Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":May 16, 2026, 10:01 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
249331 9.3 危険 camtron
tecvoz		 - Camtron CMNC-200 Full HD IP Camera の特定のActiveX コントロールにおけるスタックベースのバッファのオーバーフローの脆弱性 CWE-119
バッファエラー 		CVE-2010-4230 2012-03-27 18:42 2010-11-16 Show GitHub Exploit DB Packet Storm
249332 4.3 警告 IBM - IBM WebSphere Portal の SemanticTagService.js におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2010-4219 2012-03-27 18:42 2010-11-9 Show GitHub Exploit DB Packet Storm
249333 10 危険 IBM - IBM ENOVIA 6 の Web Services における詳細不明な脆弱性 CWE-noinfo
情報不足 		CVE-2010-4218 2012-03-27 18:42 2010-11-9 Show GitHub Exploit DB Packet Storm
249334 5 警告 IBM - IBM Tivoli Directory Server (TDS) のプロキシサーバにおけるサービス運用妨害 (DoS) の脆弱性 CWE-399
リソース管理の問題 		CVE-2010-4217 2012-03-27 18:42 2010-10-19 Show GitHub Exploit DB Packet Storm
249335 5 警告 IBM - IBM TDS におけるサービス運用妨害 (DoS) の脆弱性 CWE-119
バッファエラー 		CVE-2010-4216 2012-03-27 18:42 2010-10-29 Show GitHub Exploit DB Packet Storm
249336 6.5 警告 Foswiki - Foswiki の UI/Manage.pm における権限を取得される脆弱性 CWE-264
認可・権限・アクセス制御 		CVE-2010-4215 2012-03-27 18:42 2010-11-12 Show GitHub Exploit DB Packet Storm
249337 4.3 警告 wellsfargo - Android 用の Wells Fargo Mobile アプリケーションにおける重要な情報を取得される脆弱性 CWE-310
暗号の問題 		CVE-2010-4214 2012-03-27 18:42 2010-11-8 Show GitHub Exploit DB Packet Storm
249338 4.3 警告 bankofamerica - Android のバンク・オブ・アメリカのアプリケーションにおける重要な情報を取得される脆弱性 CWE-310
暗号の問題 		CVE-2010-4213 2012-03-27 18:42 2010-11-8 Show GitHub Exploit DB Packet Storm
249339 1.9 注意 USAA - USAA application for Android における重要なオンラインバンキングの情報を取得される脆弱性 CWE-264
認可・権限・アクセス制御 		CVE-2010-4212 2012-03-27 18:42 2010-11-8 Show GitHub Exploit DB Packet Storm
249340 2.9 注意 ebay - PayPal app における Paypal Web サーバになりすまされる脆弱性 CWE-287
不適切な認証 		CVE-2010-4211 2012-03-27 18:42 2010-11-8 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:May 16, 2026, 4 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
211401 4.6 MEDIUM
Physics 		coolkit ewelink Weak encryption in the Quick Pairing mode in the eWeLink mobile application (Android application V4.9.2 and earlier, iOS application V4.9.1 and earlier) allows physically proximate attackers to eaves… CWE-327
 Use of a Broken or Risky Cryptographic Algorithm 		CVE-2020-12702 2024-11-21 14:00 2021-02-24 Show GitHub Exploit DB Packet Storm
211402 8.8 HIGH
Network 		atlassian alfresco_enterprise_content_management An issue was discovered in Alfresco Enterprise Content Management (ECM) before 6.2.1. A user with privileges to edit a FreeMarker template (e.g., a webscript) may execute arbitrary Java code or run a… CWE-74
Injection 		CVE-2020-12873 2024-11-21 14:00 2021-02-20 Show GitHub Exploit DB Packet Storm
211403 6.5 MEDIUM
Network 		hubspot jinjava Jinjava before 2.5.4 allow access to arbitrary classes by calling Java methods on objects passed into a Jinjava context. This could allow for abuse of the application class loader, including Arbitrar… CWE-863
 Incorrect Authorization 		CVE-2020-12668 2024-11-21 14:00 2021-02-20 Show GitHub Exploit DB Packet Storm
211404 7.8 HIGH
Local 		digi connectport_x2e_firmware Digi ConnectPort X2e before 3.2.30.6 allows an attacker to escalate privileges from the python user to root via a symlink attack that uses chown, related to /etc/init.d/S50dropbear.sh and the /WEB/py… CWE-59
Link Following 		CVE-2020-12878 2024-11-21 14:00 2021-02-18 Show GitHub Exploit DB Packet Storm
211405 6.5 MEDIUM
Network 		teradici cloud_access_connector An Anti CSRF mechanism was discovered missing in the Teradici Cloud Access Connector v31 and earlier in a specific web form, which allowed an attacker with knowledge of both a machineID and user GUID… CWE-352
 Origin Validation Error 		CVE-2020-13186 2024-11-21 14:00 2021-02-12 Show GitHub Exploit DB Packet Storm
211406 6.5 MEDIUM
Network 		teradici cloud_access_connector Certain web application pages in the authenticated section of the Teradici Cloud Access Connector prior to v18 were accessible without the need to specify authentication tokens, which allowed an atta… CWE-287
Improper Authentication 		CVE-2020-13185 2024-11-21 14:00 2021-02-12 Show GitHub Exploit DB Packet Storm
211407 9.8 CRITICAL
Network 		wavlink wn575a4_firmware
wn579x3_firmware 		Wavlink WN575A4 and WN579X3 devices through 2020-05-15 allow unauthenticated remote users to inject commands via the key parameter in a login request. CWE-77
Command Injection 		CVE-2020-13117 2024-11-21 14:00 2021-02-10 Show GitHub Exploit DB Packet Storm
211408 4.8 MEDIUM
Network 		tufin securechange Tufin SecureChange prior to R19.3 HF3 and R20-1 HF1 are vulnerable to stored XSS. The successful exploitation requires admin privileges (for storing the XSS payload itself), and can exploit (be trigg… CWE-79
Cross-site Scripting 		CVE-2020-13134 2024-11-21 14:00 2021-01-20 Show GitHub Exploit DB Packet Storm
211409 6.1 MEDIUM
Network 		tufin securechange Tufin SecureChange prior to R19.3 HF3 and R20-1 HF1 are vulnerable to stored XSS. The successful exploitation requires admin privileges (for storing the XSS payload itself), and can exploit (be trigg… CWE-79
Cross-site Scripting 		CVE-2020-13133 2024-11-21 14:00 2021-01-20 Show GitHub Exploit DB Packet Storm
211410 5.4 MEDIUM
Network 		carbonite server_backup_portal OpenText Carbonite Server Backup Portal before 8.8.7 allows XSS by an authenticated user via policy creation. CWE-79
Cross-site Scripting 		CVE-2020-13116 2024-11-21 14:00 2021-01-13 Show GitHub Exploit DB Packet Storm