Vulnerability Search Top

Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

Vulnerability Information Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":May 11, 2026, 12:16 p.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
249701	4.3	警告	Fork CMS	-	Fork CMS の backend/core/engine/base.php におけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2012-1209	2012-02-27 15:48	2012-02-24	Show	GitHub Exploit DB Packet Storm

249702	4.3	警告	Fork CMS	-	Fork CMS の backend/core/engine/base.php におけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2012-1208	2012-02-27 15:48	2012-02-24	Show	GitHub Exploit DB Packet Storm

249703	5	警告	Fork CMS	-	Fork CMS の frontend/core/engine/javascript.php におけるディレクトリトラバーサルの脆弱性	CWE-22 パス・トラバーサル	CVE-2012-1207	2012-02-27 15:41	2012-02-24	Show	GitHub Exploit DB Packet Storm

249704	9.3	危険	Hancom Inc.	-	Hancom Office 2010 SE における整数オーバフローの脆弱性	CWE-189 数値処理の問題	CVE-2012-1206	2012-02-27 15:38	2012-02-24	Show	GitHub Exploit DB Packet Storm

249705	7.5	危険	alanft	-	WordPress 用 Relocate Upload プラグインにおける PHP リモートファイルインクルージョンの脆弱性	CWE-94 コード・インジェクション	CVE-2012-1205	2012-02-27 15:35	2012-02-24	Show	GitHub Exploit DB Packet Storm

249706	4.3	警告	LEPTON Project	-	LEPTON におけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2012-1000	2012-02-27 15:25	2012-02-24	Show	GitHub Exploit DB Packet Storm

249707	7.5	危険	LEPTON Project	-	LEPTON の modules/news/rss.php における SQL インジェクションの脆弱性	CWE-89 SQLインジェクション	CVE-2012-0999	2012-02-27 15:24	2012-02-24	Show	GitHub Exploit DB Packet Storm

249708	7.5	危険	LEPTON Project	-	LEPTON の account/preferences.php におけるディレクトリトラバーサルの脆弱性	CWE-22 パス・トラバーサル	CVE-2012-0998	2012-02-27 15:24	2012-02-24	Show	GitHub Exploit DB Packet Storm

249709	6.8	警告	11in1	-	11in1 の admin/index.php におけるクロスサイトリクエストフォージェリの脆弱性	CWE-352 同一生成元ポリシー違反	CVE-2012-0997	2012-02-27 15:23	2012-02-24	Show	GitHub Exploit DB Packet Storm

249710	5	警告	11in1	-	11in1 におけるディレクトリトラバーサルの脆弱性	CWE-22 パス・トラバーサル	CVE-2012-0996	2012-02-27 15:21	2012-02-24	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:May 11, 2026, 4:09 a.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
197921	8.8	HIGH Network	f5	big-ip_access_policy_manager big-ip_access_policy_manager_client	In versions 7.1.5-7.1.9, there is use-after-free memory vulnerability in the BIG-IP Edge Client Windows ActiveX component.	CWE-416 Use After Free	CVE-2020-5897	2024-11-21 14:34	2020-05-13	Show	GitHub Exploit DB Packet Storm

197922	7.8	HIGH Local	f5	big-ip_access_policy_manager big-ip_access_policy_manager_client	On versions 7.1.5-7.1.9, the BIG-IP Edge Client's Windows Installer Service's temporary folder has weak file and folder permissions.	CWE-276 Incorrect Default Permissions	CVE-2020-5896	2024-11-21 14:34	2020-05-13	Show	GitHub Exploit DB Packet Storm

197923	7.8	HIGH Local	symantec	endpoint_protection	Symantec Endpoint Protection, prior to 14.3, may not respect file permissions when writing to log files that are replaced by symbolic links, which can lead to a potential elevation of privilege.	CWE-59 Link Following	CVE-2020-5837	2024-11-21 14:34	2020-05-12	Show	GitHub Exploit DB Packet Storm

197924	7.8	HIGH Local	symantec	endpoint_protection	Symantec Endpoint Protection, prior to 14.3, can potentially reset the ACLs on a file as a limited user while Symantec Endpoint Protection's Tamper Protection feature is disabled.	NVD-CWE-noinfo	CVE-2020-5836	2024-11-21 14:34	2020-05-12	Show	GitHub Exploit DB Packet Storm

197925	7.0	HIGH Local	symantec	endpoint_protection_manager	Symantec Endpoint Protection Manager, prior to 14.3, has a race condition in client remote deployment which may result in an elevation of privilege on the remote machine.	CWE-362 Race Condition	CVE-2020-5835	2024-11-21 14:34	2020-05-12	Show	GitHub Exploit DB Packet Storm

197926	5.3	MEDIUM Network	symantec	endpoint_protection_manager	Symantec Endpoint Protection Manager, prior to 14.3, may be susceptible to a directory traversal attack that could allow a remote actor to determine the size of files in the directory.	CWE-22 Path Traversal	CVE-2020-5834	2024-11-21 14:34	2020-05-12	Show	GitHub Exploit DB Packet Storm

197927	3.3	LOW Local	symantec	endpoint_protection_manager	Symantec Endpoint Protection Manager, prior to 14.3, may be susceptible to an out of bounds vulnerability, which is a type of issue that results in an existing application reading memory outside of t…	CWE-125 Out-of-bounds Read	CVE-2020-5833	2024-11-21 14:34	2020-05-12	Show	GitHub Exploit DB Packet Storm

197928	7.8	HIGH Local	jalinfotec	pallet_control	Improper Access Control in PALLET CONTROL Ver. 6.3 and earlier allows authenticated attackers to execute arbitrary code with the SYSTEM privilege on the computer where PALLET CONTROL is installed via…	NVD-CWE-noinfo	CVE-2020-5538	2024-11-21 14:34	2020-05-11	Show	GitHub Exploit DB Packet Storm

197929	7.2	HIGH Network	plex	media_server	Deserialization of Untrusted Data in Plex Media Server on Windows allows a remote, authenticated attacker to execute arbitrary Python code.	CWE-502 Deserialization of Untrusted Data	CVE-2020-5741	2024-11-21 14:34	2020-05-8	Show	GitHub Exploit DB Packet Storm

197930	5.4	MEDIUM Network	tecnick	tcexam	Insufficient output sanitization in TCExam 14.2.2 allows a remote, authenticated attacker to conduct persistent cross-site scripting (XSS) attacks by creating a crafted operator.	CWE-79 Cross-site Scripting	CVE-2020-5751	2024-11-21 14:34	2020-05-8	Show	GitHub Exploit DB Packet Storm