Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":May 28, 2026, 10 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
249241 6.8 警告 Opera Software ASA - Opera における任意のファイルをダウンロードおよび実行させられる脆弱性 CWE-DesignError
CVE-2012-1925 2012-03-29 15:48 2012-03-28 Show GitHub Exploit DB Packet Storm
249242 6.8 警告 Opera Software ASA - Opera における任意のファイルをダウンロードおよび実行させられる脆弱性 CWE-94
コード・インジェクション 		CVE-2012-1924 2012-03-29 15:47 2012-03-28 Show GitHub Exploit DB Packet Storm
249243 5 警告 PrivaWall - PrivaWall Antivirus のスキャナエンジンにおけるマルウェアの検出を回避される脆弱性 CWE-264
認可・権限・アクセス制御 		CVE-2012-1907 2012-03-29 15:43 2012-03-28 Show GitHub Exploit DB Packet Storm
249244 6.4 警告 MaraDNS - MaraDNS における無効なドメイン名の継続的な名前解決を可能にされる脆弱性 CWE-DesignError
CVE-2012-1570 2012-03-29 15:25 2012-03-17 Show GitHub Exploit DB Packet Storm
249245 5.8 警告 ヒューレット・パッカード - HP-UX の WBEM 実装におけるアクセス権を取得される脆弱性 CWE-noinfo
情報不足 		CVE-2012-0126 2012-03-29 14:32 2012-03-27 Show GitHub Exploit DB Packet Storm
249246 3.3 注意 ヒューレット・パッカード - HP-UX の WBEM 実装におけるアクセス権を取得される脆弱性 CWE-noinfo
情報不足 		CVE-2012-0125 2012-03-29 14:32 2012-03-27 Show GitHub Exploit DB Packet Storm
249247 3.6 注意 富士通 - 富士通 Interstage List Works における拒否型アクセス権の設定が有効にならない脆弱性 CWE-264
認可・権限・アクセス制御 		- 2012-03-29 14:09 2012-03-26 Show GitHub Exploit DB Packet Storm
249248 4.3 警告 アドビシステムズ
日立		 - Adobe RoboHelp および RoboHelp Server におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2011-2133 2012-03-28 10:30 2011-08-9 Show GitHub Exploit DB Packet Storm
249249 4.3 警告 アドビシステムズ
日立		 - Adobe RoboHelp および RoboHelp Server におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2011-0613 2012-03-28 10:22 2011-05-12 Show GitHub Exploit DB Packet Storm
249250 5 警告 Zikula Foundation - Zikula における重要な情報を取得される脆弱性 CWE-200
情報漏えい 		CVE-2011-3826 2012-03-27 18:43 2011-09-23 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:May 28, 2026, 4:16 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
199981 2.5 LOW
Local 		suse
opensuse 		linux_enterprise_server
leap 		A UNIX Symbolic Link (Symlink) Following vulnerability in chkstat of SUSE Linux Enterprise Server 12, SUSE Linux Enterprise Server 15, SUSE Linux Enterprise Server 11 set permissions intended for spe… - CVE-2020-8013 2024-11-21 14:38 2020-03-3 Show GitHub Exploit DB Packet Storm
199982 7.2 HIGH
Network 		artica pandora_fms In Artica Pandora FMS 7.42, Web Admin users can execute arbitrary code by uploading a .php file via the Updater or Extension component. NOTE: The vendor reports that this is intended functionality CWE-434
 Unrestricted Upload of File with Dangerous Type  		CVE-2020-8500 2024-11-21 14:38 2020-03-3 Show GitHub Exploit DB Packet Storm
199983 9.8 CRITICAL
Network 		pdf-image_project pdf-image Lack of input validation in pdf-image npm package version <= 2.0.0 may allow an attacker to run arbitrary code if PDF file path is constructed based on untrusted user input. CWE-20
 Improper Input Validation  		CVE-2020-8132 2024-11-21 14:38 2020-02-29 Show GitHub Exploit DB Packet Storm
199984 6.1 MEDIUM
Network 		revealjs reveal.js Insufficient validation in cross-origin communication (postMessage) in reveal.js version 3.9.1 and earlier allow attackers to perform cross-site scripting attacks. CWE-79
Cross-site Scripting 		CVE-2020-8127 2024-11-21 14:38 2020-02-29 Show GitHub Exploit DB Packet Storm
199985 7.5 HIGH
Network 		yarnpkg yarn Arbitrary filesystem write vulnerability in Yarn before 1.22.0 allows attackers to write to any path on the filesystem and potentially lead to arbitrary code execution by forcing the user to install … CWE-22
Path Traversal 		CVE-2020-8131 2024-11-21 14:38 2020-02-25 Show GitHub Exploit DB Packet Storm
199986 6.4 MEDIUM
Local 		ruby-lang
debian
canonical
fedoraproject
opensuse 		rake
debian_linux
ubuntu_linux
fedora
leap 		There is an OS command injection vulnerability in Ruby Rake < 12.3.3 in Rake::FileList when supplying a filename that begins with the pipe character `|`. CWE-78
OS Command  		CVE-2020-8130 2024-11-21 14:38 2020-02-25 Show GitHub Exploit DB Packet Storm
199987 6.5 MEDIUM
Network 		puppet puppet_agent
puppet 		Previously, Puppet operated on a model that a node with a valid certificate was entitled to all information in the system and that a compromised certificate allowed access to everything in the infras… CWE-295
Improper Certificate Validation  		CVE-2020-7942 2024-11-21 14:38 2020-02-20 Show GitHub Exploit DB Packet Storm
199988 9.8 CRITICAL
Network 		jyaml_project jyaml JYaml through 1.3 allows remote code execution during deserialization of a malicious payload through the load() function. NOTE: this is a discontinued product. CWE-502
 Deserialization of Untrusted Data 		CVE-2020-8441 2024-11-21 14:38 2020-02-20 Show GitHub Exploit DB Packet Storm
199989 9.8 CRITICAL
Network 		broadcom unified_infrastructure_management CA Unified Infrastructure Management (Nimsoft/UIM) 20.1, 20.3.x, and 9.20 and below contains a buffer overflow vulnerability in the robot (controller) component. A remote attacker can execute arbitra… CWE-120
Classic Buffer Overflow 		CVE-2020-8012 2024-11-21 14:38 2020-02-18 Show GitHub Exploit DB Packet Storm
199990 7.5 HIGH
Network 		broadcom unified_infrastructure_management CA Unified Infrastructure Management (Nimsoft/UIM) 20.1, 20.3.x, and 9.20 and below contains a null pointer dereference vulnerability in the robot (controller) component. A remote attacker can crash … CWE-476
 NULL Pointer Dereference 		CVE-2020-8011 2024-11-21 14:38 2020-02-18 Show GitHub Exploit DB Packet Storm