Vulnerability Search Top

Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

Vulnerability Information Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":June 7, 2026, 6 p.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
249781	9.3	危険	IBM	-	IBM Rational AppScan におけるサーバになりすまされる脆弱性	CWE-20 不適切な入力確認	CVE-2012-0732	2012-05-8 09:49	2012-05-3	Show	GitHub Exploit DB Packet Storm

249782	6.8	警告	IBM	-	IBM Rational AppScan における任意のファイルを読まれる脆弱性	CWE-200 情報漏えい	CVE-2012-0731	2012-05-8 09:49	2012-05-3	Show	GitHub Exploit DB Packet Storm

249783	6	警告	IBM	-	IBM Rational AppScan におけるクロスサイトリクエストフォージェリの脆弱性	CWE-352 同一生成元ポリシー違反	CVE-2012-0730	2012-05-8 09:47	2012-05-3	Show	GitHub Exploit DB Packet Storm

249784	6	警告	IBM	-	IBM Rational AppScan における任意の ASP.NET コードを実行される脆弱性	CWE-Other その他	CVE-2012-0729	2012-05-8 09:46	2012-05-3	Show	GitHub Exploit DB Packet Storm

249785	4.9	警告	ヒューレット・パッカード	-	HP Insight Management Agents におけるデータを変更される脆弱性	CWE-noinfo 情報不足	CVE-2012-2006	2012-05-7 16:38	2012-05-1	Show	GitHub Exploit DB Packet Storm

249786	4.3	警告	ヒューレット・パッカード	-	HP Insight Management Agents におけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2012-2005	2012-05-7 16:38	2012-05-1	Show	GitHub Exploit DB Packet Storm

249787	8.3	危険	ヒューレット・パッカード	-	HP Insight Management Agents におけるオープンリダイレクトの脆弱性	CWE-20 不適切な入力確認	CVE-2012-2004	2012-05-7 16:25	2012-05-1	Show	GitHub Exploit DB Packet Storm

249788	6.8	警告	ヒューレット・パッカード	-	HP Insight Management Agents におけるクロスサイトリクエストフォージェリの脆弱性	CWE-352 同一生成元ポリシー違反	CVE-2012-2003	2012-05-7 16:25	2012-05-1	Show	GitHub Exploit DB Packet Storm

249789	8.3	危険	ヒューレット・パッカード	-	HP SNMP Agents for Linux におけるオープンリダイレクトの脆弱性	CWE-20 不適切な入力確認	CVE-2012-2002	2012-05-7 16:24	2012-05-1	Show	GitHub Exploit DB Packet Storm

249790	4.3	警告	ヒューレット・パッカード	-	HP SNMP Agents for Linux におけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2012-2001	2012-05-7 16:23	2012-05-1	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:June 7, 2026, 4:13 a.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
209391	5.4	MEDIUM Network	dedecms	dedecms	A Cross Site Scripting (XSS) issue was discovered in the search feature of DedeCMS v.5.8 that allows malicious users to inject code into web pages, and other users will be affected when viewing web p…	CWE-79 Cross-site Scripting	CVE-2020-27533	2024-11-21 14:21	2020-10-23	Show	GitHub Exploit DB Packet Storm

209392	6.5	MEDIUM Network	biscom	secure_file_transfer	Biscom Secure File Transfer (SFT) before 5.1.1082 and 6.x before 6.0.1011 allows user credential theft.	NVD-CWE-noinfo	CVE-2020-27646	2024-11-21 14:21	2020-10-22	Show	GitHub Exploit DB Packet Storm

209393	3.3	LOW Local	imagemagick debian opensuse	imagemagick debian_linux leap	ImageMagick 7.0.10-34 allows Division by Zero in OptimizeLayerFrames in MagickCore/layer.c, which may cause a denial of service.	CWE-369 Divide By Zero	CVE-2020-27560	2024-11-21 14:21	2020-10-22	Show	GitHub Exploit DB Packet Storm

209394	6.1	MEDIUM Network	bigbluebutton	greenlight	A cross-site scripting (XSS) vulnerability exists in the 'merge account' functionality in admins.js in BigBlueButton Greenlight 2.7.6.	CWE-79 Cross-site Scripting	CVE-2020-27642	2024-11-21 14:21	2020-10-22	Show	GitHub Exploit DB Packet Storm

209395	7.5	HIGH Network	fastd_project debian fedoraproject	fastd debian_linux fedora	receive.c in fastd before v21 allows denial of service (assertion failure) when receiving packets with an invalid type code.	CWE-617 Reachable Assertion	CVE-2020-27638	2024-11-21 14:21	2020-10-22	Show	GitHub Exploit DB Packet Storm

209396	4.3	MEDIUM Network	mediawiki	mediawiki	The FileImporter extension in MediaWiki through 1.35.0 was not properly attributing various user actions to a specific user's IP address. Instead, for various actions, it would report the IP address …	NVD-CWE-Other	CVE-2020-27621	2024-11-21 14:21	2020-10-22	Show	GitHub Exploit DB Packet Storm

209397	6.1	MEDIUM Network	mediawiki	skin\	The Cosmos Skin for MediaWiki through 1.35.0 has stored XSS because MediaWiki messages were not being properly escaped. This is related to wfMessage and Html::rawElement, as demonstrated by CosmosSoc…	CWE-79 Cross-site Scripting	CVE-2020-27620	2024-11-21 14:21	2020-10-22	Show	GitHub Exploit DB Packet Storm

209398	9.8	CRITICAL Network	python fedoraproject oracle	python fedora communications_cloud_native_core_network_function_cloud_native_environment	In Python 3 through 3.9.0, the Lib/test/multibytecodec_support.py CJK codec tests call eval() on content retrieved via HTTP.	NVD-CWE-noinfo	CVE-2020-27619	2024-11-21 14:21	2020-10-22	Show	GitHub Exploit DB Packet Storm

209399	9.8	CRITICAL Network	loginizer	loginizer	The Loginizer plugin before 1.6.4 for WordPress allows SQL injection (with resultant XSS), related to loginizer_login_failed and lz_valid_ip.	CWE-89 SQL Injection	CVE-2020-27615	2024-11-21 14:21	2020-10-22	Show	GitHub Exploit DB Packet Storm

209400	6.1	MEDIUM Network	cminds	cm_download_manager	The cm-download-manager plugin before 2.8.0 for WordPress allows XSS.	CWE-79 Cross-site Scripting	CVE-2020-27344	2024-11-21 14:21	2020-10-22	Show	GitHub Exploit DB Packet Storm