Vulnerability Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":June 9, 2026, 6 p.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
229011	7.5	危険	phpscripte24	-	Multi Auktions Komplett System の auktion.php における SQL インジェクションの脆弱性	CWE-89 SQLインジェクション	CVE-2010-1270	2012-12-20 19:29	2010-04-6	Show	GitHub Exploit DB Packet Storm

229012	7.5	危険	phpscripte24	-	phpscripte24 Niedrig Gebote Pro Auktions System II の auktion.php における SQL インジェクションの脆弱性	CWE-89 SQLインジェクション	CVE-2010-1269	2012-12-20 19:29	2010-04-6	Show	GitHub Exploit DB Packet Storm

229013	6.8	警告	stafford.uklinux	-	libESMTP の smtp-tls.c における信頼済み証明書を偽装される脆弱性	CWE-310 暗号の問題	CVE-2010-1194	2012-12-20 19:29	2010-03-31	Show	GitHub Exploit DB Packet Storm

229014	6.8	警告	stafford.uklinux	-	libESMTP における任意の SSL サーバになりすまされる脆弱性	CWE-310 暗号の問題	CVE-2010-1192	2012-12-20 19:29	2010-03-31	Show	GitHub Exploit DB Packet Storm

229015	6.4	警告	sahanafoundation	-	Sahana 災害管理システムにおけるアクセス制限を回避される脆弱性	CWE-287 不適切な認証	CVE-2010-1191	2012-12-20 19:29	2010-03-31	Show	GitHub Exploit DB Packet Storm

229016	10	危険	SAP	-	SAP MaxDB の serv.exe におけるスタックベースのバッファオーバーフローの脆弱性	CWE-119 バッファエラー	CVE-2010-1185	2012-12-20 19:29	2010-03-29	Show	GitHub Exploit DB Packet Storm

229017	3.3	注意	サン・マイクロシステムズ	-	Oracle Solaris の特定の patch-installation スクリプトにおける任意のファイルへのデータを追加される脆弱性	CWE-59 リンク解釈の問題	CVE-2010-1183	2012-12-20 19:29	2010-03-29	Show	GitHub Exploit DB Packet Storm

229018	4.3	警告	phpmysite	-	phpMySite の contact.php におけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2010-1091	2012-12-20 19:29	2010-03-24	Show	GitHub Exploit DB Packet Storm

229019	7.5	危険	phpmysite	-	phpMySite の index.php における SQL インジェクションの脆弱性	CWE-89 SQLインジェクション	CVE-2010-1090	2012-12-20 19:29	2010-03-24	Show	GitHub Exploit DB Packet Storm

229020	7.5	危険	phptroubleticket	-	PHP Trouble Ticket の vedi_faq.php における SQL インジェクションの脆弱性	CWE-89 SQLインジェクション	CVE-2010-1089	2012-12-20 19:29	2010-03-24	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:June 10, 2026, 5 a.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
209411	5.4	MEDIUM Network	online_examination_system_project	online_examination_system	Cross-site scripting (XSS) vulnerability in Online Examination System 1.0 via the subject or feedback parameter to feedback.php.	CWE-79 Cross-site Scripting	CVE-2020-29259	2024-11-21 14:23	2020-12-10	Show	GitHub Exploit DB Packet Storm

209412	6.1	MEDIUM Network	online_examination_system_project	online_examination_system	Cross-site scripting (XSS) vulnerability in Online Examination System 1.0 via the w parameter to index.php.	CWE-79 Cross-site Scripting	CVE-2020-29258	2024-11-21 14:23	2020-12-10	Show	GitHub Exploit DB Packet Storm

209413	6.1	MEDIUM Network	online_examination_system_project	online_examination_system	Cross-site scripting (XSS) vulnerability in Online Examination System 1.0 via the q parameter to feedback.php.	CWE-79 Cross-site Scripting	CVE-2020-29257	2024-11-21 14:23	2020-12-10	Show	GitHub Exploit DB Packet Storm

209414	7.5	HIGH Network	plummac	ik-401_firmware	An improper webserver configuration on Plum IK-401 devices with firmware before 1.02 allows an attacker (with network access to the device) to obtain the configuration file, including hashed credenti…	CWE-306 Missing Authentication for Critical Function	CVE-2020-28946	2024-11-21 14:23	2020-12-9	Show	GitHub Exploit DB Packet Storm

209415	5.5	MEDIUM Local	nlnetlabs debian	unbound name_server_daemon debian_linux	NLnet Labs Unbound, up to and including version 1.12.0, and NLnet Labs NSD, up to and including version 4.3.3, contain a local vulnerability that would allow for a local symlink attack. When writing …	CWE-59 Link Following	CVE-2020-28935	2024-11-21 14:23	2020-12-8	Show	GitHub Exploit DB Packet Storm

209416	6.1	MEDIUM Network	seeddms	seeddms	Cross-site scripting (XSS) exists in SeedDMS 6.0.13 via the folderid parameter to views/bootstrap/class.DropFolderChooser.php.	CWE-79 Cross-site Scripting	CVE-2020-28727	2024-11-21 14:23	2020-12-7	Show	GitHub Exploit DB Packet Storm

209417	7.8	HIGH Local	kaspersky	anti-ransomware_tool	The installer of Kaspersky Anti-Ransomware Tool (KART) prior to KART 4.0 Patch C was vulnerable to a DLL hijacking attack that allowed an attacker to elevate privileges during installation process.	CWE-427 Uncontrolled Search Path Element	CVE-2020-28950	2024-11-21 14:23	2020-12-5	Show	GitHub Exploit DB Packet Storm

209418	5.5	MEDIUM Local	qemu debian	qemu debian_linux	hw/net/e1000e_core.c in QEMU 5.0.0 has an infinite loop via an RX descriptor with a NULL buffer address.	CWE-835 Loop with Unreachable Exit Condition ('Infinite Loop')	CVE-2020-28916	2024-11-21 14:23	2020-12-4	Show	GitHub Exploit DB Packet Storm

209419	2.7	LOW Network	lightbend	play_framework	An issue was discovered in Play Framework 2.8.0 through 2.8.4. Carefully crafted JSON payloads sent as a form field lead to Data Amplification. This affects users migrating from a Play version prior …	NVD-CWE-Other	CVE-2020-28923	2024-11-21 14:23	2020-12-4	Show	GitHub Exploit DB Packet Storm

209420	7.2	HIGH Network	openclinic_project	openclinic	OpenClinic version 0.8.2 is affected by a medical/test_new.php insecure file upload vulnerability. This vulnerability allows authenticated users (with substantial privileges) to upload malicious file…	CWE-434 Unrestricted Upload of File with Dangerous Type	CVE-2020-28939	2024-11-21 14:23	2020-12-4	Show	GitHub Exploit DB Packet Storm

Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed