Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":May 27, 2026, 6 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
249771 4.6 警告 Best Practical Solutions - Best Practical Solutions RT における任意のコードを実行される脆弱性 CWE-352
同一生成元ポリシー違反 		CVE-2011-1685 2012-03-27 18:43 2011-04-14 Show GitHub Exploit DB Packet Storm
249772 6.8 警告 VideoLAN - VideoLAN VLC media player の MP4_ReadBox_skcr 関数におけるヒープベースのバッファオーバーフローの脆弱性 CWE-119
バッファエラー 		CVE-2011-1684 2012-03-27 18:43 2011-04-7 Show GitHub Exploit DB Packet Storm
249773 6.8 警告 IBM - IBM WAS におけるアプリケーションのアクセス権を取得される脆弱性 CWE-264
認可・権限・アクセス制御 		CVE-2011-1683 2012-03-27 18:43 2011-04-13 Show GitHub Exploit DB Packet Storm
249774 4.3 警告 Tincan - phpList におけるクロスサイトリクエストフォージェリの脆弱性 CWE-352
同一生成元ポリシー違反 		CVE-2011-1682 2012-03-27 18:43 2011-04-13 Show GitHub Exploit DB Packet Storm
249775 3.3 注意 VMware - VMware Open Virtual Machine Tools の vmware-hgfsmounter におけるファイルの破損を誘発される脆弱性 CWE-16
環境設定 		CVE-2011-1681 2012-03-27 18:43 2011-04-9 Show GitHub Exploit DB Packet Storm
249776 4.4 警告 ncpfs - ncpfs の ncpmount における詳細不明な脆弱性 CWE-264
認可・権限・アクセス制御 		CVE-2011-1680 2012-03-27 18:43 2011-04-9 Show GitHub Exploit DB Packet Storm
249777 5 警告 metaways - Metaways Tine における重要な情報を取得される脆弱性 CWE-200
情報漏えい 		CVE-2011-1666 2012-03-27 18:43 2011-04-9 Show GitHub Exploit DB Packet Storm
249778 5 警告 phpboost - PHPBoost におけるバックアップの SQL ファイルを取得される脆弱性 CWE-264
認可・権限・アクセス制御 		CVE-2011-1665 2012-03-27 18:43 2011-04-9 Show GitHub Exploit DB Packet Storm
249779 6.8 警告 icanlocalize - Translation Management モジュール におけるクロスサイトリクエストフォージェリの脆弱性 CWE-352
同一生成元ポリシー違反 		CVE-2011-1664 2012-03-27 18:43 2011-04-9 Show GitHub Exploit DB Packet Storm
249780 7.5 危険 icanlocalize - Translation Management モジュールにおける SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2011-1663 2012-03-27 18:43 2011-04-9 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:May 27, 2026, 4:52 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
213931 5.5 MEDIUM
Local 		whoopsie_project
mongodb 		whoopsie
c_driver 		bson before 0.8 incorrectly uses int rather than size_t for many variables, parameters, and return values. In particular, the bson_ensure_space() parameter bytesNeeded could have an integer overflow … CWE-190
 Integer Overflow or Wraparound 		CVE-2020-12135 2024-11-21 13:59 2020-04-24 Show GitHub Exploit DB Packet Storm
213932 9.8 CRITICAL
Network 		nanometrics titansma
centaur 		Nanometrics Centaur through 4.3.23 and TitanSMA through 4.2.20 mishandle access control for the syslog log. CWE-772
 Missing Release of Resource after Effective Lifetime 		CVE-2020-12134 2024-11-21 13:59 2020-04-24 Show GitHub Exploit DB Packet Storm
213933 6.1 MEDIUM
Network 		fifthplay s.a.m.i Fifthplay S.A.M.I before 2019.3_HP2 allows unauthenticated stored XSS via a POST request. CWE-79
Cross-site Scripting 		CVE-2020-12132 2024-11-21 13:59 2020-04-24 Show GitHub Exploit DB Packet Storm
213934 6.1 MEDIUM
Network 		app2pro airdisk_pro The AirDisk Pro app 5.5.3 for iOS allows XSS via the devicename parameter (shown next to the UI logo). CWE-79
Cross-site Scripting 		CVE-2020-12131 2024-11-21 13:59 2020-04-24 Show GitHub Exploit DB Packet Storm
213935 5.3 MEDIUM
Network 		postfix postfix A certain Postfix 2.10.1-7 package could allow an attacker to send an email from an arbitrary-looking sender via a homoglyph attack, as demonstrated by the similarity of \xce\xbf to the 'o' character… NVD-CWE-Other
CVE-2020-12063 2024-11-21 13:59 2020-04-24 Show GitHub Exploit DB Packet Storm
213936 6.1 MEDIUM
Network 		app2pro airdisk_pro The AirDisk Pro app 5.5.3 for iOS allows XSS via the deleteFile parameter of the Delete function. CWE-79
Cross-site Scripting 		CVE-2020-12130 2024-11-21 13:59 2020-04-24 Show GitHub Exploit DB Packet Storm
213937 6.1 MEDIUM
Network 		app2pro airdisk_pro The AirDisk Pro app 5.5.3 for iOS allows XSS via the createFolder parameter of the Create Folder function. CWE-79
Cross-site Scripting 		CVE-2020-12129 2024-11-21 13:59 2020-04-24 Show GitHub Exploit DB Packet Storm
213938 7.5 HIGH
Network 		file_transfer_ifamily_project file_transfer_ifamily DONG JOO CHO File Transfer iFamily 2.1 allows directory traversal related to the ./etc/ path. CWE-22
Path Traversal 		CVE-2020-12128 2024-11-21 13:59 2020-04-24 Show GitHub Exploit DB Packet Storm
213939 8.2 HIGH
Network 		binance tss-lib The keygen protocol implementation in Binance tss-lib before 1.2.0 allows attackers to generate crafted h1 and h2 parameters in order to compromise a signing round or obtain sensitive information fro… CWE-276
Incorrect Default Permissions  		CVE-2020-12118 2024-11-21 13:59 2020-04-24 Show GitHub Exploit DB Packet Storm
213940 6.1 MEDIUM
Network 		bigbluebutton bigbluebutton BigBlueButton before 2.2.4 allows XSS via closed captions because dangerouslySetInnerHTML in React is used. CWE-79
Cross-site Scripting 		CVE-2020-12113 2024-11-21 13:59 2020-04-24 Show GitHub Exploit DB Packet Storm