Vulnerability Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":June 3, 2026, 6:08 p.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
249241	10	危険	Mozilla Foundation	-	複数の Mozilla 製品におけるサービス運用妨害 (DoS) の脆弱性	CWE-DesignError	CVE-2012-0444	2012-06-1 14:19	2012-01-31	Show	GitHub Exploit DB Packet Storm

249242	7.8	危険	シスコシステムズ	-	Cisco ASR 9000 および CRS シリーズの Cisco IOS XR におけるサービス運用妨害 (DoS) の脆弱性	CWE-20 不適切な入力確認	CVE-2012-2488	2012-06-1 14:14	2012-05-30	Show	GitHub Exploit DB Packet Storm

249243	6.8	警告	TYPO3 Association	-	TYPO3 の fileDenyPattern 機能におけるアクセス制限を回避される脆弱性	CWE-20 不適切な入力確認	CVE-2010-5099	2012-06-1 13:50	2010-12-16	Show	GitHub Exploit DB Packet Storm

249244	2.6	注意	株式会社バンダイナムコゲームス	-	魔法少女まどか☆マギカ iP for Android における情報漏えいの脆弱性	CWE-200 情報漏えい	CVE-2012-2630	2012-06-1 12:04	2012-06-1	Show	GitHub Exploit DB Packet Storm

249245	7.5	危険	Segue Project	-	Segue における SQL インジェクションの脆弱性	CWE-89 SQLインジェクション	CVE-2012-1255	2012-06-1 12:03	2012-06-1	Show	GitHub Exploit DB Packet Storm

249246	4.3	警告	Segue Project	-	Segue におけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2012-1254	2012-06-1 12:02	2012-06-1	Show	GitHub Exploit DB Packet Storm

249247	7.5	危険	Jaow	-	Jaow の add_ons.php における SQL インジェクションの脆弱性	CWE-89 SQLインジェクション	CVE-2012-2952	2012-05-31 14:52	2012-05-29	Show	GitHub Exploit DB Packet Storm

249248	7.5	危険	Plogger Project	-	Plogger の plog-rss.php における SQL インジェクションの脆弱性	CWE-89 SQLインジェクション	CVE-2012-2951	2012-05-31 14:52	2012-05-29	Show	GitHub Exploit DB Packet Storm

249249	3.3	注意	Puppet	-	Puppet および Puppet Enterprise における任意のファイルを上書きされる脆弱性	CWE-264 認可・権限・アクセス制御	CVE-2012-1906	2012-05-31 14:25	2012-05-29	Show	GitHub Exploit DB Packet Storm

249250	4.3	警告	ikiwiki	-	ikiwiki のメタプラグイン (Plugin/meta.pm) におけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2012-0220	2012-05-31 14:15	2012-05-29	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:June 4, 2026, 4:17 a.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
209931	5.3	MEDIUM Network	premid	premid	managers/socketManager.ts in PreMiD through 2.1.3 has a locally hosted socketio web server (port 3020) open to all origins, which allows attackers to obtain sensitive Discord user information.	CWE-862 Missing Authorization	CVE-2020-24928	2024-11-21 14:16	2020-08-30	Show	GitHub Exploit DB Packet Storm

209932	6.5	MEDIUM Network	stiltsoft	table_filter_and_charts_for_confluence_server	The Table Filter and Charts for Confluence Server app before 5.3.26 (for Atlassian Confluence) allows SSRF via the "Table from CSV" macro (URL parameter).	CWE-918 Server-Side Request Forgery (SSRF)	CVE-2020-24898	2024-11-21 14:16	2020-08-30	Show	GitHub Exploit DB Packet Storm

209933	8.9	HIGH Network	stiltsoft	table_filter_and_charts_for_confluence_server	The Table Filter and Charts for Confluence Server app before 5.3.25 (for Atlassian Confluence) allow remote attackers to inject arbitrary HTML or JavaScript via cross site scripting (XSS) through the…	CWE-79 Cross-site Scripting	CVE-2020-24897	2024-11-21 14:16	2020-08-30	Show	GitHub Exploit DB Packet Storm

209934	9.8	CRITICAL Network	mpxj oracle	mpxj primavera_unifier	MPXJ through 8.1.3 allows XXE attacks. This affects the GanttProjectReader and PhoenixReader components.	CWE-611 XXE	CVE-2020-25020	2024-11-21 14:16	2020-08-30	Show	GitHub Exploit DB Packet Storm

209935	7.5	HIGH Network	jitsi	meet_electron	jitsi-meet-electron (aka Jitsi Meet Electron) before 2.3.0 calls the Electron shell.openExternal function without verifying that the URL is for an http or https resource, in some circumstances.	CWE-345 Insufficient Verification of Data Authenticity	CVE-2020-25019	2024-11-21 14:16	2020-08-30	Show	GitHub Exploit DB Packet Storm

209936	9.1	CRITICAL Network	rgb-rust_project	rgb-rust	A safety violation was discovered in the rgb crate before 0.8.20 for Rust, leading to (for example) dereferencing of arbitrary pointers or disclosure of uninitialized memory. This occurs because stru…	CWE-119 CWE-843 Incorrect Access of Indexable Resource ('Range Error') Type Confusion	CVE-2020-25016	2024-11-21 14:16	2020-08-30	Show	GitHub Exploit DB Packet Storm

209937	7.8	HIGH Local	br-automation	automation_studio automation_net\/pvi	Unquoted Search Path or Element vulnerability in B&R Industrial Automation Automation Studio, B&R Industrial Automation NET/PVI allows Target Programs with Elevated Privileges.This issue affects Auto…	-	CVE-2020-24682	2024-11-21 14:15	2024-02-2	Show	GitHub Exploit DB Packet Storm

209938	8.8	HIGH Local	br-automation	automation_studio	Incorrect Permission Assignment for Critical Resource vulnerability in B&R Industrial Automation Automation Studio allows Privilege Escalation.This issue affects Automation Studio: from 4.6.0 through…	-	CVE-2020-24681	2024-11-21 14:15	2024-02-2	Show	GitHub Exploit DB Packet Storm

209939	5.5	MEDIUM Local	ghost	sqlite3	Buffer Overflow vulnerability found in SQLite3 v.3.27.1 and before allows a local attacker to cause a denial of service via a crafted script.	CWE-120 Classic Buffer Overflow	CVE-2020-24736	2024-11-21 14:15	2023-04-12	Show	GitHub Exploit DB Packet Storm

209940	9.8	CRITICAL Network	capexweb_project	capexweb	Shilpi CAPExWeb 1.1 allows SQL injection via a servlet/capexweb.cap_sendMail GET request.	CWE-89 SQL Injection	CVE-2020-24600	2024-11-21 14:15	2022-12-27	Show	GitHub Exploit DB Packet Storm

Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed