Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":May 17, 2026, 6 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
249131 7.5 危険 Hycus CMS project - Hycus CMS におけるディレクトリトラバーサルの脆弱性 CWE-22
パス・トラバーサル 		CVE-2010-4613 2012-03-27 18:42 2010-12-29 Show GitHub Exploit DB Packet Storm
249132 6.8 警告 Hycus CMS project - Hycus CMS の index.php における SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2010-4612 2012-03-27 18:42 2010-12-29 Show GitHub Exploit DB Packet Storm
249133 5 警告 html-edit - Html-edit CMS における重要な情報を取得される脆弱性 CWE-200
情報漏えい 		CVE-2010-4611 2012-03-27 18:42 2010-12-29 Show GitHub Exploit DB Packet Storm
249134 4.3 警告 html-edit - Html-edit CMS の index.php におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2010-4610 2012-03-27 18:42 2010-12-29 Show GitHub Exploit DB Packet Storm
249135 7.5 危険 html-edit - Html-edit CMS の index.php におけるクロスサイトスクリプティングの脆弱性 CWE-89
SQLインジェクション 		CVE-2010-4609 2012-03-27 18:42 2010-12-29 Show GitHub Exploit DB Packet Storm
249136 5 警告 habariproject - Habari における重要な情報を取得される脆弱性 CWE-200
情報漏えい 		CVE-2010-4608 2012-03-27 18:42 2010-12-4 Show GitHub Exploit DB Packet Storm
249137 2.6 注意 habariproject - Habari におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2010-4607 2012-03-27 18:42 2010-12-4 Show GitHub Exploit DB Packet Storm
249138 10 危険 IBM - IBM TSM の Space Management クライアントにおける任意のコマンドを実行される脆弱性 CWE-94
コード・インジェクション 		CVE-2010-4606 2012-03-27 18:42 2010-12-29 Show GitHub Exploit DB Packet Storm
249139 6.6 警告 IBM - IBM TSM の backup-archive クライアントにおける任意のファイルを上書される脆弱性 CWE-noinfo
情報不足 		CVE-2010-4605 2012-03-27 18:42 2010-12-29 Show GitHub Exploit DB Packet Storm
249140 6.9 警告 IBM - IBM TSM の GeneratePassword 関数におけるスタックベースのバッファオーバーフローの脆弱性 CWE-119
バッファエラー 		CVE-2010-4604 2012-03-27 18:42 2010-12-29 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:May 17, 2026, 4:15 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
211891 9.6 CRITICAL
Network 		gitlab gitlab In GitLab before 13.0.12, 13.1.6 and 13.2.3, it is possible to bypass E-mail verification which is required for OAuth Flow. CWE-287
Improper Authentication 		CVE-2020-13292 2024-11-21 14:00 2020-08-10 Show GitHub Exploit DB Packet Storm
211892 8.8 HIGH
Network 		combodo itop Combodo iTop contains a cross-site request forgery (CSRF) vulnerability, attackers can execute specific commands via malicious site request forgery. CWE-352
 Origin Validation Error 		CVE-2020-12781 2024-11-21 14:00 2020-08-10 Show GitHub Exploit DB Packet Storm
211893 7.5 HIGH
Network 		combodo itop A security misconfiguration exists in Combodo iTop, which can expose sensitive information. CWE-863
 Incorrect Authorization 		CVE-2020-12780 2024-11-21 14:00 2020-08-10 Show GitHub Exploit DB Packet Storm
211894 5.4 MEDIUM
Network 		combodo itop Combodo iTop contains a stored Cross-site Scripting vulnerability, which can be attacked by uploading file with malicious script. CWE-79
Cross-site Scripting 		CVE-2020-12779 2024-11-21 14:00 2020-08-10 Show GitHub Exploit DB Packet Storm
211895 6.1 MEDIUM
Network 		combodo itop Combodo iTop does not validate inputted parameters, attackers can inject malicious commands and launch XSS attack. CWE-79
Cross-site Scripting 		CVE-2020-12778 2024-11-21 14:00 2020-08-10 Show GitHub Exploit DB Packet Storm
211896 7.5 HIGH
Network 		combodo itop A function in Combodo iTop contains a vulnerability of Broken Access Control, which allows unauthorized attacker to inject command and disclose system information. CWE-200
Information Exposure 		CVE-2020-12777 2024-11-21 14:00 2020-08-10 Show GitHub Exploit DB Packet Storm
211897 9.8 CRITICAL
Network 		aerospike aerospike_server Aerospike Community Edition 4.9.0.5 allows for unauthenticated submission and execution of user-defined functions (UDFs), written in Lua, as part of a database query. It attempts to restrict code exe… CWE-78
OS Command  		CVE-2020-13151 2024-11-21 14:00 2020-08-5 Show GitHub Exploit DB Packet Storm
211898 5.3 MEDIUM
Network 		fanuc series_30i_firmware
series_31i_firmware
series_32i-b_plus_firmware
series_35i-b_firmware
power_motion_i-model_a_firmware
series_0i-model_f_plus_firmware
series_0i-model_f_firmware 		A denial-of-service vulnerability in the Fanuc i Series CNC (0i-MD and 0i Mate-MD) could allow an unauthenticated, remote attacker to cause an affected CNC to become inaccessible to other devices. CWE-400
 Uncontrolled Resource Consumption 		CVE-2020-12739 2024-11-21 14:00 2020-08-4 Show GitHub Exploit DB Packet Storm
211899 7.5 HIGH
Network 		cherokee-project cherokee Cherokee 0.4.27 to 1.2.104 is affected by a denial of service due to a NULL pointer dereferences. A remote unauthenticated attacker can crash the server by sending an HTTP request to protected resour… CWE-476
 NULL Pointer Dereference 		CVE-2020-12845 2024-11-21 14:00 2020-07-28 Show GitHub Exploit DB Packet Storm
211900 5.5 MEDIUM
Local 		pulsesecure
ivanti 		pulse_connect_secure
connect_secure
pulse_policy_secure
policy_secure 		An issue was discovered in Pulse Policy Secure (PPS) and Pulse Connect Secure (PCS) Virtual Appliance before 9.1R8. By manipulating a certain kernel boot parameter, it can be tricked into dropping in… NVD-CWE-noinfo
CVE-2020-12880 2024-11-21 14:00 2020-07-28 Show GitHub Exploit DB Packet Storm