Vulnerability Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":May 31, 2026, 6 p.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
249021	4.3	警告	Nancy Wichmann	-	Drupal 用 Glossary モジュールにおけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2012-2339	2012-05-23 19:00	2012-05-21	Show	GitHub Exploit DB Packet Storm

249022	2.6	注意	Ishmael Sanchez	-	Drupal 用 Aberdeen テーマの aberdeen_breadcrumb 関数におけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2012-2907	2012-05-23 18:57	2012-05-21	Show	GitHub Exploit DB Packet Storm

249023	5	警告	mark pilgrim	-	Universal Feed Parser におけるサービス運用妨害 (メモリ消費) の脆弱性	CWE-399 リソース管理の問題	CVE-2012-2921	2012-05-23 18:50	2012-05-2	Show	GitHub Exploit DB Packet Storm

249024	4.3	警告	Weston Ruter	-	WordPress 用 User Photo プラグインにおけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2012-2920	2012-05-23 18:48	2012-05-21	Show	GitHub Exploit DB Packet Storm

249025	4.3	警告	Andrew Killen	-	WordPress 用 Share and Follow プラグインにおけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2012-2917	2012-05-23 18:47	2012-05-21	Show	GitHub Exploit DB Packet Storm

249026	4.3	警告	dlo	-	WordPress 用 Sabre プラグインにおけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2012-2916	2012-05-23 18:46	2012-05-21	Show	GitHub Exploit DB Packet Storm

249027	4.3	警告	Hind	-	WordPress 用 Leaflet プラグインにおけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2012-2913	2012-05-23 18:41	2012-05-21	Show	GitHub Exploit DB Packet Storm

249028	4.3	警告	Kolja Schleich	-	WordPress 用 LeagueManager プラグインにおけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2012-2912	2012-05-23 18:25	2012-05-21	Show	GitHub Exploit DB Packet Storm

249029	5	警告	Chevereto Software	-	Chevereto の Upload/engine.php におけるディレクトリトラバーサルの脆弱性	CWE-22 パス・トラバーサル	CVE-2012-2919	2012-05-23 18:19	2012-05-21	Show	GitHub Exploit DB Packet Storm

249030	4.3	警告	Chevereto Software	-	Chevereto の Upload/engine.php におけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2012-2918	2012-05-23 18:18	2012-05-21	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:May 31, 2026, 4:16 a.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
212841	8.1	HIGH Network	munkireport_project	munkireport	A CSRF issue in manager/delete_machine/{id} in MunkiReport before 5.6.3 allows attackers to delete arbitrary machines from the MunkiReport database.	CWE-352 Origin Validation Error	CVE-2020-15882	2024-11-21 14:06	2020-07-23	Show	GitHub Exploit DB Packet Storm

212842	6.1	MEDIUM Network	munki_facts_project	munki_facts	A Cross-Site Scripting (XSS) vulnerability in the munki_facts (aka Munki Conditions) module before 1.5 for MunkiReport allows remote attackers to inject arbitrary web script or HTML via the key name.	CWE-79 Cross-site Scripting	CVE-2020-15881	2024-11-21 14:06	2020-07-23	Show	GitHub Exploit DB Packet Storm

212843	8.8	HIGH Network	embedthis	goahead	The HTTP Digest Authentication in the GoAhead web server before 5.1.2 does not completely protect against replay attacks. This allows an unauthenticated remote attacker to bypass authentication via c…	CWE-294 Authentication Bypass by Capture-replay	CVE-2020-15688	2024-11-21 14:06	2020-07-23	Show	GitHub Exploit DB Packet Storm

212844	7.5	HIGH Network	cauldrondevelopment	c\!	tar/TarFileReader.cpp in Cauldron cbang (aka C-Bang or C!) before 1.6.0 allows Directory Traversal during extraction from a TAR archive.	CWE-22 Path Traversal	CVE-2020-15908	2024-11-21 14:06	2020-07-23	Show	GitHub Exploit DB Packet Storm

212845	7.8	HIGH Local	pypi	bsdiff4	A buffer overflow in the patching routine of bsdiff4 before 1.2.0 allows an attacker to write to heap memory (beyond allocated bounds) via a crafted patch file.	CWE-787 Out-of-bounds Write	CVE-2020-15904	2024-11-21 14:06	2020-07-23	Show	GitHub Exploit DB Packet Storm

212846	6.1	MEDIUM Network	nagios	nagios_xi	Graph Explorer in Nagios XI before 5.7.2 allows XSS via the link url option.	CWE-79 Cross-site Scripting	CVE-2020-15902	2024-11-21 14:06	2020-07-23	Show	GitHub Exploit DB Packet Storm

212847	8.8	HIGH Network	nagios	nagios_xi	In Nagios XI before 5.7.3, ajaxhelper.php allows remote authenticated attackers to execute arbitrary commands via cmdsubsys.	NVD-CWE-noinfo	CVE-2020-15901	2024-11-21 14:06	2020-07-23	Show	GitHub Exploit DB Packet Storm

212848	6.1	MEDIUM Network	dlink	dir-816l_firmware	An XSS issue was discovered on D-Link DIR-816L devices 2.x before 1.10b04Beta02. In the file webinc/js/info.php, no output filtration is applied to the RESULT parameter, before it's printed on the we…	CWE-79 Cross-site Scripting	CVE-2020-15895	2024-11-21 14:06	2020-07-23	Show	GitHub Exploit DB Packet Storm

212849	7.5	HIGH Network	dlink	dir-816l_firmware	An issue was discovered on D-Link DIR-816L devices 2.x before 1.10b04Beta02. There exists an exposed administration function in getcfg.php, which can be used to call various services. It can be utili…	CWE-306 Missing Authentication for Critical Function	CVE-2020-15894	2024-11-21 14:06	2020-07-23	Show	GitHub Exploit DB Packet Storm

212850	7.5	HIGH Network	dlink	dap-1522_firmware	An authentication-bypass issue was discovered on D-Link DAP-1522 devices 1.4x before 1.10b04Beta02. There exist a few pages that are directly accessible by any unauthorized user, e.g., logout.php and…	CWE-287 Improper Authentication	CVE-2020-15896	2024-11-21 14:06	2020-07-23	Show	GitHub Exploit DB Packet Storm

Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed