Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":May 28, 2026, 6 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
248941 3.5 注意 TYPO3 Association - TYPO3 の FORM コンテンツオブジェクトにおけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2010-5098 2012-05-23 16:41 2010-12-16 Show GitHub Exploit DB Packet Storm
248942 2.6 注意 TYPO3 Association - TYPO3 のクリック拡張機能におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2010-5097 2012-05-23 16:23 2010-12-16 Show GitHub Exploit DB Packet Storm
248943 6.4 警告 Atlassian - 複数の Atlassian 製品における任意のファイルを読まれる脆弱性 CWE-264
認可・権限・アクセス制御 		CVE-2012-2926 2012-05-23 16:23 2012-05-22 Show GitHub Exploit DB Packet Storm
248944 2.6 注意 Xelex - Android 用の Xelex MobileTrack アプリケーションにおける重要な情報を取得される脆弱性 CWE-255
証明書・パスワード管理 		CVE-2012-2567 2012-05-23 15:35 2012-05-22 Show GitHub Exploit DB Packet Storm
248945 7.6 危険 Xelex - Android 用の Xelex MobileTrack アプリケーションにおけるコマンドを実行される脆弱性 CWE-20
CWE-287
CVE-2012-2562 2012-05-23 15:33 2012-05-22 Show GitHub Exploit DB Packet Storm
248946 10 危険 シマンテック - Symantec Web Gateway の管理画面における任意のコードをアップロードされる脆弱性 CWE-264
認可・権限・アクセス制御 		CVE-2012-0299 2012-05-23 13:50 2012-05-17 Show GitHub Exploit DB Packet Storm
248947 6.4 警告 シマンテック - Symantec Web Gateway の管理画面のファイル管理スクリプトにおける任意のファイルを読まれる脆弱性 CWE-264
認可・権限・アクセス制御 		CVE-2012-0298 2012-05-23 13:47 2012-05-17 Show GitHub Exploit DB Packet Storm
248948 10 危険 シマンテック - Symantec Web Gateway の管理画面における任意のコードを実行される脆弱性 CWE-264
認可・権限・アクセス制御 		CVE-2012-0297 2012-05-23 13:46 2012-05-17 Show GitHub Exploit DB Packet Storm
248949 4.3 警告 シマンテック - Symantec Web Gateway の管理画面におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2012-0296 2012-05-23 13:41 2012-05-17 Show GitHub Exploit DB Packet Storm
248950 10 危険 X.Org Foundation - X.Org X11 の os/log.c 内の LogVHdrMessageVerb 関数におけるフォーマットストリングの脆弱性 CWE-20
不適切な入力確認 		CVE-2012-2118 2012-05-22 16:19 2012-05-18 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:May 28, 2026, 4:16 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
213171 5.3 MEDIUM
Network 		mi xiaomi Some js interfaces in the Xiaomi community were exposed, causing sensitive functions to be maliciously called on Xiaomi community app Affected Version <3.0.210809 CWE-668
 Exposure of Resource to Wrong Sphere 		CVE-2020-14130 2024-11-21 14:02 2021-09-16 Show GitHub Exploit DB Packet Storm
213172 7.2 HIGH
Network 		mi ax3600_firmware There is command injection in the meshd program in the routing system, resulting in command execution under administrator authority on Xiaomi router AX3600 with ROM version =< 1.1.12 CWE-77
Command Injection 		CVE-2020-14109 2024-11-21 14:02 2021-09-16 Show GitHub Exploit DB Packet Storm
213173 7.5 HIGH
Network 		apache zeppelin Authentication bypass vulnerability in Apache Zeppelin allows an attacker to bypass Zeppelin authentication mechanism to act as another user. This issue affects Apache Zeppelin Apache Zeppelin versio… NVD-CWE-noinfo
CVE-2020-13929 2024-11-21 14:02 2021-09-3 Show GitHub Exploit DB Packet Storm
213174 6.1 MEDIUM
Network 		thecodingmachine gotenberg It is possible to inject HTML and/or JavaScript in the HTML to PDF conversion in Gotenberg through 6.2.1 via the /convert/html endpoint. CWE-79
Cross-site Scripting 		CVE-2020-14161 2024-11-21 14:02 2021-08-26 Show GitHub Exploit DB Packet Storm
213175 7.5 HIGH
Network 		thecodingmachine gotenberg An SSRF vulnerability in Gotenberg through 6.2.1 exists in the remote URL to PDF conversion, which results in a remote attacker being able to read local files or fetch intranet resources. CWE-918
Server-Side Request Forgery (SSRF)  		CVE-2020-14160 2024-11-21 14:02 2021-08-26 Show GitHub Exploit DB Packet Storm
213176 9.8 CRITICAL
Network 		asrock box-r1000_firmware ASRock 4x4 BOX-R1000 before BIOS P1.40 allows privilege escalation via code execution in the SMM. CWE-269
 Improper Privilege Management 		CVE-2020-14032 2024-11-21 14:02 2021-07-23 Show GitHub Exploit DB Packet Storm
213177 7.5 HIGH
Network 		apache
debian
fedoraproject
oracle 		http_server
debian_linux
fedora
instantis_enterprisetrack
enterprise_manager_ops_center
zfs_storage_appliance_kit 		Apache HTTP Server versions 2.4.41 to 2.4.46 mod_proxy_http can be made to crash (NULL pointer dereference) with specially crafted requests using both Content-Length and Transfer-Encoding headers, le… CWE-476
 NULL Pointer Dereference 		CVE-2020-13950 2024-11-21 14:02 2021-06-10 Show GitHub Exploit DB Packet Storm
213178 5.5 MEDIUM
Local 		apache
mcafee
netapp 		http_server
epolicy_orchestrator
cloud_backup 		Apache HTTP Server versions 2.4.0 to 2.4.46 Unprivileged local users can stop httpd on Windows CWE-862
 Missing Authorization 		CVE-2020-13938 2024-11-21 14:02 2021-06-10 Show GitHub Exploit DB Packet Storm
213179 5.5 MEDIUM
Local 		redhat wildfly
jboss_enterprise_application_platform 		It was found that the issue for security flaw CVE-2019-3805 appeared again in a further version of JBoss Enterprise Application Platform - Continuous Delivery (EAP-CD) introducing regression. An atta… - CVE-2020-14317 2024-11-21 14:02 2021-06-2 Show GitHub Exploit DB Packet Storm
213180 6.5 MEDIUM
Network 		redhat
netapp 		libvirt
enterprise_linux
enterprise_linux_tus
enterprise_linux_eus
enterprise_linux_server_aus
enterprise_linux_server_update_services_for_sap_solutions
enterprise_linux_for_power_l… 		An information disclosure vulnerability was found in libvirt in versions before 6.3.0. HTTP cookies used to access network-based disks were saved in the XML dump of the guest domain. This flaw allows… - CVE-2020-14301 2024-11-21 14:02 2021-05-28 Show GitHub Exploit DB Packet Storm