Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":June 20, 2026, 6 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
231281 5 警告 サン・マイクロシステムズ - Sun Java System IdM における重要な情報を取得される脆弱性 CWE-310
暗号の問題 		CVE-2009-1074 2012-12-20 19:10 2009-03-19 Show GitHub Exploit DB Packet Storm
231282 9.3 危険 randomsoftware - Icarus におけるスタックベースのバッファオーバーフローの脆弱性 CWE-119
バッファエラー 		CVE-2009-1071 2012-12-20 19:10 2009-03-26 Show GitHub Exploit DB Packet Storm
231283 9.3 危険 powerzip - Trident PowerZip におけるスタックベースのバッファオーバーフローの脆弱性 CWE-119
バッファエラー 		CVE-2009-1059 2012-12-20 19:10 2009-03-24 Show GitHub Exploit DB Packet Storm
231284 10 危険 zipgenius - ZipGenius におけるスタックベースのバッファオーバーフローの脆弱性 CWE-119
バッファエラー 		CVE-2009-1058 2012-12-20 19:10 2009-03-24 Show GitHub Exploit DB Packet Storm
231285 4 警告 Sitecore - Sitecore CMS の Web サービスにおけるセキュリティデータベースへのアクセス権を取得される脆弱性 CWE-Other
その他 		CVE-2009-1055 2012-12-20 19:10 2009-03-24 Show GitHub Exploit DB Packet Storm
231286 10 危険 snom - snom VoIP phones snom 300 などの Web インターフェースにおける認証を回避される脆弱性 CWE-287
不適切な認証 		CVE-2009-1048 2012-12-20 19:10 2009-08-14 Show GitHub Exploit DB Packet Storm
231287 9.3 危険 winasm - WinAsm Studio におけるバッファオーバーフローの脆弱性 CWE-119
バッファエラー 		CVE-2009-1040 2012-12-20 19:10 2009-03-20 Show GitHub Exploit DB Packet Storm
231288 6.5 警告 yap - YAP Blog における SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2009-1038 2012-12-20 19:10 2009-03-20 Show GitHub Exploit DB Packet Storm
231289 7.5 危険 YABSoft - YABSoft AIH Script の gallery_list.php における SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2009-1032 2012-12-20 19:10 2009-03-20 Show GitHub Exploit DB Packet Storm
231290 7.8 危険 Rhino Software - Rhino Software Serv-U File Server の FTP サーバにおけるディレクトリトラバーサルの脆弱性 CWE-22
パス・トラバーサル 		CVE-2009-1031 2012-12-20 19:10 2009-03-19 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:June 20, 2026, 4:01 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
209331 9.8 CRITICAL
Network 		hgiga msr45_isherlock-user
ssr45_isherlock-user 		HGiga MailSherlock does not validate specific parameters properly. Attackers can use the vulnerability to launch Command inject attacks remotely and execute arbitrary commands of the system. CWE-78
OS Command  		CVE-2020-35851 2024-11-21 14:28 2020-12-31 Show GitHub Exploit DB Packet Storm
209332 7.5 HIGH
Network 		mantisbt mantisbt An issue was discovered in MantisBT before 2.24.4. An incorrect access check in bug_revision_view_page.php allows an unprivileged attacker to view the Summary field of private issues, as well as bugn… CWE-639
 Authorization Bypass Through User-Controlled Key 		CVE-2020-35849 2024-11-21 14:28 2020-12-31 Show GitHub Exploit DB Packet Storm
209333 6.5 MEDIUM
Network 		cockpit-project cockpit An SSRF issue was discovered in cockpit-project.org Cockpit 234. NOTE: this is unrelated to the Agentejo Cockpit product. NOTE: the vendor states "I don't think [it] is a big real-life issue. CWE-918
Server-Side Request Forgery (SSRF)  		CVE-2020-35850 2024-11-21 14:28 2020-12-30 Show GitHub Exploit DB Packet Storm
209334 9.8 CRITICAL
Network 		agentejo cockpit Agentejo Cockpit before 0.11.2 allows NoSQL injection via the Controller/Auth.php newpassword function. CWE-89
SQL Injection 		CVE-2020-35848 2024-11-21 14:28 2020-12-30 Show GitHub Exploit DB Packet Storm
209335 9.8 CRITICAL
Network 		agentejo cockpit Agentejo Cockpit before 0.11.2 allows NoSQL injection via the Controller/Auth.php resetpassword function. CWE-89
SQL Injection 		CVE-2020-35847 2024-11-21 14:28 2020-12-30 Show GitHub Exploit DB Packet Storm
209336 9.8 CRITICAL
Network 		agentejo cockpit Agentejo Cockpit before 0.11.2 allows NoSQL injection via the Controller/Auth.php check function. CWE-89
SQL Injection 		CVE-2020-35846 2024-11-21 14:28 2020-12-30 Show GitHub Exploit DB Packet Storm
209337 5.4 MEDIUM
Network 		netgear d6200_firmware
d7000_firmware
jnr1010v2_firmware
jr6150_firmware
jwnr2010v5_firmware
r6020_firmware
r6050_firmware
r6080_firmware
r6120_firmware
r6220_firmware
r6260_fir… 		Certain NETGEAR devices are affected by stored XSS. This affects D6200 before 1.1.00.38, D7000 before 1.0.1.78, JNR1010v2 before 1.1.0.62, JR6150 before 1.0.1.24, JWNR2010v5 before 1.1.0.62, R6020 be… CWE-79
Cross-site Scripting 		CVE-2020-35842 2024-11-21 14:28 2020-12-30 Show GitHub Exploit DB Packet Storm
209338 7.6 HIGH
Network 		netgear d6200_firmware
d7000_firmware
jnr1010v2_firmware
jr6150_firmware
jwnr2010v5_firmware
r6020_firmware
r6050_firmware
r6080_firmware
r6120_firmware
r6220_firmware
r6260_fir… 		Certain NETGEAR devices are affected by stored XSS. This affects D6200 before 1.1.00.38, D7000 before 1.0.1.78, JNR1010v2 before 1.1.0.62, JR6150 before 1.0.1.24, JWNR2010v5 before 1.1.0.62, R6020 be… CWE-79
Cross-site Scripting 		CVE-2020-35841 2024-11-21 14:28 2020-12-30 Show GitHub Exploit DB Packet Storm
209339 5.4 MEDIUM
Network 		netgear d6200_firmware
d7000_firmware
jnr1010v2_firmware
jr6150_firmware
jwnr2010v5_firmware
r6020_firmware
r6050_firmware
r6080_firmware
r6120_firmware
r6220_firmware
r6260_fir… 		Certain NETGEAR devices are affected by stored XSS. This affects D6200 before 1.1.00.38, D7000 before 1.0.1.78, JNR1010v2 before 1.1.0.62, JR6150 before 1.0.1.24, JWNR2010v5 before 1.1.0.62, R6020 be… CWE-79
Cross-site Scripting 		CVE-2020-35840 2024-11-21 14:28 2020-12-30 Show GitHub Exploit DB Packet Storm
209340 8.1 HIGH
Network 		netgear d7800_firmware
r7500v2_firmware
r7800_firmware
r8900_firmware
r9000_firmware
xr500_firmware
xr700_firmware
rax120_firmware 		Certain NETGEAR devices are affected by Stored XSS. This affects D7800 before 1.0.1.56, R7500v2 before 1.0.3.46, R7800 before 1.0.2.68, R8900 before 1.0.4.28, R9000 before 1.0.4.28, XR500 before 2.3.… CWE-79
Cross-site Scripting 		CVE-2020-35839 2024-11-21 14:28 2020-12-30 Show GitHub Exploit DB Packet Storm