Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":May 18, 2026, 10 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
249111 7.5 危険 site2nite - Site2Nite VRBO Listings の detail.asp における SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2010-4635 2012-03-27 18:42 2010-12-30 Show GitHub Exploit DB Packet Storm
249112 7.5 危険 sumeffect - digiSHOP の cart.php における SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2010-4633 2012-03-27 18:42 2010-12-30 Show GitHub Exploit DB Packet Storm
249113 7.5 危険 PilotCart - ASPilot Pilot Cart における SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2010-4632 2012-03-27 18:42 2010-12-30 Show GitHub Exploit DB Packet Storm
249114 4.3 警告 PilotCart - ASPilot Pilot Cart におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2010-4631 2012-03-27 18:42 2010-12-30 Show GitHub Exploit DB Packet Storm
249115 4.3 警告 fubra - WordPress の WP Survey And Quiz Tool プラグインにおけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2010-4630 2012-03-27 18:42 2010-12-30 Show GitHub Exploit DB Packet Storm
249116 5 警告 MyBB Group - MyBB におけるサービス運用妨害 (DoS) の脆弱性 CWE-264
認可・権限・アクセス制御 		CVE-2010-4629 2012-03-27 18:42 2010-02-1 Show GitHub Exploit DB Packet Storm
249117 5 警告 MyBB Group - MyBB の member.php におけるサービス運用妨害 (DoS) の脆弱性 CWE-DesignError
CVE-2010-4628 2012-03-27 18:42 2010-01-8 Show GitHub Exploit DB Packet Storm
249118 6.8 警告 MyBB Group - MyBB の usercp2.php におけるクロスサイトリクエストフォージェリの脆弱性 CWE-352
同一生成元ポリシー違反 		CVE-2010-4627 2012-03-27 18:42 2010-04-6 Show GitHub Exploit DB Packet Storm
249119 5.1 警告 MyBB Group - MyBB の my_rand 関数における任意のアカウントへのアクセスを取得される脆弱性 CWE-310
暗号の問題 		CVE-2010-4626 2012-03-27 18:42 2010-04-3 Show GitHub Exploit DB Packet Storm
249120 5 警告 MyBB Group - MyBB における重要な情報を取得される脆弱性 CWE-200
情報漏えい 		CVE-2010-4625 2012-03-27 18:42 2010-03-15 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:May 18, 2026, 4:12 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
198871 4.9 MEDIUM
Network 		digi connectport_lts_32_mei_bios
connectport_lts_32_mei_firmware 		Digi International ConnectPort LTS 32 MEI, Firmware Version 1.4.3 (82002228_K 08/09/2018), bios Version 1.2. Successful exploitation of this vulnerability could allow an attacker to upload a maliciou… CWE-434
 Unrestricted Upload of File with Dangerous Type  		CVE-2020-6975 2024-11-21 14:36 2020-02-13 Show GitHub Exploit DB Packet Storm
198872 7.5 HIGH
Network 		dovecot
fedoraproject 		dovecot
fedora 		lib-smtp in submission-login and lmtp in Dovecot 2.3.9 before 2.3.9.3 mishandles truncated UTF-8 data in command parameters, as demonstrated by the unauthenticated triggering of a submission-login in… CWE-835
 Loop with Unreachable Exit Condition ('Infinite Loop') 		CVE-2020-7046 2024-11-21 14:36 2020-02-13 Show GitHub Exploit DB Packet Storm
198873 7.5 HIGH
Network 		opensuse wicked An ni_dhcp4_fsm_process_dhcp4_packet memory leak in openSUSE wicked 0.6.55 and earlier allows network attackers to cause a denial of service by sending DHCP4 packets with a different client-id. CWE-401
 Missing Release of Memory after Effective Lifetime 		CVE-2020-7217 2024-11-21 14:36 2020-02-11 Show GitHub Exploit DB Packet Storm
198874 9.1 CRITICAL
Network 		php
tenable
oracle
opensuse
debian 		php
tenable.sc
communications_diameter_signaling_router
leap
debian_linux 		When using certain mbstring functions to convert multibyte encodings, in PHP versions 7.2.x below 7.2.27, 7.3.x below 7.3.14 and 7.4.x below 7.4.2 it is possible to supply data that will cause functi… CWE-125
Out-of-bounds Read 		CVE-2020-7060 2024-11-21 14:36 2020-02-10 Show GitHub Exploit DB Packet Storm
198875 9.1 CRITICAL
Network 		php
tenable
oracle
opensuse
debian 		php
tenable.sc
communications_diameter_signaling_router
leap
debian_linux 		When using fgetss() function to read data with stripping tags, in PHP versions 7.2.x below 7.2.27, 7.3.x below 7.3.14 and 7.4.x below 7.4.2 it is possible to supply data that will cause this function… CWE-125
Out-of-bounds Read 		CVE-2020-7059 2024-11-21 14:36 2020-02-10 Show GitHub Exploit DB Packet Storm
198876 9.8 CRITICAL
Network 		bosch bosch_video_management_system_mobile_video_service
divar_ip_3000_firmware
divar_ip_7000_firmware 		Deserialization of Untrusted Data in the BVMS Mobile Video Service (BVMS MVS) allows an unauthenticated remote attacker to execute arbitrary code on the system. This affects Bosch BVMS versions 10.0 … CWE-502
 Deserialization of Untrusted Data 		CVE-2020-6770 2024-11-21 14:36 2020-02-8 Show GitHub Exploit DB Packet Storm
198877 7.5 HIGH
Network 		bosch video_management_system_viewer
video_management_system 		A path traversal vulnerability in the Bosch Video Management System (BVMS) NoTouch deployment allows an unauthenticated remote attacker to read arbitrary files from the Central Server. This affects B… CWE-22
Path Traversal 		CVE-2020-6768 2024-11-21 14:36 2020-02-8 Show GitHub Exploit DB Packet Storm
198878 9.1 CRITICAL
Network 		bosch video_streaming_gateway
divar_ip_2000_firmware
divar_ip_5000_firmware 		Missing Authentication for Critical Function in the Bosch Video Streaming Gateway (VSG) allows an unauthenticated remote attacker to retrieve and set arbitrary configuration data of the Video Streami… CWE-306
Missing Authentication for Critical Function 		CVE-2020-6769 2024-11-21 14:36 2020-02-8 Show GitHub Exploit DB Packet Storm
198879 9.8 CRITICAL
Network 		schmid-telecom zi_620_v400_firmware Schmid ZI 620 V400 VPN 090 routers allow an attacker to execute OS commands as root via shell metacharacters to an entry on the SSH subcommand menu, as demonstrated by ping. CWE-78
OS Command  		CVE-2020-6760 2024-11-21 14:36 2020-02-7 Show GitHub Exploit DB Packet Storm
198880 6.5 MEDIUM
Network 		sos-berlin jobscheduler An XML External Entity (XEE) vulnerability exists in the JOC Cockpit component of SOS JobScheduler 1.12 and 1.13.2 allows attackers to read files from the server via an entity declaration in any of t… CWE-776
XML Entity Expansion 		CVE-2020-6856 2024-11-21 14:36 2020-02-7 Show GitHub Exploit DB Packet Storm