Vulnerability Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":May 27, 2026, 4 p.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
248631	6.5	警告	ITechScripts	-	Travelon Express における任意のコードを実行される脆弱性	CWE-Other その他	CVE-2012-2939	2012-05-29 15:01	2012-05-27	Show	GitHub Exploit DB Packet Storm

248632	4.3	警告	ITechScripts	-	Travelon Express におけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2012-2938	2012-05-29 15:00	2012-05-27	Show	GitHub Exploit DB Packet Storm

248633	7.5	危険	Pligg	-	Pligg CMS における SQL インジェクションの脆弱性	CWE-89 SQLインジェクション	CVE-2012-2937	2012-05-29 14:58	2012-05-27	Show	GitHub Exploit DB Packet Storm

248634	4.3	警告	Pligg	-	Pligg CMS におけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2012-2936	2012-05-29 14:58	2012-05-27	Show	GitHub Exploit DB Packet Storm

248635	4.3	警告	Pligg	-	Pligg CMS におけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2012-2436	2012-05-29 14:57	2012-05-27	Show	GitHub Exploit DB Packet Storm

248636	4.3	警告	osCommerce	-	OSCommerce Online Merchant におけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2012-2935	2012-05-29 14:18	2012-05-27	Show	GitHub Exploit DB Packet Storm

248637	2.6	注意	osCommerce	-	OSCommerce Online Merchant におけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2012-1792	2012-05-29 14:18	2012-05-27	Show	GitHub Exploit DB Packet Storm

248638	4.3	警告	The Support Incident Tracker Project	-	Support Incident Tracker におけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2012-2235	2012-05-29 14:14	2012-05-27	Show	GitHub Exploit DB Packet Storm

248639	2.6	注意	Zen Cart	-	Zen Cart におけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2012-1413	2012-05-29 14:13	2012-05-27	Show	GitHub Exploit DB Packet Storm

248640	10	危険	Seagate Technology LLC	-	Seagate BlackArmor NAS に脆弱性	CWE-264 認可・権限・アクセス制御	CVE-2012-2568	2012-05-29 13:47	2012-05-24	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:May 27, 2026, 4:52 a.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
199201	7.2	HIGH Network	tp-link	tl-wr841n_firmware	A buffer overflow in the httpd daemon on TP-Link TL-WR841N V10 (firmware version 3.16.9) devices allows an authenticated remote attacker to execute arbitrary code via a GET request to the page for th…	CWE-120 Classic Buffer Overflow	CVE-2020-8423	2024-11-21 14:38	2020-04-3	Show	GitHub Exploit DB Packet Storm

199202	6.3	MEDIUM Local	opensuse	texlive-filesystem leap	A Race Condition Enabling Link Following vulnerability in the cron job shipped with texlive-filesystem of SUSE Linux Enterprise Module for Desktop Applications 15-SP1, SUSE Linux Enterprise Software …	CWE-367 Time-of-check Time-of-use (TOCTOU) Race Condition	CVE-2020-8017	2024-11-21 14:38	2020-04-2	Show	GitHub Exploit DB Packet Storm

199203	7.0	HIGH Local	opensuse	texlive-filesystem	A Race Condition Enabling Link Following vulnerability in the packaging of texlive-filesystem of SUSE Linux Enterprise Module for Desktop Applications 15-SP1, SUSE Linux Enterprise Software Developme…	-	CVE-2020-8016	2024-11-21 14:38	2020-04-2	Show	GitHub Exploit DB Packet Storm

199204	7.8	HIGH Local	exim	exim	A UNIX Symbolic Link (Symlink) Following vulnerability in the packaging of exim in openSUSE Factory allows local attackers to escalate from user mail to root. This issue affects: openSUSE Factory exi…	-	CVE-2020-8015	2024-11-21 14:38	2020-04-2	Show	GitHub Exploit DB Packet Storm

199205	7.8	HIGH Local	ui	unifi_video	In UniFi Video v3.10.1 (for Windows 7/8/10 x64) there is a Local Privileges Escalation to SYSTEM from arbitrary file deletion and DLL hijack vulnerabilities. The issue was fixed by adjusting the .tsE…	CWE-427 Uncontrolled Search Path Element	CVE-2020-8146	2024-11-21 14:38	2020-04-2	Show	GitHub Exploit DB Packet Storm

199206	6.5	MEDIUM Network	ui	unifi_video	The UniFi Video Server (Windows) web interface configuration restore functionality at the “backup” and “wizard” endpoints does not implement sufficient privilege checks. Low privileged users, belongi…	NVD-CWE-noinfo	CVE-2020-8145	2024-11-21 14:38	2020-04-2	Show	GitHub Exploit DB Packet Storm

199207	8.4	HIGH Adjacent	ui	unifi_video	The UniFi Video Server v3.9.3 and prior (for Windows 7/8/10 x64) web interface Firmware Update functionality, under certain circumstances, does not validate firmware download destinations to ensure t…	CWE-22 Path Traversal	CVE-2020-8144	2024-11-21 14:38	2020-04-2	Show	GitHub Exploit DB Packet Storm

199208	8.8	HIGH Network	auth0	login_by_auth0	An issue was discovered in the Login by Auth0 plugin before 4.0.0 for WordPress. A user can perform an insecure direct object reference.	NVD-CWE-Other	CVE-2020-7948	2024-11-21 14:38	2020-04-1	Show	GitHub Exploit DB Packet Storm

199209	9.8	CRITICAL Network	auth0	login_by_auth0	An issue was discovered in the Login by Auth0 plugin before 4.0.0 for WordPress. It has numerous fields that can contain data that is pulled from different sources. One issue with this is that the da…	CWE-1236 Improper Neutralization of Formula Elements in a CSV File	CVE-2020-7947	2024-11-21 14:38	2020-04-1	Show	GitHub Exploit DB Packet Storm

199210	7.5	HIGH Network	zohocorp	manageengine_desktop_central	Zoho ManageEngine Desktop Central before 10.0.483 allows unauthenticated users to access PDFGenerationServlet, leading to sensitive information disclosure.	CWE-306 Missing Authentication for Critical Function	CVE-2020-8509	2024-11-21 14:38	2020-03-31	Show	GitHub Exploit DB Packet Storm

Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed