Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":June 10, 2026, 6 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
228351 8.5 危険 (複数のベンダ) - HP/H3C 製および Huawei 製ネットワーク機器にアクセス制限不備の脆弱性 CWE-200
情報漏えい 		CVE-2012-3268 2013-02-8 15:02 2012-10-25 Show GitHub Exploit DB Packet Storm
228352 2.6 注意 サイボウズ - サイボウズ ガルーンにおけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2013-0702 2013-02-8 12:01 2013-02-8 Show GitHub Exploit DB Packet Storm
228353 6.5 警告 サイボウズ - サイボウズ ガルーンにおける SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2013-0701 2013-02-8 12:01 2013-02-8 Show GitHub Exploit DB Packet Storm
228354 4.3 警告 Tobias Bathge - WordPress 用 WP-Table Reloaded モジュール におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2013-1463 2013-02-8 11:19 2013-01-27 Show GitHub Exploit DB Packet Storm
228355 6.8 警告 アップル - 複数の Apple 製品で使用される WebKit における任意のコードを実行される脆弱性 CWE-noinfo
情報不足 		CVE-2012-3684 2013-02-7 17:53 2012-09-13 Show GitHub Exploit DB Packet Storm
228356 10 危険 シスコシステムズ - Cisco Unified IP Phone 7900 シリーズにおける任意のコードを実行される脆弱性 CWE-noinfo
情報不足 		CVE-2012-5445 2013-02-7 17:40 2012-12-28 Show GitHub Exploit DB Packet Storm
228357 10 危険 Mozilla Foundation - 複数の Mozilla 製品のブラウザエンジンにおけるサービス運用妨害 (DoS) の脆弱性 CWE-noinfo
情報不足 		CVE-2013-0770 2013-02-7 17:40 2013-01-8 Show GitHub Exploit DB Packet Storm
228358 6.8 警告 アップル - Apple iOS の ImageIO におけるメモリ二重解放の脆弱性 CWE-399
リソース管理の問題 		CVE-2012-3726 2013-02-7 17:27 2012-09-20 Show GitHub Exploit DB Packet Storm
228359 3.3 注意 アップル - Apple iOS の DHCP コンポーネントにおける重要な情報を取得される脆弱性 CWE-200
情報漏えい 		CVE-2012-3725 2013-02-7 17:20 2012-09-20 Show GitHub Exploit DB Packet Storm
228360 6.8 警告 アップル - 複数の Apple 製品で使用される CoreMedia におけるサービス運用妨害 (アプリケーションクラッシュ) の脆弱性 CWE-399
リソース管理の問題 		CVE-2012-3722 2013-02-7 17:11 2012-09-20 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:June 10, 2026, 5 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
207371 7.5 HIGH
Network 		fasterxml
oracle
debian
netapp 		jackson-databind
weblogic_server
commerce_platform
utilities_framework
peoplesoft_enterprise_peopletools
primavera_unifier
sd-wan_edge
coherence
global_lifecycle_management_ne… 		jackson-databind before 2.13.0 allows a Java StackOverflow exception and denial of service via a large depth of nested objects. CWE-787
 Out-of-bounds Write 		CVE-2020-36518 2024-11-21 14:29 2022-03-11 Show GitHub Exploit DB Packet Storm
207372 7.5 HIGH
Network 		home-assistant home-assistant An information leak in Nabu Casa Home Assistant Operating System and Home Assistant Supervised 2022.03 allows a DNS operator to gain knowledge about internal network resources via the hardcoded DNS r… CWE-203
 Information Exposure Through Discrepancy 		CVE-2020-36517 2024-11-21 14:29 2022-03-11 Show GitHub Exploit DB Packet Storm
207373 6.1 MEDIUM
Network 		codetipi 15zine The 15Zine WordPress theme before 3.3.0 does not sanitise and escape the cbi parameter before outputing it back in the response via the cb_s_a AJAX action, leading to a Reflected Cross-Site Scripting - CVE-2020-36510 2024-11-21 14:29 2022-02-28 Show GitHub Exploit DB Packet Storm
207374 5.9 MEDIUM
Network 		linux
netapp 		linux_kernel
solidfire_\&_hci_management_node
cloud_volumes_ontap_mediator
solidfire\
_enterprise_sds_\&_hci_storage_node
e-series_santricity_os_controller
h300s_firmware 		An issue was discovered in the Linux kernel through 5.16.11. The mixed IPID assignment method with the hash-based IPID assignment policy allows an off-path attacker to inject data into a victim's TCP… CWE-327
 Use of a Broken or Risky Cryptographic Algorithm 		CVE-2020-36516 2024-11-21 14:29 2022-02-26 Show GitHub Exploit DB Packet Storm
207375 9.8 CRITICAL
Network 		acc_reader_project acc_reader An issue was discovered in the acc_reader crate through 2020-12-27 for Rust. fill_buf may read from uninitialized memory locations. CWE-908
 Use of Uninitialized Resource 		CVE-2020-36514 2024-11-21 14:29 2021-12-27 Show GitHub Exploit DB Packet Storm
207376 9.8 CRITICAL
Network 		acc_reader_project acc_reader An issue was discovered in the acc_reader crate through 2020-12-27 for Rust. read_up_to may read from uninitialized memory locations. CWE-908
 Use of Uninitialized Resource 		CVE-2020-36513 2024-11-21 14:29 2021-12-27 Show GitHub Exploit DB Packet Storm
207377 9.8 CRITICAL
Network 		buffoon_project buffoon An issue was discovered in the buffoon crate through 2020-12-31 for Rust. InputStream::read_exact may read from uninitialized memory locations. CWE-908
 Use of Uninitialized Resource 		CVE-2020-36512 2024-11-21 14:29 2021-12-27 Show GitHub Exploit DB Packet Storm
207378 7.5 HIGH
Network 		bite_project bite An issue was discovered in the bite crate through 2020-12-31 for Rust. read::BiteReadExpandedExt::read_framed_max may read from uninitialized memory locations. CWE-908
 Use of Uninitialized Resource 		CVE-2020-36511 2024-11-21 14:29 2021-12-27 Show GitHub Exploit DB Packet Storm
207379 6.5 MEDIUM
Network 		delete_all_comments_easily_project delete_all_comments_easily The Delete All Comments Easily WordPress plugin through 1.3 is lacking Cross-Site Request Forgery (CSRF) checks, which could result in an unauthenticated attacker making a logged in admin delete all … - CVE-2020-36505 2024-11-21 14:29 2021-11-1 Show GitHub Exploit DB Packet Storm
207380 6.5 MEDIUM
Network 		wp-pro-quiz_project wp-pro-quiz The WP-Pro-Quiz WordPress plugin through 0.37 does not have CSRF check in place when deleting a quiz, which could allow an attacker to make a logged in admin delete arbitrary quiz on the blog - CVE-2020-36504 2024-11-21 14:29 2021-11-1 Show GitHub Exploit DB Packet Storm