Vulnerability Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":May 24, 2026, 6 p.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
248991	5	警告	ヒューレット・パッカード	-	HP Onboard Administrator における重要な情報を取得される脆弱性	CWE-200 情報漏えい	CVE-2012-0130	2012-04-9 09:59	2012-04-2	Show	GitHub Exploit DB Packet Storm

248992	7.6	危険	ヒューレット・パッカード	-	HP Onboard Administrator におけるアクセス制限を回避される脆弱性	CWE-264 認可・権限・アクセス制御	CVE-2012-0129	2012-04-9 09:55	2012-04-2	Show	GitHub Exploit DB Packet Storm

248993	5.8	警告	ヒューレット・パッカード	-	HP Onboard Administrator におけるユーザを任意の Web サイトにリダイレクトされる脆弱性	CWE-20 不適切な入力確認	CVE-2012-0128	2012-04-9 09:51	2012-04-2	Show	GitHub Exploit DB Packet Storm

248994	5	警告	GitHub	-	GitHub Enterprise における public_key[user_id] の値を設定される脆弱性	CWE-255 証明書・パスワード管理	CVE-2012-2055	2012-04-6 16:21	2012-04-4	Show	GitHub Exploit DB Packet Storm

248995	5	警告	Redmine	-	Redmine における属性を設定される脆弱性	CWE-255 証明書・パスワード管理	CVE-2012-2054	2012-04-6 16:21	2012-03-6	Show	GitHub Exploit DB Packet Storm

248996	5	警告	Spree Commerce	-	Spree のセッション Cookie ストアの実装における暗号保護メカニズムを容易に回避される脆弱性	CWE-255 証明書・パスワード管理	CVE-2008-7311	2012-04-6 16:19	2008-08-12	Show	GitHub Exploit DB Packet Storm

248997	5	警告	Spree Commerce	-	Spree における Order ステートの値を設定される脆弱性	CWE-255 証明書・パスワード管理	CVE-2008-7310	2012-04-6 16:16	2008-09-16	Show	GitHub Exploit DB Packet Storm

248998	5	警告	Insoshi	-	Insoshi における ForumPost user_id の値を設定される脆弱性	CWE-255 証明書・パスワード管理	CVE-2008-7309	2012-04-6 16:15	2008-09-21	Show	GitHub Exploit DB Packet Storm

248999	3.5	注意	OpenBSD	-	OpenSSH の gss-serv.c 内の ssh_gssapi_parse_ename 関数におけるサービス運用妨害 (メモリ消費) の脆弱性	CWE-189 数値処理の問題	CVE-2011-5000	2012-04-6 16:00	2012-04-5	Show	GitHub Exploit DB Packet Storm

249000	7.2	危険	F5 Networks	-	F5 FirePass の sudoers ファイルにおける権限を取得される脆弱性	CWE-264 認可・権限・アクセス制御	CVE-2012-2053	2012-04-6 15:53	2012-04-5	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:May 24, 2026, 4:05 a.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
211051	9.8	CRITICAL Network	zyxel	cloud_cnm_secumanager	Zyxel CloudCNM SecuManager 3.1.0 and 3.1.1 allows use of live/CPEManager/AXCampaignManager/delete_cpes_by_ids?cpe_ids= for eval injection of Python code.	CWE-94 Code Injection	CVE-2020-15348	2024-11-21 14:05	2020-06-26	Show	GitHub Exploit DB Packet Storm

211052	7.2	HIGH Network	turnkeylinux	support_incident_tracker	Support Incident Tracker (aka SiT! or SiTracker) 3.67 p2 allows post-authentication SQL injection via the site_edit.php typeid or site parameter, the search_incidents_advanced.php search_title parame…	CWE-89 SQL Injection	CVE-2020-15308	2024-11-21 14:05	2020-06-26	Show	GitHub Exploit DB Packet Storm

211053	5.5	MEDIUM Local	openexr fedoraproject opensuse debian canonical	openexr fedora leap debian_linux ubuntu_linux	An issue was discovered in OpenEXR before v2.5.2. Invalid chunkCount attributes could cause a heap buffer overflow in getChunkOffsetTableSize() in IlmImf/ImfMisc.cpp.	CWE-787 Out-of-bounds Write	CVE-2020-15306	2024-11-21 14:05	2020-06-26	Show	GitHub Exploit DB Packet Storm

211054	5.5	MEDIUM Local	openexr fedoraproject opensuse debian canonical	openexr fedora leap debian_linux ubuntu_linux	An issue was discovered in OpenEXR before 2.5.2. Invalid input could cause a use-after-free in DeepScanLineInputFile::DeepScanLineInputFile() in IlmImf/ImfDeepScanLineInputFile.cpp.	CWE-416 Use After Free	CVE-2020-15305	2024-11-21 14:05	2020-06-26	Show	GitHub Exploit DB Packet Storm

211055	5.5	MEDIUM Local	openexr fedoraproject opensuse	openexr fedora leap	An issue was discovered in OpenEXR before 2.5.2. An invalid tiled input file could cause invalid memory access in TiledInputFile::TiledInputFile() in IlmImf/ImfTiledInputFile.cpp, as demonstrated by …	CWE-476 NULL Pointer Dereference	CVE-2020-15304	2024-11-21 14:05	2020-06-26	Show	GitHub Exploit DB Packet Storm

211056	7.5	HIGH Network	argent	recoverymanager	In Argent RecoveryManager before 0xdc350d09f71c48c5D22fBE2741e4d6A03970E192, the executeRecovery function does not require any signatures in the zero-guardian case, which allows attackers to cause a …	CWE-347 Improper Verification of Cryptographic Signature	CVE-2020-15302	2024-11-21 14:05	2020-06-26	Show	GitHub Exploit DB Packet Storm

211057	7.5	HIGH Network	acronis	agent	A logic bug in system monitoring driver of Acronis Agent after 12.5.21540 and before 12.5.23094 allowed to bypass Windows memory protection and access sensitive data.	NVD-CWE-noinfo	CVE-2020-14999	2024-11-21 14:04	2021-07-30	Show	GitHub Exploit DB Packet Storm

211058	5.3	MEDIUM Network	openvpn	openvpn_access_server	OpenVPN Access Server 2.8.7 and earlier versions allows a remote attackers to bypass authentication and access control channel data on servers configured with deferred authentication, which can be us…	CWE-287 Improper Authentication	CVE-2020-15077	2024-11-21 14:04	2021-06-4	Show	GitHub Exploit DB Packet Storm

211059	7.8	HIGH Local	openvpn	private_tunnel	Private Tunnel installer for macOS version 3.0.1 and older versions may corrupt system critical files it should not have access via symlinks in /tmp.	CWE-59 Link Following	CVE-2020-15076	2024-11-21 14:04	2021-05-27	Show	GitHub Exploit DB Packet Storm

211060	9.8	CRITICAL Network	ampache	ampache	Ampache before version 4.2.2 allows unauthenticated users to perform SQL injection. Refer to the referenced GitHub Security Advisory for details and a workaround. This is fixed in version 4.2.2 and t…	-	CVE-2020-15153	2024-11-21 14:04	2021-05-1	Show	GitHub Exploit DB Packet Storm

Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed