Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":May 25, 2026, 6 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
248711 7.6 危険 Xelex - Android 用の Xelex MobileTrack アプリケーションにおけるコマンドを実行される脆弱性 CWE-20
CWE-287
CVE-2012-2562 2012-05-23 15:33 2012-05-22 Show GitHub Exploit DB Packet Storm
248712 10 危険 シマンテック - Symantec Web Gateway の管理画面における任意のコードをアップロードされる脆弱性 CWE-264
認可・権限・アクセス制御 		CVE-2012-0299 2012-05-23 13:50 2012-05-17 Show GitHub Exploit DB Packet Storm
248713 6.4 警告 シマンテック - Symantec Web Gateway の管理画面のファイル管理スクリプトにおける任意のファイルを読まれる脆弱性 CWE-264
認可・権限・アクセス制御 		CVE-2012-0298 2012-05-23 13:47 2012-05-17 Show GitHub Exploit DB Packet Storm
248714 10 危険 シマンテック - Symantec Web Gateway の管理画面における任意のコードを実行される脆弱性 CWE-264
認可・権限・アクセス制御 		CVE-2012-0297 2012-05-23 13:46 2012-05-17 Show GitHub Exploit DB Packet Storm
248715 4.3 警告 シマンテック - Symantec Web Gateway の管理画面におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2012-0296 2012-05-23 13:41 2012-05-17 Show GitHub Exploit DB Packet Storm
248716 10 危険 X.Org Foundation - X.Org X11 の os/log.c 内の LogVHdrMessageVerb 関数におけるフォーマットストリングの脆弱性 CWE-20
不適切な入力確認 		CVE-2012-2118 2012-05-22 16:19 2012-05-18 Show GitHub Exploit DB Packet Storm
248717 3.3 注意 Debian - texlive-extra-utils の latex2man における任意のファイルを上書される脆弱性 CWE-264
認可・権限・アクセス制御 		CVE-2012-2120 2012-05-22 16:02 2012-05-18 Show GitHub Exploit DB Packet Storm
248718 10 危険 The PHP Group - PHP の com_print_typeinfo 関数におけるバッファオーバーフローの脆弱性 CWE-119
バッファエラー 		CVE-2012-2376 2012-05-22 11:53 2012-05-21 Show GitHub Exploit DB Packet Storm
248719 9.3 危険 リアルネットワークス - RealNetworks RealPlayer におけるバッファオーバーフローの脆弱性 CWE-119
バッファエラー 		CVE-2012-2411 2012-05-22 11:40 2012-05-18 Show GitHub Exploit DB Packet Storm
248720 9.3 危険 リアルネットワークス - RealNetworks RealPlayer における任意のコードを実行される脆弱性 CWE-DesignError
CVE-2012-2406 2012-05-22 11:40 2012-05-18 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:May 26, 2026, 4:05 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
211331 7.5 HIGH
Network 		openvpn openvpn_access_server OpenVPN Access Server older than version 2.8.4 and version 2.9.5 generates new user authentication tokens instead of reusing exiting tokens on reconnect making it possible to circumvent the initial t… CWE-613
 Insufficient Session Expiration 		CVE-2020-15074 2024-11-21 14:04 2020-07-15 Show GitHub Exploit DB Packet Storm
211332 5.4 MEDIUM
Network 		envoyproxy envoy In Envoy before versions 1.12.6, 1.13.4, 1.14.4, and 1.15.0 when validating TLS certificates, Envoy would incorrectly allow a wildcard DNS Subject Alternative Name apply to multiple subdomains. For e… CWE-346
 Origin Validation Error 		CVE-2020-15104 2024-11-21 14:04 2020-07-15 Show GitHub Exploit DB Packet Storm
211333 7.5 HIGH
Network 		supremainc biostar_2 An issue was discovered in the Video Extension in Suprema BioStar 2 before 2.8.2. Remote attackers can read arbitrary files from the server via Directory Traversal. CWE-22
Path Traversal 		CVE-2020-15050 2024-11-21 14:04 2020-07-14 Show GitHub Exploit DB Packet Storm
211334 5.4 MEDIUM
Network 		django_two-factor_authentication_project django_two-factor_authentication Django Two-Factor Authentication before 1.12, stores the user's password in clear text in the user session (base64-encoded). The password is stored in the session when the user submits their username… CWE-312
 Cleartext Storage of Sensitive Information 		CVE-2020-15105 2024-11-21 14:04 2020-07-11 Show GitHub Exploit DB Packet Storm
211335 8.6 HIGH
Network 		amazon tough The tough library (Rust/crates.io) prior to version 0.7.1 does not properly verify the threshold of cryptographic signatures. It allows an attacker to duplicate a valid signature in order to circumve… CWE-347
 Improper Verification of Cryptographic Signature 		CVE-2020-15093 2024-11-21 14:04 2020-07-10 Show GitHub Exploit DB Packet Storm
211336 4.8 MEDIUM
Network 		northwestern timelinejs In TimelineJS before version 3.7.0, some user data renders as HTML. An attacker could implement an XSS exploit with maliciously crafted content in a number of data fields. This risk is present whethe… CWE-79
Cross-site Scripting 		CVE-2020-15092 2024-11-21 14:04 2020-07-10 Show GitHub Exploit DB Packet Storm
211337 5.3 MEDIUM
Adjacent 		yubico yubikey_5_nfc_firmware An information leak was discovered on Yubico YubiKey 5 NFC devices 5.0.0 to 5.2.6 and 5.3.0 to 5.3.1. The OTP application allows a user to set optional access codes on OTP slots. This access code is … CWE-862
 Missing Authorization 		CVE-2020-15001 2024-11-21 14:04 2020-07-10 Show GitHub Exploit DB Packet Storm
211338 5.9 MEDIUM
Network 		yubico yubikey_5_nfc_firmware A PIN management problem was discovered on Yubico YubiKey 5 devices 5.2.0 to 5.2.6. OpenPGP has three passwords: Admin PIN, Reset Code, and User PIN. The Reset Code is used to reset the User PIN, but… NVD-CWE-Other
CVE-2020-15000 2024-11-21 14:04 2020-07-10 Show GitHub Exploit DB Packet Storm
211339 5.4 MEDIUM
Network 		phplist phplist An issue was discovered in phpList through 3.5.4. An XSS vulnerability occurs within the Import Administrators section via upload of an edited text document. This also affects the Subscriber Lists se… CWE-79
Cross-site Scripting 		CVE-2020-15073 2024-11-21 14:04 2020-07-9 Show GitHub Exploit DB Packet Storm
211340 8.8 HIGH
Network 		phplist phplist An issue was discovered in phpList through 3.5.4. An error-based SQL Injection vulnerability exists via the Import Administrators section. CWE-89
SQL Injection 		CVE-2020-15072 2024-11-21 14:04 2020-07-9 Show GitHub Exploit DB Packet Storm