Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":May 21, 2026, 6:01 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
249661 6.8 警告 blaenkdenum - WordPress の Recaptcha プラグインにおけるクロスサイトリクエストフォージェリの脆弱性 CWE-352
同一生成元ポリシー違反 		CVE-2011-0759 2012-03-27 18:43 2011-03-22 Show GitHub Exploit DB Packet Storm
249662 10 危険 CA Technologies - CA ETrust Secure Content Manager および CA Gateway Securit の eCS コンポーネントにおける サービス運用妨害 (DoS) の脆弱性 CWE-189
数値処理の問題 		CVE-2011-0758 2012-03-27 18:43 2011-02-8 Show GitHub Exploit DB Packet Storm
249663 5 警告 Trustwave - Trustwave WebDefend Enterprise のアプリケーションサーバにおけるセキュリティイベントデータを読まれる脆弱性 CWE-255
証明書・パスワード管理 		CVE-2011-0756 2012-03-27 18:43 2011-05-4 Show GitHub Exploit DB Packet Storm
249664 7.5 危険 nazgul - nhttpd におけるディレクトリトラバーサルの脆弱性 CWE-22
パス・トラバーサル 		CVE-2011-0751 2012-03-27 18:43 2011-03-16 Show GitHub Exploit DB Packet Storm
249665 6.8 警告 Tincan - phpList におけるクロスサイトリクエストフォージェリ脆弱性 CWE-352
同一生成元ポリシー違反 		CVE-2011-0748 2012-03-27 18:43 2011-04-13 Show GitHub Exploit DB Packet Storm
249666 4.3 警告 ZyXEL - ZyXEL O2 DSL Router Classic の Forms/PortForwarding_Edit_1 におけるクロスサイトリクエストフォージェリの脆弱性 CWE-352
同一生成元ポリシー違反 		CVE-2011-0746 2012-03-27 18:43 2011-04-13 Show GitHub Exploit DB Packet Storm
249667 4 警告 SugarCRM - SugarCRM における顧客名などを発見される脆弱性 CWE-20
不適切な入力確認 		CVE-2011-0745 2012-03-27 18:43 2011-03-16 Show GitHub Exploit DB Packet Storm
249668 10 危険 Novell - Novell ZENworks Handheld Management の ZfHIPCND.exe におけるバッファオーバーフローの脆弱性 CWE-119
バッファエラー 		CVE-2011-0742 2012-03-27 18:43 2011-01-25 Show GitHub Exploit DB Packet Storm
249669 4.3 警告 MODX - ModX Evolution におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2011-0741 2012-03-27 18:43 2011-02-1 Show GitHub Exploit DB Packet Storm
249670 4.3 警告 WordPress.org
pleer		 - WordPress 用の RSS Feed Reader の magpie/scripts/magpie_slashbox.php におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2011-0740 2012-03-27 18:43 2011-02-1 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:May 21, 2026, 4:10 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
210451 9.8 CRITICAL
Network 		smartstore smartstore Affected versions of Smartstore have a missing WebApi Authentication attribute. This vulnerability affects Smartstore shops in version 4.0.0 & 4.0.1 which have installed and activated the Web API plu… CWE-306
Missing Authentication for Critical Function 		CVE-2020-15243 2024-11-21 14:05 2020-10-9 Show GitHub Exploit DB Packet Storm
210452 6.1 MEDIUM
Network 		typo3 fluid_engine
typo3 		TYPO3 Fluid Engine (package `typo3fluid/fluid`) before versions 2.0.5, 2.1.4, 2.2.1, 2.3.5, 2.4.1, 2.5.5 or 2.6.1 is vulnerable to cross-site scripting when making use of the ternary conditional oper… CWE-79
Cross-site Scripting 		CVE-2020-15241 2024-11-21 14:05 2020-10-9 Show GitHub Exploit DB Packet Storm
210453 6.1 MEDIUM
Network 		vercel next.js Next.js versions >=9.5.0 and <9.5.4 are vulnerable to an Open Redirect. Specially encoded paths could be used with the trailing slash redirect to allow an open redirect to occur to an external site. … - CVE-2020-15242 2024-11-21 14:05 2020-10-9 Show GitHub Exploit DB Packet Storm
210454 5.9 MEDIUM
Network 		mozilla thunderbird If an attacker intercepts Thunderbird's initial attempt to perform automatic account setup using the Microsoft Exchange autodiscovery mechanism, and the attacker sends a crafted response, then Thunde… NVD-CWE-noinfo
CVE-2020-15646 2024-11-21 14:05 2020-10-8 Show GitHub Exploit DB Packet Storm
210455 6.5 MEDIUM
Network 		smarter smarter_coffee_maker_1st_generation Smarter Coffee Maker before 2nd generation allows firmware replacement without authentication or authorization. User interaction is required to press a button. NOTE: This vulnerability only affects p… NVD-CWE-noinfo
CVE-2020-15501 2024-11-21 14:05 2020-10-8 Show GitHub Exploit DB Packet Storm
210456 5.3 MEDIUM
Network 		glpi-project glpi In GLPI before version 9.5.2, there is a leakage of user information through the public FAQ. The issue was introduced in version 9.5.0 and patched in 9.5.2. As a workaround, disable public access to … - CVE-2020-15217 2024-11-21 14:05 2020-10-8 Show GitHub Exploit DB Packet Storm
210457 8.6 HIGH
Network 		glpi-project glpi In GLPI before version 9.5.2, when supplying a back tick in input that gets put into a SQL query,the application does not escape or sanitize allowing for SQL Injection to occur. Leveraging this vulne… - CVE-2020-15176 2024-11-21 14:05 2020-10-8 Show GitHub Exploit DB Packet Storm
210458 4.3 MEDIUM
Network 		glpi-project glpi In GLPI before version 9.5.2, there is a SQL Injection in the API's search function. Not only is it possible to break the SQL syntax, but it is also possible to utilise a UNION SELECT query to reflec… - CVE-2020-15226 2024-11-21 14:05 2020-10-8 Show GitHub Exploit DB Packet Storm
210459 6.1 MEDIUM
Network 		glpi-project glpi In GLPI before version 9.5.2, the `install/install.php` endpoint insecurely stores user input into the database as `url_base` and `url_base_api`. These settings are referenced throughout the applicat… - CVE-2020-15177 2024-11-21 14:05 2020-10-8 Show GitHub Exploit DB Packet Storm
210460 9.1 CRITICAL
Network 		glpi-project glpi In GLPI before version 9.5.2, the `?pluginimage.send.php?` endpoint allows a user to specify an image from a plugin. The parameters can be maliciously crafted to instead delete the .htaccess file for… - CVE-2020-15175 2024-11-21 14:05 2020-10-8 Show GitHub Exploit DB Packet Storm