Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":May 29, 2026, 6 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
228861 6 警告 TWiki - TWiki におけるクロスサイトリクエストフォージェリの脆弱性 CWE-352
同一生成元ポリシー違反 		CVE-2009-1339 2012-12-20 19:10 2009-04-5 Show GitHub Exploit DB Packet Storm
228862 5 警告 サン・マイクロシステムズ - Sun Java System Directory Server および Enterprise Edition の Online Help 機能におけるファイルの一部のコンテンツを取得される脆弱性 CWE-noinfo
情報不足 		CVE-2009-1332 2012-12-20 19:10 2009-04-15 Show GitHub Exploit DB Packet Storm
228863 7.5 危険 webfileexplorer - Web File Explorer の body.asp における SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2009-1323 2012-12-20 19:10 2009-04-17 Show GitHub Exploit DB Packet Storm
228864 4.3 警告 zazzle - Zazzle Store Builder の include/zstore.php におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2009-1320 2012-12-20 19:10 2009-04-17 Show GitHub Exploit DB Packet Storm
228865 10 危険 webfileexplorer - Web File Explorer の body.asp における任意のファイルを作成される脆弱性 CWE-noinfo
情報不足 		CVE-2009-1314 2012-12-20 19:10 2009-04-16 Show GitHub Exploit DB Packet Storm
228866 5 警告 Rapid Leech - Rapidleech の upload.php における絶対パストラバーサルの脆弱性 CWE-22
パス・トラバーサル 		CVE-2009-1089 2012-12-20 19:10 2009-03-25 Show GitHub Exploit DB Packet Storm
228867 9.3 危険 pplive - PPLive の PPLive.exe における任意のコードを実行される脆弱性 CWE-20
不適切な入力確認 		CVE-2009-1087 2012-12-20 19:10 2009-03-25 Show GitHub Exploit DB Packet Storm
228868 5 警告 Piwik - Piwik における API 鍵を取得される脆弱性 CWE-264
認可・権限・アクセス制御 		CVE-2009-1085 2012-12-20 19:10 2009-03-25 Show GitHub Exploit DB Packet Storm
228869 6.4 警告 サン・マイクロシステムズ - Sun Java System IdM における脆弱性 CWE-264
認可・権限・アクセス制御 		CVE-2009-1084 2012-12-20 19:10 2009-03-19 Show GitHub Exploit DB Packet Storm
228870 6.9 警告 PulseAudio - PulseAudio の core-util.c における任意のファイルのパーミッションを変更される脆弱性 CWE-59
リンク解釈の問題 		CVE-2009-1299 2012-12-20 19:10 2010-03-18 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:May 29, 2026, 4:16 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
208181 5.5 MEDIUM
Local 		xen
debian
fedoraproject
opensuse 		xen
debian_linux
fedora
leap 		An issue was discovered in Xen through 4.14.x. There is a lack of preemption in evtchn_reset() / evtchn_destroy(). In particular, the FIFO event channel model allows guests to have a large number of … NVD-CWE-noinfo
CVE-2020-25601 2024-11-21 14:18 2020-09-24 Show GitHub Exploit DB Packet Storm
208182 5.5 MEDIUM
Local 		xen
fedoraproject
opensuse
debian 		xen
fedora
leap
debian_linux 		An issue was discovered in Xen through 4.14.x. Out of bounds event channels are available to 32-bit x86 domains. The so called 2-level event channel model imposes different limits on the number of us… CWE-787
 Out-of-bounds Write 		CVE-2020-25600 2024-11-21 14:18 2020-09-24 Show GitHub Exploit DB Packet Storm
208183 7.0 HIGH
Local 		xen
fedoraproject
opensuse
debian 		xen
fedora
leap
debian_linux 		An issue was discovered in Xen through 4.14.x. There are evtchn_reset() race conditions. Uses of EVTCHNOP_reset (potentially by a guest on itself) or XEN_DOMCTL_soft_reset (by itself covered by XSA-7… CWE-119
CWE-362
Incorrect Access of Indexable Resource ('Range Error') 
Race Condition 		CVE-2020-25599 2024-11-21 14:18 2020-09-24 Show GitHub Exploit DB Packet Storm
208184 5.5 MEDIUM
Local 		xen
fedoraproject
opensuse 		xen
fedora
leap 		An issue was discovered in Xen 4.14.x. There is a missing unlock in the XENMEM_acquire_resource error path. The RCU (Read, Copy, Update) mechanism is a synchronisation primitive. A buggy error path i… CWE-670
 Always-Incorrect Control Flow Implementation 		CVE-2020-25598 2024-11-21 14:18 2020-09-24 Show GitHub Exploit DB Packet Storm
208185 6.5 MEDIUM
Local 		xen
fedoraproject 		xen
fedora 		An issue was discovered in Xen through 4.14.x. There is mishandling of the constraint that once-valid event channels may not turn invalid. Logic in the handling of event channel operations in Xen ass… CWE-755
 Improper Handling of Exceptional Conditions 		CVE-2020-25597 2024-11-21 14:18 2020-09-24 Show GitHub Exploit DB Packet Storm
208186 5.5 MEDIUM
Local 		xen
fedoraproject
debian
opensuse 		xen
fedora
debian_linux
leap 		An issue was discovered in Xen through 4.14.x. x86 PV guest kernels can experience denial of service via SYSENTER. The SYSENTER instruction leaves various state sanitization activities to software. O… CWE-74
Injection 		CVE-2020-25596 2024-11-21 14:18 2020-09-24 Show GitHub Exploit DB Packet Storm
208187 7.8 HIGH
Local 		xen
fedoraproject
debian
opensuse 		xen
fedora
debian_linux
leap 		An issue was discovered in Xen through 4.14.x. The PCI passthrough code improperly uses register data. Code paths in Xen's MSI handling have been identified that act on unsanitized values read back f… CWE-269
 Improper Privilege Management 		CVE-2020-25595 2024-11-21 14:18 2020-09-24 Show GitHub Exploit DB Packet Storm
208188 6.1 MEDIUM
Network 		gon_project
debian
canonical 		gon
debian_linux
ubuntu_linux 		An issue was discovered in the gon gem before gon-6.4.0 for Ruby. MultiJson does not honor the escape_mode parameter to escape fields as an XSS protection mechanism. To mitigate, json_dumper.rb in go… CWE-79
Cross-site Scripting 		CVE-2020-25739 2024-11-21 14:18 2020-09-23 Show GitHub Exploit DB Packet Storm
208189 7.8 HIGH
Local 		pingidentity pingid_integration_for_windows_login PingID Integration for Windows Login before 2.4.2 allows local users to gain privileges by modifying CefSharp.BrowserSubprocess.exe. CWE-732
 Incorrect Permission Assignment for Critical Resource 		CVE-2020-25826 2024-11-21 14:18 2020-09-23 Show GitHub Exploit DB Packet Storm
208190 7.5 HIGH
Network 		peg-markdown_project peg-markdown peg-markdown 0.4.14 has a NULL pointer dereference in process_raw_blocks in markdown_lib.c. NOTE: This vulnerability only affects products that are no longer supported by the maintainer CWE-476
 NULL Pointer Dereference 		CVE-2020-25821 2024-11-21 14:18 2020-09-23 Show GitHub Exploit DB Packet Storm