Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":May 21, 2026, 4 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
249301 9.3 危険 Foxit Software Inc - Foxit Reader の FreeType エンジンのType 1 フォントデコーダにおける整数オーバーフローの脆弱性 CWE-189
数値処理の問題 		CVE-2011-1908 2012-03-27 18:43 2011-06-24 Show GitHub Exploit DB Packet Storm
249302 5 警告 Trustwave - Trustwave WebDefend Enterprise におけるイベント収集テーブルを読まれる脆弱性 CWE-255
証明書・パスワード管理 		CVE-2011-1906 2012-03-27 18:43 2011-05-5 Show GitHub Exploit DB Packet Storm
249303 6.8 警告 Proofpoint, Inc. - Proofpoint Protection Server の管理モジュールにおけるクロスサイトリクエストフォージェリの脆弱性 CWE-352
同一生成元ポリシー違反 		CVE-2011-1905 2012-03-27 18:43 2011-05-5 Show GitHub Exploit DB Packet Storm
249304 7.5 危険 Proofpoint, Inc. - Proofpoint Protection Server の Web インターフェース中の関数における任意のコマンドを実行される脆弱性 CWE-78
OSコマンド・インジェクション 		CVE-2011-1904 2012-03-27 18:43 2011-05-5 Show GitHub Exploit DB Packet Storm
249305 7.5 危険 Proofpoint, Inc. - Proofpoint Protection Server の関数における SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2011-1903 2012-03-27 18:43 2011-05-5 Show GitHub Exploit DB Packet Storm
249306 5 警告 Proofpoint, Inc. - Proofpoint Protection Server の Web インターフェースにおけるディレクトリトラバーサルの脆弱性 CWE-22
パス・トラバーサル 		CVE-2011-1902 2012-03-27 18:43 2011-05-5 Show GitHub Exploit DB Packet Storm
249307 7.5 危険 Proofpoint, Inc. - Proofpoint Protection Server の メールフィルタ Web インターフェースにおける認証を回避される脆弱性 CWE-287
不適切な認証 		CVE-2011-1901 2012-03-27 18:43 2011-05-5 Show GitHub Exploit DB Packet Storm
249308 10 危険 Schneider Electric - InduSoft Web Studio の NTWebServer におけるディレクトリトラバーサルの脆弱性 CWE-22
パス・トラバーサル 		CVE-2011-1900 2012-03-27 18:43 2011-05-4 Show GitHub Exploit DB Packet Storm
249309 10 危険 ヒューレット・パッカード - HP Intelligent Management Center の iNodeMngChecker.exe におけるスタックベースのバッファオーバーフローの脆弱性 CWE-119
バッファエラー 		CVE-2011-1867 2012-03-27 18:43 2011-07-11 Show GitHub Exploit DB Packet Storm
249310 10 危険 ヒューレット・パッカード - HP OpenView Storage Data Protector の omniinet.exe におけるバッファオーバーフローの脆弱性 CWE-119
バッファエラー 		CVE-2011-1866 2012-03-27 18:43 2011-06-28 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:May 21, 2026, 4:10 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
212811 6.5 MEDIUM
Network 		lightbend play_framework In Play Framework 2.6.0 through 2.8.1, the CSRF filter can be bypassed by making CORS simple requests with content types that contain parameters that can't be parsed. CWE-352
 Origin Validation Error 		CVE-2020-12480 2024-11-21 13:59 2020-08-18 Show GitHub Exploit DB Packet Storm
212812 9.8 CRITICAL
Network 		dbsoft sglac An issue was discovered in DB Soft SGLAC before 20.05.001. The ProcedimientoGenerico method in the SVCManejador.svc webservice of the SGLAC web frontend allows an attacker to run arbitrary SQL comman… CWE-89
SQL Injection 		CVE-2020-12606 2024-11-21 13:59 2020-08-17 Show GitHub Exploit DB Packet Storm
212813 6.1 MEDIUM
Network 		tiny tinymce A cross-site scripting (XSS) vulnerability in TinyMCE 5.2.1 and earlier allows remote attackers to inject arbitrary web script when configured in classic editing mode. CWE-79
Cross-site Scripting 		CVE-2020-12648 2024-11-21 13:59 2020-08-14 Show GitHub Exploit DB Packet Storm
212814 8.2 HIGH
Local 		intel s2600wftr_firmware
s2600wf0r_firmware
s2600wfqr_firmware
s2600bpsr_firmware
s2600bpbr_firmware
s2600bpqr_firmware
s2600stqr_firmware
s2600stbr_firmware 		Improper initialization in BIOS firmware for Intel(R) Server Board Families S2600ST, S2600BP and S2600WF may allow a privileged user to potentially enable escalation of privilege via local access. CWE-665
 Improper Initialization 		CVE-2020-12301 2024-11-21 13:59 2020-08-13 Show GitHub Exploit DB Packet Storm
212815 8.2 HIGH
Local 		intel s2600stqr_firmware
s2600stbr_firmware
s2600bpsr_firmware
s2600bpbr_firmware
s2600bpqr_firmware
s2600wftr_firmware
s2600wf0r_firmware
s2600wfqr_firmware 		Improper input validation in BIOS firmware for Intel(R) Server Board Families S2600ST, S2600BP and S2600WF may allow a privileged user to potentially enable escalation of privilege via local access. CWE-20
 Improper Input Validation  		CVE-2020-12299 2024-11-21 13:59 2020-08-13 Show GitHub Exploit DB Packet Storm
212816 8.2 HIGH
Local 		intel s2600cw2_firmware
s2600cw2s_firmware
s2600cwt_firmware
s2600cwts_firmware
s2600cw2r_firmware
s2600cw2sr_firmware
s2600cwtr_firmware
s2600cwtsr_firmware
s2600kp_firmware
s26… 		Uninitialized pointer in BIOS firmware for Intel(R) Server Board Families S2600CW, S2600KP, S2600TP, and S2600WT may allow a privileged user to potentially enable escalation of privilege via local ac… CWE-824
 Access of Uninitialized Pointer 		CVE-2020-12300 2024-11-21 13:59 2020-08-13 Show GitHub Exploit DB Packet Storm
212817 7.8 HIGH
Local 		intel distribution_of_openvino_toolkit Incorrect permissions in the Intel(R) Distribution of OpenVINO(TM) Toolkit before version 2020.2 may allow an authenticated user to potentially enable escalation of privilege via local access. CWE-276
Incorrect Default Permissions  		CVE-2020-12287 2024-11-21 13:59 2020-08-13 Show GitHub Exploit DB Packet Storm
212818 9.8 CRITICAL
Network 		stengg vpncrypt_m10_firmware The Web portal of the WiFi module of VPNCrypt M10 2.6.5 allows command injection via a text field, which allow full control over this module's Operating System. CWE-78
OS Command  		CVE-2020-12107 2024-11-21 13:59 2020-08-13 Show GitHub Exploit DB Packet Storm
212819 9.8 CRITICAL
Network 		stengg vpncrypt_m10_firmware The Web portal of the WiFi module of VPNCrypt M10 2.6.5 allows unauthenticated users to send HTTP POST request to several critical Administrative functions such as, changing credentials of the Admini… CWE-306
Missing Authentication for Critical Function 		CVE-2020-12106 2024-11-21 13:59 2020-08-13 Show GitHub Exploit DB Packet Storm
212820 7.5 HIGH
Network 		dovecot
debian
fedoraproject
canonical 		dovecot
debian_linux
fedora
ubuntu_linux 		In Dovecot before 2.3.11.3, uncontrolled recursion in submission, lmtp, and lda allows remote attackers to cause a denial of service (resource consumption) via a crafted e-mail message with deeply ne… CWE-674
 Uncontrolled Recursion 		CVE-2020-12100 2024-11-21 13:59 2020-08-13 Show GitHub Exploit DB Packet Storm