Vulnerability Search Top

Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

Vulnerability Information Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":June 3, 2026, 2:01 p.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
249481	5.8	警告	マイクロソフト	-	Microsoft Forefront Unified Access Gateway におけるオープンリダイレクトの脆弱性	CWE-20 不適切な入力確認	CVE-2012-0146	2012-04-16 13:35	2012-04-10	Show	GitHub Exploit DB Packet Storm

249482	3.7	注意	ヒューレット・パッカード	-	HP ProCurve 5400 zl スイッチシリーズにおける任意のコードを実行される脆弱性	CWE-DesignError	CVE-2012-0133	2012-04-13 16:24	2012-04-10	Show	GitHub Exploit DB Packet Storm

249483	6.8	警告	ヒューレット・パッカード	-	HP System Management Homepage におけるクロスサイトリクエストフォージェリの脆弱性	CWE-352 同一生成元ポリシー違反	CVE-2011-3846	2012-04-13 16:19	2012-04-12	Show	GitHub Exploit DB Packet Storm

249484	6.5	警告	Cloudera, Inc.	-	Cloudera Manager および Cloudera Service and Configuration Manager における任意のユーザアカウントになりすまされる脆弱性	CWE-310 暗号の問題	CVE-2012-2230	2012-04-13 15:35	2011-04-12	Show	GitHub Exploit DB Packet Storm

249485	6.5	警告	Cloudera, Inc. Apache Software Foundation	-	Cloudera 製品で使用される Apache Hadoop における任意のクラスタユーザアカウントになりすまされる脆弱性	CWE-310 暗号の問題	CVE-2012-1574	2012-04-13 15:33	2012-04-12	Show	GitHub Exploit DB Packet Storm

249486	5.8	警告	株式会社リクルート	-	どこでもリクナビ2013 におけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2012-1240	2012-04-13 12:02	2012-04-13	Show	GitHub Exploit DB Packet Storm

249487	5.8	警告	COM Meets Ruby	-	ActiveScriptRuby に HTML 上で任意の Ruby スクリプトを実行可能な脆弱性	CWE-Other その他	CVE-2012-1241	2012-04-13 12:01	2012-04-13	Show	GitHub Exploit DB Packet Storm

249488	7.5	危険	360安全中心	-	360圧縮 (360zip) における任意のコードを実行される脆弱性	CWE-264 認可・権限・アクセス制御	CVE-2012-2225	2012-04-13 11:45	2012-04-11	Show	GitHub Exploit DB Packet Storm

249489	7.5	危険	迅雷	-	迅雷 (Xunlei Thunder) における任意のコードを実行される脆弱性	CWE-94 コード・インジェクション	CVE-2012-2224	2012-04-13 11:44	2012-03-6	Show	GitHub Exploit DB Packet Storm

249490	4.3	警告	Plume CMS	-	Plume CMS におけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2012-2156	2012-04-13 11:07	2012-04-11	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:June 3, 2026, 4:18 a.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
209861	8.8	HIGH Network	raspap	raspap	An issue was discovered in includes/webconsole.php in RaspAP 2.5. With authenticated access, an attacker can use a misconfigured (and virtually unrestricted) web console to attack the underlying OS (…	CWE-78 OS Command	CVE-2020-24572	2024-11-21 14:15	2020-08-25	Show	GitHub Exploit DB Packet Storm

209862	4.7	MEDIUM Local	fedoraproject	selinux-policy	An issue was discovered in the selinux-policy (aka Reference Policy) package 3.14 through 2020-08-24 because the .config/Yubico directory is mishandled. Consequently, when SELinux is in enforced mode…	CWE-287 Improper Authentication	CVE-2020-24612	2024-11-21 14:15	2020-08-25	Show	GitHub Exploit DB Packet Storm

209863	7.5	HIGH Network	squid-cache canonical debian fedoraproject opensuse	squid ubuntu_linux debian_linux fedora leap	Squid before 4.13 and 5.x before 5.0.4 allows a trusted peer to perform Denial of Service by consuming all available CPU cycles during handling of a crafted Cache Digest response message. This only o…	CWE-667 Improper Locking	CVE-2020-24606	2024-11-21 14:15	2020-08-25	Show	GitHub Exploit DB Packet Storm

209864	6.5	MEDIUM Network	wso2	identity_server_analytics api_microgateway api_manager enterprise_integrator api_manager_analytics	The Management Console in certain WSO2 products allows XXE attacks during EventReceiver updates. This affects API Manager through 3.0.0, API Manager Analytics 2.2.0 and 2.5.0, API Microgateway 2.2.0,…	CWE-611 XXE	CVE-2020-24591	2024-11-21 14:15	2020-08-22	Show	GitHub Exploit DB Packet Storm

209865	9.1	CRITICAL Network	wso2	api_microgateway api_manager	The Management Console in WSO2 API Manager through 3.1.0 and API Microgateway 2.2.0 allows XML Entity Expansion attacks.	CWE-776 XML Entity Expansion	CVE-2020-24590	2024-11-21 14:15	2020-08-22	Show	GitHub Exploit DB Packet Storm

209866	9.1	CRITICAL Network	wso2	api_microgateway api_manager	The Management Console in WSO2 API Manager through 3.1.0 and API Microgateway 2.2.0 allows XML External Entity injection (XXE) attacks.	CWE-611 XXE	CVE-2020-24589	2024-11-21 14:15	2020-08-22	Show	GitHub Exploit DB Packet Storm

209867	5.3	MEDIUM Network	wolfssl	wolfssl	An issue was discovered in the DTLS handshake implementation in wolfSSL before 4.5.0. Clear DTLS application_data messages in epoch 0 do not produce an out-of-order error. Instead, these messages are…	NVD-CWE-noinfo	CVE-2020-24585	2024-11-21 14:15	2020-08-21	Show	GitHub Exploit DB Packet Storm

209868	7.8	HIGH Local	gog	galaxy	The client (aka GalaxyClientService.exe) in GOG GALAXY through 2.0.41 (as of 12:58 AM Eastern, 9/26/21) allows local privilege escalation from any authenticated user to SYSTEM by instructing the Wind…	CWE-798 Use of Hard-coded Credentials	CVE-2020-24574	2024-11-21 14:15	2020-08-21	Show	GitHub Exploit DB Packet Storm

209869	7.5	HIGH Network	nexusdb	nexusdb	NexusQA NexusDB before 4.50.23 allows the reading of files via ../ directory traversal.	CWE-22 Path Traversal	CVE-2020-24571	2024-11-21 14:15	2020-08-21	Show	GitHub Exploit DB Packet Storm

209870	7.8	HIGH Local	voidtools	everything	voidtools Everything before 1.4.1 Beta Nightly 2020-08-18 allows privilege escalation via a Trojan horse urlmon.dll file in the installation directory. NOTE: this is only relevant if low-privileged u…	NVD-CWE-noinfo	CVE-2020-24567	2024-11-21 14:15	2020-08-21	Show	GitHub Exploit DB Packet Storm