Vulnerability Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":June 17, 2026, 6 p.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
244291	6.8	警告	FFmpeg Libav	-	FFmpeg および Libav の libavcodec の atrac3.c におけるサービス運用妨害 (DoS) の脆弱性	CWE-20 不適切な入力確認	CVE-2012-0853	2012-08-22 14:28	2012-03-15	Show	GitHub Exploit DB Packet Storm

244292	6.8	警告	FFmpeg Libav	-	FFmpeg および Libav の libavcodec の adpcm.c におけるサービス運用妨害 (DoS) の脆弱性	CWE-119 バッファエラー	CVE-2012-0852	2012-08-22 14:27	2012-06-9	Show	GitHub Exploit DB Packet Storm

244293	6.8	警告	FFmpeg Libav	-	FFmpeg および Libav の libavcodec の h264_ps.c におけるサービス運用妨害 (DoS) の脆弱性	CWE-119 バッファエラー	CVE-2012-0851	2012-08-22 14:04	2012-06-9	Show	GitHub Exploit DB Packet Storm

244294	6.8	警告	FFmpeg Libav	-	FFmpeg および Libav の libavcodec の kmvc.c におけるサービス運用妨害 (DoS) の脆弱性	CWE-20 不適切な入力確認	CVE-2011-3952	2012-08-22 14:02	2012-01-27	Show	GitHub Exploit DB Packet Storm

244295	6.8	警告	FFmpeg Libav	-	FFmpeg および Libav の libavcodec 内の dpcm.c におけるサービス運用妨害 (DoS) の脆弱性	CWE-119 バッファエラー	CVE-2011-3951	2012-08-22 13:52	2012-01-27	Show	GitHub Exploit DB Packet Storm

244296	6.8	警告	FFmpeg Libav	-	FFmpeg および Libav の libavcodec 内の mjpegbdec.c におけるバッファオーバーフローの脆弱性	CWE-119 バッファエラー	CVE-2011-3947	2012-08-22 12:33	2012-01-27	Show	GitHub Exploit DB Packet Storm

244297	6.8	警告	FFmpeg Libav	-	FFmpeg および Libav の libavcodec におけるサービス運用妨害 (DoS) の脆弱性	CWE-119 バッファエラー	CVE-2011-3940	2012-08-22 12:30	2012-01-27	Show	GitHub Exploit DB Packet Storm

244298	4.3	警告	FFmpeg Libav	-	FFmpeg および Libav の libavcodec におけるサービス運用妨害 (DoS) の脆弱性	CWE-20 不適切な入力確認	CVE-2011-3936	2012-08-22 12:29	2012-01-27	Show	GitHub Exploit DB Packet Storm

244299	6.8	警告	FFmpeg Libav	-	FFmpeg および Libav の libavcodec におけるサービス運用妨害 (DoS) の脆弱性	CWE-119 バッファエラー	CVE-2011-3929	2012-08-22 12:19	2012-01-27	Show	GitHub Exploit DB Packet Storm

244300	10	危険	アドビシステムズ	-	Windows および Mac OS X 上の Adobe Reader および Acrobat における任意のコードを実行される脆弱性	CWE-119 バッファエラー	CVE-2012-4160	2012-08-21 18:30	2012-08-14	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:June 17, 2026, 4:19 a.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
218351	8.8	HIGH Network	irfanview	irfanview	IrfanView 4.54 allows a user-mode write access violation starting at FORMATS!GetPlugInInfo+0x0000000000038ed4.	NVD-CWE-noinfo	CVE-2020-13905	2024-11-21 14:02	2020-06-11	Show	GitHub Exploit DB Packet Storm

218352	5.4	MEDIUM Network	enhancesoft	osticket	scp/categories.php in osTicket 1.14.2 allows XSS via a Knowledgebase Category Name or Category Description. The attacker must be an Agent.	CWE-79 Cross-site Scripting	CVE-2020-14012	2024-11-21 14:02	2020-06-11	Show	GitHub Exploit DB Packet Storm

218353	6.1	MEDIUM Network	laborator	xenon	The Laborator Xenon theme 1.3 for WordPress allows Reflected XSS via the data/typeahead-generate.php q (aka name) parameter.	CWE-79 Cross-site Scripting	CVE-2020-14010	2024-11-21 14:02	2020-06-11	Show	GitHub Exploit DB Packet Storm

218354	8.8	HIGH Network	j2store	j2store	The J2Store plugin before 3.3.13 for Joomla! allows a SQL injection attack by a trusted store manager.	CWE-89 SQL Injection	CVE-2020-13996	2024-11-21 14:02	2020-06-10	Show	GitHub Exploit DB Packet Storm

218355	5.4	MEDIUM Network	your_online_shop_project	your_online_shop	Your Online Shop 1.8.0 allows authenticated users to trigger XSS via a Change Name or Change Surname operation.	CWE-79 Cross-site Scripting	CVE-2020-13911	2024-11-21 14:02	2020-06-10	Show	GitHub Exploit DB Packet Storm

218356	8.8	HIGH Adjacent	royalapps	royal_ts	Royal TS before 5 has a 0.0.0.0 listener, which makes it easier for attackers to bypass tunnel authentication via a brute-force approach.	CWE-307 mproper Restriction of Excessive Authentication Attempts	CVE-2020-13872	2024-11-21 14:02	2020-06-10	Show	GitHub Exploit DB Packet Storm

218357	5.4	MEDIUM Network	themeboy	sportspress	The SportsPress plugin before 2.7.2 for WordPress allows XSS.	CWE-79 Cross-site Scripting	CVE-2020-13892	2024-11-21 14:02	2020-06-10	Show	GitHub Exploit DB Packet Storm

218358	4.8	MEDIUM Network	opencart	opencart	OpenCart 3.0.3.3 allows remote authenticated users to conduct XSS attacks via a crafted filename in the users' image upload section because of a lack of entity encoding. NOTE: this issue exists becau…	CWE-79 Cross-site Scripting	CVE-2020-13980	2024-11-21 14:02	2020-06-9	Show	GitHub Exploit DB Packet Storm

218359	7.2	HIGH Network	monstra	monstra_cms	Monstra CMS 3.0.4 allows an attacker, who already has administrative access to modify .chunk.php files on the Edit Chunk screen, to execute arbitrary OS commands via the Theme Module by visiting the …	CWE-78 OS Command	CVE-2020-13978	2024-11-21 14:02	2020-06-9	Show	GitHub Exploit DB Packet Storm

218360	4.9	MEDIUM Network	nagios fedoraproject	nagios fedora	Nagios 4.4.5 allows an attacker, who already has administrative access to change the "URL for JSON CGIs" configuration setting, to modify the Alert Histogram and Trends code via crafted versions of t…	CWE-829 Inclusion of Functionality from Untrusted Control Sphere	CVE-2020-13977	2024-11-21 14:02	2020-06-9	Show	GitHub Exploit DB Packet Storm

Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed