Vulnerability Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":June 3, 2026, 6:08 p.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
228481	7.5	危険	Zenphoto	-	Zenphoto の index.php における SQL インジェクションの脆弱性	CWE-89 SQLインジェクション	CVE-2009-4566	2012-12-20 19:28	2010-01-4	Show	GitHub Exploit DB Packet Storm

228482	6.8	警告	Zenphoto	-	Zenphoto の index.php における SQL インジェクションの脆弱性	CWE-89 SQLインジェクション	CVE-2009-4564	2012-12-20 19:28	2010-01-4	Show	GitHub Exploit DB Packet Storm

228483	4.3	警告	Zenphoto	-	Zenphoto の zp-core/admin-options.php におけるクロスサイトリクエストフォージェリの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2009-4563	2012-12-20 19:28	2010-01-4	Show	GitHub Exploit DB Packet Storm

228484	4.3	警告	Zenphoto	-	Zenphoto の zp-core/admin.php におけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2009-4562	2012-12-20 19:28	2010-01-4	Show	GitHub Exploit DB Packet Storm

228485	6.8	警告	worms-league	-	WebLeague の Admin/index.php における SQL インジェクションの脆弱性	CWE-89 SQLインジェクション	CVE-2009-4561	2012-12-20 19:28	2010-01-4	Show	GitHub Exploit DB Packet Storm

228486	7.5	危険	worms-league	-	WebLeague の profile.php における SQL インジェクションの脆弱性	CWE-89 SQLインジェクション	CVE-2009-4560	2012-12-20 19:28	2010-01-4	Show	GitHub Exploit DB Packet Storm

228487	7.2	危険	クイックヒール・テクノロジーズ・ジャパン株式会社	-	Quick Heal AntiVirus Plus 2009 などにおける権限を取得される脆弱性	CWE-264 認可・権限・アクセス制御	CVE-2009-4556	2012-12-20 19:28	2010-01-4	Show	GitHub Exploit DB Packet Storm

228488	5	警告	rjvmedia	-	iRehearse におけるスタックベースのバッファオーバーフローの脆弱性	CWE-119 バッファエラー	CVE-2009-4553	2012-12-20 19:28	2010-01-4	Show	GitHub Exploit DB Packet Storm

228489	7.5	危険	Secure Ideas	-	BASE の base_local_rules.php における任意のフォーカルファイルをインクルードされる脆弱性	CWE-noinfo 情報不足	CVE-2009-4592	2012-12-20 19:28	2009-10-4	Show	GitHub Exploit DB Packet Storm

228490	7.5	危険	Secure Ideas	-	BASE における SQL インジェクションの脆弱性	CWE-89 SQLインジェクション	CVE-2009-4591	2012-12-20 19:28	2009-10-4	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:June 3, 2026, 4:18 a.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
216201	5.5	MEDIUM Local	oppo	reno3_pro_firmware find_x2_pro_firmware	In /SM8250_Q_Master/android/vendor/oppo_charger/oppo/oppo_vooc.c, the function proc_fastchg_fw_update_write in proc_fastchg_fw_update_write does not check the parameter len, resulting in a vulnerabil…	CWE-787 Out-of-bounds Write	CVE-2020-11834	2024-11-21 13:58	2021-01-1	Show	GitHub Exploit DB Packet Storm

216202	5.5	MEDIUM Local	oppo	reno3_pro_firmware find_x2_pro_firmware	In /SM8250_Q_Master/android/vendor/oppo_charger/oppo/charger_ic/oppo_mp2650.c, the function mp2650_data_log_write in mp2650_data_log_write does not check the parameter len which causes a vulnerabilit…	CWE-787 Out-of-bounds Write	CVE-2020-11833	2024-11-21 13:58	2021-01-1	Show	GitHub Exploit DB Packet Storm

216203	5.5	MEDIUM Local	oppo	reno3_pro_firmware find_x2_pro_firmware	In functions charging_limit_current_write and charging_limit_time_write in /SM8250_Q_Master/android/vendor/oppo_charger/oppo/oppo_charger.c have not checked the parameters, which causes a vulnerabili…	CWE-787 Out-of-bounds Write	CVE-2020-11832	2024-11-21 13:58	2021-01-1	Show	GitHub Exploit DB Packet Storm

216204	3.8	LOW Local	qemu	qemu	iscsi_aio_ioctl_cb in block/iscsi.c in QEMU 4.1.0 has a heap-based buffer over-read that may disclose unrelated information from process memory to an attacker.	CWE-125 Out-of-bounds Read	CVE-2020-11947	2024-11-21 13:58	2020-12-31	Show	GitHub Exploit DB Packet Storm

216205	7.5	HIGH Network	bilanc	bilanc	An issue was discovered in Programi Bilanc build 007 release 014 31.01.2020 and possibly below. It relies on broken encryption with a weak and guessable static encryption key.	CWE-798 Use of Hard-coded Credentials	CVE-2020-11719	2024-11-21 13:58	2020-12-24	Show	GitHub Exploit DB Packet Storm

216206	9.8	CRITICAL Network	bilanc	bilanc	An issue was discovered in Programi Bilanc build 007 release 014 31.01.2020 and possibly below. During the installation, it sets up administrative access by default with the account admin and passwor…	CWE-798 Use of Hard-coded Credentials	CVE-2020-11720	2024-11-21 13:58	2020-12-24	Show	GitHub Exploit DB Packet Storm

216207	7.4	HIGH Network	bilanc	bilanc	An issue was discovered in Programi Bilanc build 007 release 014 31.01.2020 and below. Its software-update packages are downloaded via cleartext HTTP.	CWE-319 Cleartext Transmission of Sensitive Information	CVE-2020-11718	2024-11-21 13:58	2020-12-24	Show	GitHub Exploit DB Packet Storm

216208	9.8	CRITICAL Network	bilanc	bilanc	An issue was discovered in Programi 014 31.01.2020. It has multiple SQL injection vulnerabilities.	CWE-89 SQL Injection	CVE-2020-11717	2024-11-21 13:58	2020-12-22	Show	GitHub Exploit DB Packet Storm

216209	3.3	LOW Local	audacityteam fedoraproject	audacity fedora	Audacity through 2.3.3 saves temporary files to /var/tmp/audacity-$USER by default. After Audacity creates the temporary directory, it sets its permissions to 755. Any user on the system can read and…	CWE-276 Incorrect Default Permissions	CVE-2020-11867	2024-11-21 13:58	2020-12-1	Show	GitHub Exploit DB Packet Storm

216210	9.8	CRITICAL Network	oppo	ovoicemanager	OvoiceManager has system permission to write vulnerability reports for arbitrary files, affected product is com.oppo.ovoicemanager V2.0.1.	CWE-732 Incorrect Permission Assignment for Critical Resource	CVE-2020-11831	2024-11-21 13:58	2020-11-20	Show	GitHub Exploit DB Packet Storm

Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed