Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":May 21, 2026, 2 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
249071 4.3 警告 Ruby on Rails project - Ruby on Rails の strip_tags ヘルパーにおけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2011-2931 2012-03-27 18:43 2011-08-16 Show GitHub Exploit DB Packet Storm
249072 7.5 危険 Ruby on Rails project - Ruby on Rails の quote_table_name メソッドにおける SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2011-2930 2012-03-27 18:43 2011-08-16 Show GitHub Exploit DB Packet Storm
249073 5 警告 Ruby on Rails project - Ruby on Rails のテンプレート選択機能における任意のビューを表示される脆弱性 CWE-20
不適切な入力確認 		CVE-2011-2929 2012-03-27 18:43 2011-08-17 Show GitHub Exploit DB Packet Storm
249074 4.9 警告 Linux - Linux kernel の befs_follow_link 関数におけるサービス運用妨害 (DoS) の脆弱性 CWE-20
不適切な入力確認 		CVE-2011-2928 2012-03-27 18:43 2011-08-29 Show GitHub Exploit DB Packet Storm
249075 7.5 危険 Adaptive Computing - Terascale Open-Source Resource におけるホストベースの認証を回避される脆弱性 CWE-287
不適切な認証 		CVE-2011-2907 2012-03-27 18:43 2011-08-15 Show GitHub Exploit DB Packet Storm
249076 6.8 警告 rhythm - tcptrack におけるヒープベースのバッファオーバーフローの脆弱性 CWE-119
バッファエラー 		CVE-2011-2903 2012-03-27 18:43 2011-09-2 Show GitHub Exploit DB Packet Storm
249077 7.5 危険 shttpd
yaSSL
valenok		 - Mongoose などの put_dir 関数におけるスタックベースのバッファオーバーフローの脆弱性 CWE-119
バッファエラー 		CVE-2011-2900 2012-03-27 18:43 2011-08-5 Show GitHub Exploit DB Packet Storm
249078 5.1 警告 アップル
SWI-Prolog
The GIMP Team		 - CUPS などの製品で使用される LZW デコンプレッサにおける無限ループの脆弱性 CWE-119
バッファエラー 		CVE-2011-2896 2012-03-27 18:43 2011-08-19 Show GitHub Exploit DB Packet Storm
249079 4.3 警告 IBM - IBM Lotus Symphony 3 の DataPilot 機能におけるサービス運用妨害 (DoS) の脆弱性 CWE-399
リソース管理の問題 		CVE-2011-2893 2012-03-27 18:43 2011-07-27 Show GitHub Exploit DB Packet Storm
249080 4.3 警告 Joomla! - Joomla! におけるクリックジャッキング攻撃を誘発する脆弱性 CWE-20
不適切な入力確認 		CVE-2011-2892 2012-03-27 18:43 2011-04-14 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:May 21, 2026, 4:10 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
212091 7.5 HIGH
Network 		aedes_project aedes An issue was discovered in MoscaJS Aedes 0.42.0. lib/write.js does not properly consider exceptions during the writing of an invalid packet to a stream. CWE-755
 Improper Handling of Exceptional Conditions 		CVE-2020-13410 2024-11-21 14:01 2020-08-27 Show GitHub Exploit DB Packet Storm
212092 8.8 HIGH
Network 		i-doit i-doit A CSV injection (aka Excel Macro Injection or Formula Injection) issue in i-doit 1.14.2 allows an attacker to execute arbitrary commands via a Title parameter that is mishandled in a CSV export. CWE-1236
 Improper Neutralization of Formula Elements in a CSV File 		CVE-2020-13826 2024-11-21 14:01 2020-08-20 Show GitHub Exploit DB Packet Storm
212093 6.1 MEDIUM
Network 		i-doit i-doit A cross-site scripting (XSS) vulnerability in i-doit 1.14.2 allows remote attackers to inject arbitrary web script or HTML via the viewMode, tvMode, tvType, objID, catgID, objTypeID, or editMode para… CWE-79
Cross-site Scripting 		CVE-2020-13825 2024-11-21 14:01 2020-08-20 Show GitHub Exploit DB Packet Storm
212094 9.0 CRITICAL
Network 		securenvoy securmail SecurEnvoy SecurMail 9.3.503 allows attackers to upload executable files and achieve OS command execution via a crafted SecurEnvoyReply cookie. CWE-22
Path Traversal 		CVE-2020-13376 2024-11-21 14:01 2020-08-8 Show GitHub Exploit DB Packet Storm
212095 9.8 CRITICAL
Network 		ivanti dsm_netinst Unsafe storage of AD credentials in Ivanti DSM netinst 5.1 due to a static, hard-coded encryption key. CWE-798
 Use of Hard-coded Credentials 		CVE-2020-13793 2024-11-21 14:01 2020-08-7 Show GitHub Exploit DB Packet Storm
212096 8.8 HIGH
Network 		zyxel nas326_firmware
nas520_firmware
nas540_firmware
nas542_firmware 		Certain Zyxel products have a locally accessible binary that allows a non-root user to generate a password for an undocumented user account that can be used for a TELNET session as root. This affects… CWE-287
Improper Authentication 		CVE-2020-13365 2024-11-21 14:01 2020-08-7 Show GitHub Exploit DB Packet Storm
212097 8.8 HIGH
Network 		zyxel nas326_firmware
nas520_firmware
nas540_firmware
nas542_firmware 		A backdoor in certain Zyxel products allows remote TELNET access via a CGI script. This affects NAS520 V5.21(AASZ.4)C0, V5.21(AASZ.0)C0, V5.11(AASZ.3)C0, and V5.11(AASZ.0)C0; NAS542 V5.11(ABAG.0)C0, … NVD-CWE-noinfo
CVE-2020-13364 2024-11-21 14:01 2020-08-7 Show GitHub Exploit DB Packet Storm
212098 8.8 HIGH
Network 		quadra-informatique atos\/sips The ATOS/Sips (aka Atos-Magento) community module 3.0.0 to 3.0.5 for Magento allows command injection. CWE-78
OS Command  		CVE-2020-13404 2024-11-21 14:01 2020-08-6 Show GitHub Exploit DB Packet Storm
212099 6.1 MEDIUM
Network 		extremenetworks extreme_management_center Extreme EAC Appliance 8.4.1.24 allows unauthenticated reflected XSS via a parameter in a GET request. CWE-79
Cross-site Scripting 		CVE-2020-13819 2024-11-21 14:01 2020-08-5 Show GitHub Exploit DB Packet Storm
212100 7.1 HIGH
Local 		softperfect ram_disk An exploitable arbitrary file delete vulnerability exists in SoftPerfect RAM Disk 4.1 spvve.sys driver. A specially crafted I/O request packet (IRP) can allow an unprivileged user to delete any file … NVD-CWE-noinfo
CVE-2020-13522 2024-11-21 14:01 2020-08-5 Show GitHub Exploit DB Packet Storm