Vulnerability Search Top

Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

Vulnerability Information Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":May 30, 2026, 6 p.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
228301	9.3	危険	wikipedia	-	Firefox の Wikipedia Toolbar エクステンションにおける Chrome 権限を伴う任意の JavaScript を実行される脆弱性	CWE-94 コード・インジェクション	CVE-2009-4127	2012-12-20 19:28	2009-12-2	Show	GitHub Exploit DB Packet Storm

228302	10	危険	Ruby-lang.org	-	Ruby の string.c におけるヒープベースのバッファオーバーフローの脆弱性	CWE-119 バッファエラー	CVE-2009-4124	2012-12-20 19:28	2009-12-11	Show	GitHub Exploit DB Packet Storm

228303	3.5	注意	TYPSoft	-	TYPSoft FTP Server におけるサービス運用妨害 (DoS) の脆弱性	CWE-20 不適切な入力確認	CVE-2009-4105	2012-12-20 19:28	2009-11-29	Show	GitHub Exploit DB Packet Storm

228304	9.3	危険	robo-ftp	-	Robo-FTP におけるバッファオーバーフローの脆弱性	CWE-119 バッファエラー	CVE-2009-4103	2012-12-20 19:28	2009-11-29	Show	GitHub Exploit DB Packet Storm

228305	9.3	危険	Yoono	-	Firefox 用の Yoono における任意のコマンドを実行される脆弱性	CWE-20 不適切な入力確認	CVE-2009-4100	2012-12-20 19:28	2009-11-29	Show	GitHub Exploit DB Packet Storm

228306	7.5	危険	scriptlerim	-	RADIO istek scripti におけるユーザの資格情報を取得される脆弱性	CWE-255 証明書・パスワード管理	CVE-2009-4096	2012-12-20 19:28	2009-11-29	Show	GitHub Exploit DB Packet Storm

228307	4.3	警告	simplog	-	Simplog の comments.php におけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2009-4093	2012-12-20 19:28	2009-11-29	Show	GitHub Exploit DB Packet Storm

228308	6.8	警告	simplog	-	Simplog の user.php におけるクロスサイトリクエストフォージェリの脆弱性	CWE-352 同一生成元ポリシー違反	CVE-2009-4092	2012-12-20 19:28	2009-11-29	Show	GitHub Exploit DB Packet Storm

228309	5	警告	simplog	-	Simplog の comments.php におけるコメントを編集される脆弱性	CWE-264 認可・権限・アクセス制御	CVE-2009-4091	2012-12-20 19:28	2009-11-29	Show	GitHub Exploit DB Packet Storm

228310	7.5	危険	telepark	-	telepark.wiki の ajax/addComment.php における任意のコードを実行される脆弱性	CWE-20 不適切な入力確認	CVE-2009-4090	2012-12-20 19:28	2009-11-29	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:May 30, 2026, 4:16 a.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
207991	7.5	HIGH Network	apereo	central_authentication_service	Apereo CAS 5.3.x before 5.3.16, 6.x before 6.1.7.2, 6.2.x before 6.2.4, and 6.3.x before 6.3.0-RC4 mishandles secret keys with Google Authenticator for multifactor authentication.	NVD-CWE-noinfo	CVE-2020-27178	2024-11-21 14:20	2020-10-17	Show	GitHub Exploit DB Packet Storm

207992	5.4	MEDIUM Network	testimonial_rotator_project	testimonial_rotator	Testimonial Rotator Wordpress Plugin 3.0.2 is affected by Cross Site Scripting (XSS) in /wp-admin/post.php. If a user intercepts a request and inserts a payload in "cite" parameter, the payload will …	CWE-79 Cross-site Scripting	CVE-2020-26672	2024-11-21 14:20	2020-10-17	Show	GitHub Exploit DB Packet Storm

207993	9.8	CRITICAL Network	aptean	product_configurator	An issue was discovered in Aptean Product Configurator 4.61.0000 on Windows. A Time based SQL injection affects the nameTxt parameter on the main login page (aka cse?cmd=LOGIN). This can be exploited…	CWE-89 SQL Injection	CVE-2020-26944	2024-11-21 14:20	2020-10-16	Show	GitHub Exploit DB Packet Storm

207994	8.8	HIGH Network	libass_project	libass	In libass 0.14.0, the `ass_outline_construct`'s call to `outline_stroke` causes a signed integer overflow.	CWE-190 Integer Overflow or Wraparound	CVE-2020-26682	2024-11-21 14:20	2020-10-16	Show	GitHub Exploit DB Packet Storm

207995	7.8	HIGH Local	clamxav	clamxav	An issue was discovered in ClamXAV 3 before 3.1.1. A malicious actor could use a properly signed copy of ClamXAV 2 (running with an injected malicious dylib) to communicate with ClamXAV 3's helper to…	CWE-345 Insufficient Verification of Data Authenticity	CVE-2020-26893	2024-11-21 14:20	2020-10-16	Show	GitHub Exploit DB Packet Storm

207996	9.9	CRITICAL Network	openstack	blazar-dashboard	An issue was discovered in OpenStack blazar-dashboard before 1.3.1, 2.0.0, and 3.0.0. A user allowed to access the Blazar dashboard in Horizon may trigger code execution on the Horizon host as the us…	NVD-CWE-noinfo	CVE-2020-26943	2024-11-21 14:20	2020-10-16	Show	GitHub Exploit DB Packet Storm

207997	9.6	CRITICAL Network	marktext	marktext	Mutation XSS exists in Mark Text through 0.16.2 that leads to Remote Code Execution. NOTE: this might be considered a duplicate of CVE-2020-26870; however, it can also be considered an issue in the d…	CWE-79 Cross-site Scripting	CVE-2020-27176	2024-11-21 14:20	2020-10-16	Show	GitHub Exploit DB Packet Storm

207998	7.5	HIGH Network	amazon	firecracker	In Amazon AWS Firecracker before 0.21.3, and 0.22.x before 0.22.1, the serial console buffer can grow its memory usage without limit when data is sent to the standard input. This can result in a memo…	CWE-401 Missing Release of Memory after Effective Lifetime	CVE-2020-27174	2024-11-21 14:20	2020-10-16	Show	GitHub Exploit DB Packet Storm

207999	7.5	HIGH Network	vm-superio_project	vm-superio	In vm-superio before 0.1.1, the serial console FIFO can grow to unlimited memory usage when data is sent to the input source (i.e., standard input). This behavior cannot be reproduced from the guest …	CWE-770 Allocation of Resources Without Limits or Throttling	CVE-2020-27173	2024-11-21 14:20	2020-10-16	Show	GitHub Exploit DB Packet Storm

208000	6.1	MEDIUM Network	phpredisadmin_project	phpredisadmin	phpRedisAdmin before 1.13.2 allows XSS via the login.php username parameter.	CWE-79 Cross-site Scripting	CVE-2020-27163	2024-11-21 14:20	2020-10-16	Show	GitHub Exploit DB Packet Storm