other その他	CVE-2010-0751	2012-12-20 19:28	2010-04-6	Show	GitHub Exploit DB Packet Storm

228236	4.3	警告	ViewVC	-	ViewVC の lib/viewvc.py におけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2010-0736	2012-12-20 19:28	2010-02-10	Show	GitHub Exploit DB Packet Storm

228237	7.5	危険	systemsoftware	-	Auktionshaus Gelb の news.php における SQL インジェクションの脆弱性	CWE-89 SQLインジェクション	CVE-2010-0721	2012-12-20 19:28	2010-02-26	Show	GitHub Exploit DB Packet Storm

228238	7.5	危険	systemsoftware	-	Erotik Auktionshaus の news.php における SQL インジェクションの脆弱性	CWE-89 SQLインジェクション	CVE-2010-0720	2012-12-20 19:28	2010-02-26	Show	GitHub Exploit DB Packet Storm

228239	6.8	警告	Zenoss, Inc.	-	Zenoss におけるクロスサイトリクエストフォージェリの脆弱性	CWE-352 同一生成元ポリシー違反	CVE-2010-0713	2012-12-20 19:28	2010-01-15	Show	GitHub Exploit DB Packet Storm

228240	6.5	警告	Zenoss, Inc.	-	Zenoss の zport/dmd/Events/getJSONEventsInfo における SQL インジェクションの脆弱性	CWE-89 SQLインジェクション	CVE-2010-0712	2012-12-20 19:28	2010-01-15	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:June 5, 2026, 4:11 a.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
202901	5.6	MEDIUM Network	libslirp_project debian opensuse qemu	libslirp debian_linux leap qemu	tcp_emu in tcp_subr.c in libslirp 4.1.0, as used in QEMU 4.2.0, mismanages memory, as demonstrated by IRC DCC commands in EMU_IRC. This can cause a heap-based buffer overflow or other out-of-bounds a…	CWE-787 Out-of-bounds Write	CVE-2020-7039	2024-11-21 14:36	2020-01-17	Show	GitHub Exploit DB Packet Storm

202902	9.1	CRITICAL Network	webfactoryltd	wp_database_reset	The WordPress plugin, WP Database Reset through 3.1, contains a flaw that allowed any unauthenticated user to reset any table in the database to the initial WordPress set-up state (deleting all site …	CWE-306 Missing Authentication for Critical Function	CVE-2020-7048	2024-11-21 14:36	2020-01-17	Show	GitHub Exploit DB Packet Storm

202903	8.8	HIGH Network	webfactoryltd	wp_database_reset	The WordPress plugin, WP Database Reset through 3.1, contains a flaw that gave any authenticated user, with minimal permissions, the ability (with a simple wp-admin/admin.php?db-reset-tables[]=users …	CWE-269 Improper Privilege Management	CVE-2020-7047	2024-11-21 14:36	2020-01-17	Show	GitHub Exploit DB Packet Storm

202904	5.4	MEDIUM Network	learndash	learndash	The LearnDash LMS plugin before 3.1.2 for WordPress allows XSS via the ld-profile search field.	CWE-79 Cross-site Scripting	CVE-2020-7108	2024-11-21 14:36	2020-01-16	Show	GitHub Exploit DB Packet Storm

202905	6.1	MEDIUM Network	etoilewebdesign	ultimate_faq	The Ultimate FAQ plugin before 1.8.30 for WordPress allows XSS via Display_FAQ to Shortcodes/DisplayFAQs.php.	CWE-79 Cross-site Scripting	CVE-2020-7107	2024-11-21 14:36	2020-01-16	Show	GitHub Exploit DB Packet Storm

202906	6.1	MEDIUM Network	cacti debian opensuse suse fedoraproject	cacti debian_linux leap backports_sle package_hub fedora extra_packages_for_enterprise_linux	Cacti 1.2.8 has stored XSS in data_sources.php, color_templates_item.php, graphs.php, graph_items.php, lib/api_automation.php, user_admin.php, and user_group_admin.php, as demonstrated by the descrip…	CWE-79 Cross-site Scripting	CVE-2020-7106	2024-11-21 14:36	2020-01-16	Show	GitHub Exploit DB Packet Storm

202907	7.5	HIGH Network	redislabs debian fedoraproject	hiredis debian_linux fedora	async.c and dict.c in libhiredis.a in hiredis through 0.14.0 allow a NULL pointer dereference because malloc return values are unchecked.	CWE-476 NULL Pointer Dereference	CVE-2020-7105	2024-11-21 14:36	2020-01-16	Show	GitHub Exploit DB Packet Storm

202908	6.5	MEDIUM Adjacent	wireshark debian	wireshark debian_linux	In Wireshark 3.0.x before 3.0.8, the BT ATT dissector could crash. This was addressed in epan/dissectors/packet-btatt.c by validating opcodes.	CWE-476 NULL Pointer Dereference	CVE-2020-7045	2024-11-21 14:36	2020-01-16	Show	GitHub Exploit DB Packet Storm

202909	7.5	HIGH Network	wireshark fedoraproject opensuse oracle	wireshark fedora leap solaris zfs_storage_appliance_kit	In Wireshark 3.2.x before 3.2.1, the WASSP dissector could crash. This was addressed in epan/dissectors/packet-wassp.c by using >= and <= to resolve off-by-one errors.	CWE-125 CWE-193 Out-of-bounds Read Off-by-one Error	CVE-2020-7044	2024-11-21 14:36	2020-01-16	Show	GitHub Exploit DB Packet Storm

202910	8.8	HIGH Network	cacti	cacti	data_input.php in Cacti 1.2.8 allows remote code execution via a crafted Input String to Data Collection -> Data Input Methods -> Unix -> Ping Host. NOTE: the vendor has stated "This is a false alarm.	CWE-20 Improper Input Validation	CVE-2020-7058	2024-11-21 14:36	2020-01-15	Show	GitHub Exploit DB Packet Storm