Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":May 17, 2026, 2 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
249351 5 警告 Yaws - Yaws におけるディレクトリトラバーサルの脆弱性 CWE-22
パス・トラバーサル 		CVE-2010-4181 2012-03-27 18:42 2010-11-4 Show GitHub Exploit DB Packet Storm
249352 4 警告 dracut Project
kernel.org		 - dracut におけるローカルユーザの tty0 からターナミルデータを読まれる脆弱性 CWE-264
認可・権限・アクセス制御 		CVE-2010-4176 2012-03-27 18:42 2010-12-7 Show GitHub Exploit DB Packet Storm
249353 3.3 注意 OpenFabrics Alliance - libsdp の libsdp.conf のディフォルト設定における任意のファイルを上書きされる脆弱性 CWE-59
リンク解釈の問題 		CVE-2010-4173 2012-03-27 18:42 2010-11-22 Show GitHub Exploit DB Packet Storm
249354 5 警告 OpenTTD - OpenTTD におけるサービス運用妨害 (DoS) の脆弱性 CWE-399
リソース管理の問題 		CVE-2010-4168 2012-03-27 18:42 2010-11-17 Show GitHub Exploit DB Packet Storm
249355 7.5 危険 Joomla! - Joomla! における SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2010-4166 2012-03-27 18:42 2010-11-4 Show GitHub Exploit DB Packet Storm
249356 6.9 警告 Mono Project - Mono の metadata/loader.c における権限を取得される脆弱性 CWE-Other
その他 		CVE-2010-4159 2012-03-27 18:42 2010-09-26 Show GitHub Exploit DB Packet Storm
249357 4.3 警告 exv2 - eXV2 CMS におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2010-4155 2012-03-27 18:42 2010-11-3 Show GitHub Exploit DB Packet Storm
249358 9.3 危険 rhinosoft - Rhino の FTP Voyager におけるディレクトリトラバーサルの脆弱性 CWE-22
パス・トラバーサル 		CVE-2010-4154 2012-03-27 18:42 2010-11-3 Show GitHub Exploit DB Packet Storm
249359 9.3 危険 crossftp - CrossFTP Pro におけるディレクトリトラバーサルの脆弱性 CWE-22
パス・トラバーサル 		CVE-2010-4153 2012-03-27 18:42 2010-11-3 Show GitHub Exploit DB Packet Storm
249360 7.5 危険 4site - 4site CMS の catalog/index.shtml における SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2010-4152 2012-03-27 18:42 2010-11-3 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:May 17, 2026, 4:15 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
198061 5.4 MEDIUM
Network 		schneider-electric ecostruxure_energy_expert
ecostruxure_power_monitoring_expert
power_manager
powerscada_operation_with_advanced_reporting_and_dashboards
powerscada_expert_with_advanced_reporting_and_dashb… 		A CWE-79: Improper Neutralization of Input During Web Page Generation vulnerability exists in EcoStruxureª and SmartStruxureª Power Monitoring and SCADA Software (see security notification for versio… - CVE-2020-7546 2024-11-21 14:37 2020-12-2 Show GitHub Exploit DB Packet Storm
198062 7.2 HIGH
Network 		schneider-electric ecostruxure_energy_expert
ecostruxure_power_monitoring_expert
power_manager
powerscada_operation_with_advanced_reporting_and_dashboards
powerscada_expert_with_advanced_reporting_and_dashb… 		A CWE-284:Improper Access Control vulnerability exists in EcoStruxureª and SmartStruxureª Power Monitoring and SCADA Software (see security notification for version information) that could allow for … NVD-CWE-Other
CVE-2020-7545 2024-11-21 14:37 2020-12-2 Show GitHub Exploit DB Packet Storm
198063 9.8 CRITICAL
Network 		schneider-electric modicon_m340_bmxp3420302_firmware
modicon_m340_bmxp342000_firmware
modicon_m340_bmxp341000_firmware
modicon_m340_bmxp3420102_firmware
bmxnoe0100_firmware
bmxnoe0110_firmware
bmxnoc0… 		A CWE-255: Credentials Management vulnerability exists in Web Server on Modicon M340, Modicon Quantum and ModiconPremium Legacy offers and their Communication Modules (see security notification for v… NVD-CWE-noinfo
CVE-2020-7533 2024-11-21 14:37 2020-12-2 Show GitHub Exploit DB Packet Storm
198064 7.8 HIGH
Local 		mcafee total_protection Privilege Escalation vulnerability in Microsoft Windows client McAfee Total Protection (MTP) prior to 16.0.29 allows local users to gain elevated privileges via careful manipulation of a folder by cr… - CVE-2020-7335 2024-11-21 14:37 2020-12-1 Show GitHub Exploit DB Packet Storm
198065 8.8 HIGH
Network 		softwaremill akka-http-session This affects the package com.softwaremill.akka-http-session:core_2.13 before 0.5.11; the package com.softwaremill.akka-http-session:core_2.12 before 0.5.11; the package com.softwaremill.akka-http-ses… CWE-352
 Origin Validation Error 		CVE-2020-7780 2024-11-21 14:37 2020-11-28 Show GitHub Exploit DB Packet Storm
198066 7.5 HIGH
Network 		djvalidator_project djvalidator All versions of package djvalidator are vulnerable to Regular Expression Denial of Service (ReDoS) by sending crafted invalid emails - for example, --@------------------------------------------------… CWE-400
 Uncontrolled Resource Consumption 		CVE-2020-7779 2024-11-21 14:37 2020-11-26 Show GitHub Exploit DB Packet Storm
198067 7.3 HIGH
Network 		systeminformation systeminformation This affects the package systeminformation before 4.30.2. The attacker can overwrite the properties and functions of an object, which can lead to executing OS commands. CWE-78
OS Command  		CVE-2020-7778 2024-11-21 14:37 2020-11-26 Show GitHub Exploit DB Packet Storm
198068 9.1 CRITICAL
Network 		opencrx opencrx CRIXP OpenCRX version 4.30 and 5.0-20200717 and prior suffers from an unverified password change vulnerability. An attacker who is able to connect to the affected OpenCRX instance can change the pass… CWE-287
Improper Authentication 		CVE-2020-7378 2024-11-21 14:37 2020-11-25 Show GitHub Exploit DB Packet Storm
198069 7.2 HIGH
Network 		jsen_project jsen This affects all versions of package jsen. If an attacker can control the schema file, it could run arbitrary JavaScript code on the victim machine. In the module description and README file there is… NVD-CWE-noinfo
CVE-2020-7777 2024-11-21 14:37 2020-11-24 Show GitHub Exploit DB Packet Storm
198070 6.6 MEDIUM
Network 		netu wf2429tb_firmware Improper Input validation vulnerability exists in Netis Korea D'live AP which could cause arbitrary command injection and execution when the time setting (using ntpServerlp1 parameter) for the users.… CWE-20
 Improper Input Validation  		CVE-2020-7842 2024-11-21 14:37 2020-11-21 Show GitHub Exploit DB Packet Storm