Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":May 23, 2026, 6 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
249231 5.8 警告 WordPress.org - WordPress におけるクリックジャックの脆弱性 CWE-20
不適切な入力確認 		CVE-2011-3127 2012-03-27 18:43 2011-05-25 Show GitHub Exploit DB Packet Storm
249232 5 警告 WordPress.org - WordPress におけるユーザ名を特定される脆弱性 CWE-200
情報漏えい 		CVE-2011-3126 2012-03-27 18:43 2011-05-25 Show GitHub Exploit DB Packet Storm
249233 10 危険 WordPress.org - WordPress における脆弱性 CWE-noinfo
情報不足 		CVE-2011-3125 2012-03-27 18:43 2011-05-25 Show GitHub Exploit DB Packet Storm
249234 7.2 危険 IBM - IBM InfoSphere DataStage および他の製品で使用される IBM InfoSphere Information Server における権限を取得される脆弱性 CWE-264
認可・権限・アクセス制御 		CVE-2011-3124 2012-03-27 18:43 2011-08-10 Show GitHub Exploit DB Packet Storm
249235 7.2 危険 IBM - IBM InfoSphere DataStage および他の製品で使用される IBM InfoSphere Information Server における権限を取得される脆弱性 CWE-264
認可・権限・アクセス制御 		CVE-2011-3123 2012-03-27 18:43 2011-08-10 Show GitHub Exploit DB Packet Storm
249236 10 危険 WordPress.org - WordPress における脆弱性 CWE-noinfo
情報不足 		CVE-2011-3122 2012-03-27 18:43 2011-05-25 Show GitHub Exploit DB Packet Storm
249237 5 警告 Novell - Novell Data Synchronizer の WebAdmin における重要な情報を取得される脆弱性 CWE-264
認可・権限・アクセス制御 		CVE-2011-3014 2012-03-27 18:43 2011-07-26 Show GitHub Exploit DB Packet Storm
249238 5 警告 Novell - Novell Data Synchronizer の WebAdmin におけるアクセス権を取得される脆弱性 CWE-310
暗号の問題 		CVE-2011-3013 2012-03-27 18:43 2011-07-26 Show GitHub Exploit DB Packet Storm
249239 10 危険 ioquake3
worldofpadman
urbanterror
tremulous		 - World of Padman などの製品で使用される ioQuake3 エンジンにおける任意のコードを実行される脆弱性 CWE-20
不適切な入力確認 		CVE-2011-3012 2012-03-27 18:43 2011-08-9 Show GitHub Exploit DB Packet Storm
249240 5 警告 Ruby-lang.org - Ruby における乱数の値を推測される脆弱性 CWE-310
暗号の問題 		CVE-2011-3009 2012-03-27 18:43 2011-08-5 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:May 23, 2026, 4:08 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
213171 4.9 MEDIUM
Physics 		baxter prismaflex_firmware
prismax_firmware 		Baxter PrismaFlex all versions, PrisMax all versions prior to 3.x, The PrismaFlex device contains a hard-coded service password that provides access to biomedical information, device settings, calibr… CWE-798
 Use of Hard-coded Credentials 		CVE-2020-12035 2024-11-21 13:59 2020-06-29 Show GitHub Exploit DB Packet Storm
213172 9.1 CRITICAL
Network 		baxter em2400_firmware
em1200_firmware 		Baxter ExactaMix EM 2400 Versions 1.10, 1.11 and ExactaMix EM1200 Versions 1.1, 1.2 systems store device data with sensitive information in an unencrypted database. This could allow an attacker with … CWE-312
 Cleartext Storage of Sensitive Information 		CVE-2020-12032 2024-11-21 13:59 2020-06-29 Show GitHub Exploit DB Packet Storm
213173 6.1 MEDIUM
Physics 		baxter em2400_firmware
em1200_firmware 		Baxter ExactaMix EM 2400 versions 1.10, 1.11, 1.13, 1.14 and ExactaMix EM1200 Versions 1.1, 1.2, 1.4 and 1.5 does not restrict access to the USB interface from an unauthorized user with physical acce… NVD-CWE-Other
CVE-2020-12024 2024-11-21 13:59 2020-06-29 Show GitHub Exploit DB Packet Storm
213174 6.1 MEDIUM
Local 		baxter em2400_firmware
em1200_firmware 		Baxter ExactaMix EM 2400 Versions 1.10, 1.11, and 1.13 and ExactaMix EM1200 Versions 1.1, 1.2, and 1.4 does not restrict non administrative users from gaining access to the operating system and editi… CWE-668
 Exposure of Resource to Wrong Sphere 		CVE-2020-12020 2024-11-21 13:59 2020-06-29 Show GitHub Exploit DB Packet Storm
213175 9.8 CRITICAL
Network 		baxter em2400_firmware
em1200_firmware 		Baxter ExactaMix EM 2400 & EM 1200, Versions ExactaMix EM2400 Versions 1.10, 1.11, 1.13, 1.14, ExactaMix EM1200 Versions 1.1, 1.2, 1.4, 1.5, Baxter ExactaMix EM 2400 Versions 1.10, 1.11, 1.13, 1.14 a… CWE-798
 Use of Hard-coded Credentials 		CVE-2020-12016 2024-11-21 13:59 2020-06-29 Show GitHub Exploit DB Packet Storm
213176 7.5 HIGH
Network 		baxter em2400_firmware
em1200_firmware 		Baxter ExactaMix EM 2400 Versions 1.10, 1.11 and ExactaMix EM1200 Versions 1.1, 1.2 systems use cleartext messages to communicate order information with an order entry system. This could allow an att… CWE-319
Cleartext Transmission of Sensitive Information 		CVE-2020-12008 2024-11-21 13:59 2020-06-29 Show GitHub Exploit DB Packet Storm
213177 6.1 MEDIUM
Physics 		baxter em2400_firmware
em1200_firmware 		Baxter ExactaMix EM 2400 & EM 1200, Versions ExactaMix EM2400 Versions 1.10, 1.11, 1.13, 1.14, ExactaMix EM1200 Versions 1.1, 1.2, 1.4, 1.5, Baxter ExactaMix EM 2400 Versions 1.10, 1.11, and 1.13, an… CWE-798
 Use of Hard-coded Credentials 		CVE-2020-12012 2024-11-21 13:59 2020-06-29 Show GitHub Exploit DB Packet Storm
213178 7.5 HIGH
Network 		apache
canonical
oracle
opensuse
debian
netapp 		tomcat
ubuntu_linux
workload_manager
siebel_ui_framework
mysql_enterprise_monitor
leap
debian_linux
oncommand_system_manager 		A specially crafted sequence of HTTP/2 requests sent to Apache Tomcat 10.0.0-M1 to 10.0.0-M5, 9.0.0.M1 to 9.0.35 and 8.5.0 to 8.5.55 could trigger high CPU usage for several seconds. If a sufficient … NVD-CWE-noinfo
CVE-2020-11996 2024-11-21 13:59 2020-06-27 Show GitHub Exploit DB Packet Storm
213179 8.8 HIGH
Adjacent 		rockwellautomation factorytalk_services_platform In Rockwell Automation FactoryTalk Services Platform, all versions, the redundancy host service (RdcyHost.exe) does not validate supplied identifiers, which could allow an unauthenticated, adjacent a… CWE-20
 Improper Input Validation  		CVE-2020-12033 2024-11-21 13:59 2020-06-24 Show GitHub Exploit DB Packet Storm
213180 9.0 CRITICAL
Network 		osisoft pi_web_api In OSIsoft PI Web API 2019 Patch 1 (1.12.0.6346) and all previous versions, the affected product is vulnerable to a cross-site scripting attack, which may allow an attacker to remotely execute arbitr… CWE-79
Cross-site Scripting 		CVE-2020-12021 2024-11-21 13:59 2020-06-24 Show GitHub Exploit DB Packet Storm