Vulnerability Search Top

Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

Vulnerability Information Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":May 13, 2026, 6 p.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
249501	6.8	警告	アップルサイバートラスト株式会社 NTP Project ヒューレット・パッカードターボリナックスオラクル VMware レッドハット	-	NTP の ntpq における任意のコードを実行される脆弱性	CWE-119 バッファエラー	CVE-2009-0159	2012-03-27 11:35	2009-04-14	Show	GitHub Exploit DB Packet Storm

249502	5	警告	アップルサイバートラスト株式会社レッドハットオラクル NTP Project	-	NTP における証明書チェーンの有効性を回避される脆弱性	CWE-287 不適切な認証	CVE-2009-0021	2012-03-27 11:01	2009-01-7	Show	GitHub Exploit DB Packet Storm

249503	5	警告	アップルサイバートラスト株式会社 PNG Development Group オラクル VMware レッドハット	-	libpng に含まれる pngrutil.c におけるメモリリークの脆弱性	CWE-399 リソース管理の問題	CVE-2010-2249	2012-03-27 10:32	2010-06-26	Show	GitHub Exploit DB Packet Storm

249504	7.5	危険	アップルサイバートラスト株式会社 Mozilla Foundation PNG Development Group オラクル VMware フェンリル株式会社レッドハット	-	libpng に脆弱性	CWE-119 バッファエラー	CVE-2010-1205	2012-03-27 10:29	2010-07-6	Show	GitHub Exploit DB Packet Storm

249505	7.8	危険	アップルサイバートラスト株式会社 PNG Development Group Lunascape オラクル VMware フェンリル株式会社レッドハット	-	libpng における圧縮された補助チャンクの処理に脆弱性	CWE-399 リソース管理の問題	CVE-2010-0205	2012-03-27 10:22	2010-03-4	Show	GitHub Exploit DB Packet Storm

249506	7.5	危険	クアンタムデル IBM	-	複数のテープライブラリ製品におけるアクセス権を取得される脆弱性	CWE-255 証明書・パスワード管理	CVE-2012-1844	2012-03-26 18:12	2012-03-22	Show	GitHub Exploit DB Packet Storm

249507	5	警告	クアンタムデル	-	Quantum Scalar i500 および Dell ML6000 における絶対パストラバーサルの脆弱性	CWE-22 パス・トラバーサル	CVE-2012-1841	2012-03-26 18:08	2012-03-22	Show	GitHub Exploit DB Packet Storm

249508	5	警告	LG-Nortel	-	LG-Nortel ELO GS24M に複数の脆弱性	CWE-287 不適切な認証	CVE-2012-1838	2012-03-26 16:29	2012-03-22	Show	GitHub Exploit DB Packet Storm

249509	7.5	危険	Webglimpse	-	WebGlimpse に OS コマンドインジェクションの脆弱性	CWE-78 OSコマンド・インジェクション	CVE-2012-1795	2012-03-26 16:24	2012-03-20	Show	GitHub Exploit DB Packet Storm

249510	7.5	危険	Pydio	-	AjaXplorer におけるログインのアクセス権を取得される脆弱性	CWE-287 不適切な認証	CVE-2012-1840	2012-03-26 16:08	2012-03-22	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:May 14, 2026, 4 a.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
212491	7.8	HIGH Local	redhat	fabric8-maven	A flaw was found in the fabric8-maven-plugin 4.0.0 and later. When using a wildfly-swarm or thorntail custom configuration, a malicious YAML configuration file on the local machine executing the mave…	CWE-502 Deserialization of Untrusted Data	CVE-2020-10721	2024-11-21 13:55	2020-10-23	Show	GitHub Exploit DB Packet Storm

212492	6.1	MEDIUM Local	infinispan	infinispan-server-runtime	A flaw was found in Infinispan (org.infinispan:infinispan-server-runtime) version 10, where it permits local access to controls via both REST and HotRod APIs. This flaw allows a user authenticated to…	NVD-CWE-Other	CVE-2020-10746	2024-11-21 13:55	2020-10-20	Show	GitHub Exploit DB Packet Storm

212493	7.5	HIGH Network	redhat netapp	wildfly_elytron jboss_fuse process_automation descision_manager codeready_studio oncommand_insight	A flaw was found in WildFly Elytron version 1.11.3.Final and before. When using WildFly Elytron FORM authentication with a session ID in the URL, an attacker could perform a session fixation attack. …	-	CVE-2020-10714	2024-11-21 13:55	2020-09-23	Show	GitHub Exploit DB Packet Storm

212494	4.8	MEDIUM Network	redhat	undertow single_sign-on jboss_enterprise_application_platform	A flaw was discovered in all versions of Undertow before Undertow 2.2.0.Final, where HTTP request smuggling related to CVE-2017-2666 is possible against HTTP/1.x and HTTP/2 due to permitting invalid …	-	CVE-2020-10687	2024-11-21 13:55	2020-09-23	Show	GitHub Exploit DB Packet Storm

212495	7.5	HIGH Network	redhat	jboss_fuse wildfly	A flaw was found in Wildfly before wildfly-embedded-13.0.0.Final, where the embedded managed process API has an exposed setting of the Thread Context Classloader (TCCL). This setting is exposed as a …	NVD-CWE-Other	CVE-2020-10718	2024-11-21 13:55	2020-09-17	Show	GitHub Exploit DB Packet Storm

212496	6.1	MEDIUM Network	redhat	keycloak single_sign-on	A flaw was found in Keycloak's data filter, in version 10.0.1, where it allowed the processing of data URLs in some circumstances. This flaw allows an attacker to conduct cross-site scripting or furt…	CWE-79 Cross-site Scripting	CVE-2020-10748	2024-11-21 13:55	2020-09-17	Show	GitHub Exploit DB Packet Storm

212497	4.3	MEDIUM Network	redhat	openshift	A content spoofing vulnerability was found in the openshift/console 3.11 and 4.x. This flaw allows an attacker to craft a URL and inject arbitrary text onto the error page that appears to be from the…	CWE-20 Improper Input Validation	CVE-2020-10715	2024-11-21 13:55	2020-09-17	Show	GitHub Exploit DB Packet Storm

212498	7.3	HIGH Local	postgresql	postgresql	The Windows installer for PostgreSQL 9.5 - 12 invokes system-provided executables that do not have fully-qualified paths. Executables in the directory where the installer loads or the current working…	CWE-426 Untrusted Search Path	CVE-2020-10733	2024-11-21 13:55	2020-09-17	Show	GitHub Exploit DB Packet Storm

212499	8.8	HIGH Network	vtenext	vtenext	A CSRF issue in vtecrm vtenext 19 CE allows attackers to carry out unwanted actions on an administrator's behalf, such as uploading files, adding users, and deleting accounts.	CWE-352 Origin Validation Error	CVE-2020-10229	2024-11-21 13:55	2020-09-15	Show	GitHub Exploit DB Packet Storm

212500	8.8	HIGH Network	vtenext	vtenext	A file upload vulnerability in vtecrm vtenext 19 CE allows authenticated users to upload files with a .pht extension, resulting in remote code execution.	CWE-434 Unrestricted Upload of File with Dangerous Type	CVE-2020-10228	2024-11-21 13:55	2020-09-15	Show	GitHub Exploit DB Packet Storm