Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":June 9, 2026, 6 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
228541 4.9 警告 Linux - Linux Kernel と一緒に配布される hypervkvpd におけるサービス運用妨害 (Daemon Exit) の脆弱性 CWE-noinfo
情報不足 		CVE-2012-5532 2012-12-28 11:44 2012-12-22 Show GitHub Exploit DB Packet Storm
228542 5 警告 シトリックス・システムズ - Citrix XenDesktop Virtual Desktop Agent における USB デバイスへのアクセス権を保持される脆弱性 CWE-noinfo
情報不足 		CVE-2012-6314 2012-12-28 11:20 2012-12-11 Show GitHub Exploit DB Packet Storm
228543 9.3 危険 シトリックス・システムズ - Citrix XenApp の XML Service インターフェースにおける任意のコードを実行される脆弱性 CWE-noinfo
情報不足 		CVE-2012-5161 2012-12-28 11:08 2012-12-11 Show GitHub Exploit DB Packet Storm
228544 10 危険 CA Technologies - CA IdentityMinder におけるアクセス制限を回避される脆弱性 CWE-noinfo
情報不足 		CVE-2012-6299 2012-12-28 10:58 2012-12-20 Show GitHub Exploit DB Packet Storm
228545 10 危険 CA Technologies - CA IdentityMinder における任意のコマンドを実行される脆弱性 CWE-noinfo
情報不足 		CVE-2012-6298 2012-12-28 10:57 2012-12-20 Show GitHub Exploit DB Packet Storm
228546 5 警告 DELL EMC (旧 EMC Corporation) - EMC Data Protection Advisor におけるディレクトリトラバーサルの脆弱性 CWE-22
パス・トラバーサル 		CVE-2012-4616 2012-12-28 10:40 2012-12-26 Show GitHub Exploit DB Packet Storm
228547 7.2 危険 IBM - IBM z/OS 上で稼働する Tivoli NetView における権限を取得される脆弱性 CWE-264
認可・権限・アクセス制御 		CVE-2012-5951 2012-12-28 10:38 2012-12-21 Show GitHub Exploit DB Packet Storm
228548 4.3 警告 CA Technologies - CA SiteMinder にクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2011-4054 2012-12-27 16:36 2011-12-8 Show GitHub Exploit DB Packet Storm
228549 10 危険 NetIQ - NetIQ eDirectory の Novell NCP の実装におけるスタックベースのバッファオーバーフローの脆弱性 CWE-119
バッファエラー 		CVE-2012-0432 2012-12-27 14:20 2012-12-26 Show GitHub Exploit DB Packet Storm
228550 6.4 警告 NetIQ - Windows 上で稼働する NetIQ eDirectory における認証チェックを回避される脆弱性 CWE-noinfo
情報不足 		CVE-2012-0430 2012-12-27 14:20 2012-12-18 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:June 9, 2026, 4:16 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
207531 6.1 MEDIUM
Network 		uncannyowl uncanny_groups_for_learndash Multiple cross-site scripting (XSS) vulnerabilities in Uncanny Groups for LearnDash before v3.7 allow authenticated remote attackers to inject arbitrary JavaScript or HTML via the ulgm_code_redeem PO… CWE-79
Cross-site Scripting 		CVE-2020-35650 2024-11-21 14:27 2020-12-24 Show GitHub Exploit DB Packet Storm
207532 7.5 HIGH
Network 		mersive solstice_firmware In Solstice Pod before 3.0.3, the firmware can easily be decompiled/disassembled. The decompiled/disassembled files contain non-obfuscated code. NOTE: it is unclear whether lack of obfuscation is dir… NVD-CWE-noinfo
CVE-2020-35587 2024-11-21 14:27 2020-12-24 Show GitHub Exploit DB Packet Storm
207533 7.5 HIGH
Network 		mersive solstice_pod_firmware In Solstice Pod before 3.3.0 (or Open4.3), the Administrator password can be enumerated using brute-force attacks via the /Config/service/initModel?password= Solstice Open Control API because there i… CWE-307
mproper Restriction of Excessive Authentication Attempts 		CVE-2020-35586 2024-11-21 14:27 2020-12-24 Show GitHub Exploit DB Packet Storm
207534 7.5 HIGH
Network 		mersive solstice_pod_firmware In Solstice Pod before 3.3.0 (or Open4.3), the screen key can be enumerated using brute-force attacks via the /lookin/info Solstice Open Control API because there are only 1.7 million possibilities. CWE-307
mproper Restriction of Excessive Authentication Attempts 		CVE-2020-35585 2024-11-21 14:27 2020-12-24 Show GitHub Exploit DB Packet Storm
207535 5.9 MEDIUM
Network 		mersive solstice_pod_firmware In Solstice Pod before 3.0.3, the web services allow users to connect to them over unencrypted channels via the Browser Look-in feature. An attacker suitably positioned to view a legitimate user's ne… CWE-319
Cleartext Transmission of Sensitive Information 		CVE-2020-35584 2024-11-21 14:27 2020-12-24 Show GitHub Exploit DB Packet Storm
207536 5.3 MEDIUM
Network 		titanhq spamtitan SpamTitan before 7.09 allows attackers to tamper with backups, because backups are not encrypted. CWE-552
CWE-312
 Files or Directories Accessible to External Parties
 Cleartext Storage of Sensitive Information 		CVE-2020-35658 2024-11-21 14:27 2020-12-23 Show GitHub Exploit DB Packet Storm
207537 7.2 HIGH
Network 		jaws_project jaws Jaws through 1.8.0 allows remote authenticated administrators to execute arbitrary code via crafted use of UploadTheme to upload a theme ZIP archive containing a .php file that is able to execute OS … CWE-434
 Unrestricted Upload of File with Dangerous Type  		CVE-2020-35657 2024-11-21 14:27 2020-12-23 Show GitHub Exploit DB Packet Storm
207538 7.2 HIGH
Network 		jaws_project jaws Jaws through 1.8.0 allows remote authenticated administrators to execute arbitrary code via crafted use of admin.php?reqGadget=Components&reqAction=InstallGadget&comp=FileBrowser and admin.php?reqGad… CWE-434
 Unrestricted Upload of File with Dangerous Type  		CVE-2020-35656 2024-11-21 14:27 2020-12-23 Show GitHub Exploit DB Packet Storm
207539 5.5 MEDIUM
Local 		microsoft azure_sphere A denial-of-service vulnerability exists in the asynchronous ioctl functionality of Microsoft Azure Sphere 20.05. A sequence of specially crafted ioctl calls can cause a denial of service. An attacke… CWE-835
 Loop with Unreachable Exit Condition ('Infinite Loop') 		CVE-2020-35609 2024-11-21 14:27 2020-12-23 Show GitHub Exploit DB Packet Storm
207540 7.8 HIGH
Local 		microsoft azure_sphere A code execution vulnerability exists in the normal world’s signed code execution functionality of Microsoft Azure Sphere 20.07. A specially crafted AF_PACKET socket can cause a process to create an … CWE-74
Injection 		CVE-2020-35608 2024-11-21 14:27 2020-12-23 Show GitHub Exploit DB Packet Storm