Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":June 7, 2026, 6 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
249791 7.5 危険 ヒューレット・パッカード - HP System Health Application and Command Line Utilities における任意のコードを実行される脆弱性 CWE-noinfo
情報不足 		CVE-2012-2000 2012-05-7 16:22 2012-05-1 Show GitHub Exploit DB Packet Storm
249792 9.3 危険 WellinTech - WellinTech KingView における権限を取得される脆弱性 CWE-Other
その他 		CVE-2012-1819 2012-05-7 16:01 2011-03-22 Show GitHub Exploit DB Packet Storm
249793 7.5 危険 Apache Software Foundation - Apache Qpid におけるクラスタのメッセージ機能およびジョブ機能へアクセスされる脆弱性 CWE-287
不適切な認証 		CVE-2011-3620 2012-05-7 15:59 2012-05-3 Show GitHub Exploit DB Packet Storm
249794 6.9 警告 Quest Software Inc. - Quest Toad for Data Analysts における権限を取得される脆弱性 CWE-264
認可・権限・アクセス制御 		CVE-2012-0279 2012-05-7 15:57 2012-05-1 Show GitHub Exploit DB Packet Storm
249795 6.8 警告 IBM - IBM WebSphere Application Server の Web Server プラグインにおける重要な情報を取得される脆弱性 CWE-310
暗号の問題 		CVE-2012-2162 2012-05-7 15:56 2012-03-23 Show GitHub Exploit DB Packet Storm
249796 6.4 警告 HTC Corporation - 複数の HTC の Android 上で動作する HTC IQRD サービスにおける SMS メッセージを送信される脆弱性 CWE-264
認可・権限・アクセス制御 		CVE-2012-2217 2012-05-7 15:54 2012-05-1 Show GitHub Exploit DB Packet Storm
249797 2.1 注意 Mumble - Mumble における平文パスワードおよび設定データを取得される脆弱性 CWE-310
暗号の問題 		CVE-2012-0863 2012-05-2 15:17 2012-04-30 Show GitHub Exploit DB Packet Storm
249798 6.5 警告 Digium - Asterisk Open Source および Asterisk Business Edition におけるサービス運用妨害 (デーモンクラッシュ) の脆弱性 CWE-119
バッファエラー 		CVE-2012-2416 2012-05-2 15:14 2012-04-16 Show GitHub Exploit DB Packet Storm
249799 7.5 危険 Google - Google Chrome のプロセス間通信の実装におけるサンドボックスの制限を回避される脆弱性 CWE-362
競合状態 		CVE-2011-3080 2012-05-2 14:00 2012-04-30 Show GitHub Exploit DB Packet Storm
249800 10 危険 Google - Google Chrome のプロセス間通信の実装における詳細不明な脆弱性 CWE-399
リソース管理の問題 		CVE-2011-3079 2012-05-2 13:57 2012-04-30 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:June 7, 2026, 4:13 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
209381 5.4 MEDIUM
Network 		yourls yourls Multiple Stored Cross Site Scripting (XSS) vulnerabilities exist in the YOURLS Admin Panel, Versions 1.5 - 1.7.10. An authenticated user must modify a PHP plugin with a malicious payload and upload i… CWE-79
Cross-site Scripting 		CVE-2020-27388 2024-11-21 14:21 2020-10-24 Show GitHub Exploit DB Packet Storm
209382 4.7 MEDIUM
Local 		linux
fedoraproject
debian 		linux_kernel
fedora
debian_linux 		An issue was discovered in the Linux kernel through 5.9.1, as used with Xen through 4.14.x. drivers/xen/events/events_base.c allows event-channel removal during the event-handling loop (a race condit… CWE-362
CWE-476
CWE-416
Race Condition
 NULL Pointer Dereference
 Use After Free 		CVE-2020-27675 2024-11-21 14:21 2020-10-23 Show GitHub Exploit DB Packet Storm
209383 5.3 MEDIUM
Local 		xen
fedoraproject
debian 		xen
fedora
debian_linux 		An issue was discovered in Xen through 4.14.x allowing x86 PV guest OS users to gain guest OS privileges by modifying kernel memory contents, because invalidation of TLB entries is mishandled during … CWE-787
 Out-of-bounds Write 		CVE-2020-27674 2024-11-21 14:21 2020-10-23 Show GitHub Exploit DB Packet Storm
209384 5.5 MEDIUM
Local 		linux
debian
opensuse
xen 		linux_kernel
debian_linux
leap
xen 		An issue was discovered in the Linux kernel through 5.9.1, as used with Xen through 4.14.x. Guest OS users can cause a denial of service (host OS hang) via a high rate of events to dom0, aka CID-e995… NVD-CWE-noinfo
CVE-2020-27673 2024-11-21 14:21 2020-10-23 Show GitHub Exploit DB Packet Storm
209385 7.0 HIGH
Local 		xen
fedoraproject
opensuse
debian 		xen
fedora
leap
debian_linux 		An issue was discovered in Xen through 4.14.x allowing x86 guest OS users to cause a host OS denial of service, achieve data corruption, or possibly gain privileges by exploiting a race condition tha… CWE-362
CWE-416
Race Condition
 Use After Free 		CVE-2020-27672 2024-11-21 14:21 2020-10-23 Show GitHub Exploit DB Packet Storm
209386 7.8 HIGH
Local 		xen
opensuse
debian
fedoraproject 		xen
leap
debian_linux
fedora 		An issue was discovered in Xen through 4.14.x allowing x86 HVM and PVH guest OS users to cause a denial of service (data corruption), cause a data leak, or possibly gain privileges because coalescing… NVD-CWE-noinfo
CVE-2020-27671 2024-11-21 14:21 2020-10-23 Show GitHub Exploit DB Packet Storm
209387 7.8 HIGH
Local 		xen
opensuse
fedoraproject
debian 		xen
leap
fedora
debian_linux 		An issue was discovered in Xen through 4.14.x allowing x86 guest OS users to cause a denial of service (data corruption), cause a data leak, or possibly gain privileges because an AMD IOMMU page-tabl… CWE-345
 Insufficient Verification of Data Authenticity 		CVE-2020-27670 2024-11-21 14:21 2020-10-23 Show GitHub Exploit DB Packet Storm
209388 5.4 MEDIUM
Network 		strapi strapi Strapi before 3.2.5 has stored XSS in the wysiwyg editor's preview feature. CWE-79
Cross-site Scripting 		CVE-2020-27666 2024-11-21 14:21 2020-10-23 Show GitHub Exploit DB Packet Storm
209389 7.5 HIGH
Network 		strapi strapi In Strapi before 3.2.5, there is no admin::hasPermissions restriction for CTB (aka content-type-builder) routes. CWE-276
Incorrect Default Permissions  		CVE-2020-27665 2024-11-21 14:21 2020-10-23 Show GitHub Exploit DB Packet Storm
209390 9.8 CRITICAL
Network 		strapi strapi admin/src/containers/InputModalStepperProvider/index.js in Strapi before 3.2.5 has unwanted /proxy?url= functionality. NVD-CWE-noinfo
CVE-2020-27664 2024-11-21 14:21 2020-10-23 Show GitHub Exploit DB Packet Storm