Vulnerability Search Top

Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

Vulnerability Information Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":June 8, 2026, 2:12 p.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
249801	6.8	警告	OpenStack	-	OpenStack Dashboard (Horizon) における Web セッションをハイジャックされる脆弱性	CWE-Other その他	CVE-2012-2144	2012-06-7 16:20	2012-06-5	Show	GitHub Exploit DB Packet Storm

249802	4.3	警告	ImageMagick	-	ImageMagick の profile.c 内の SyncImageProfiles 関数における整数オーバーフローの脆弱性	CWE-119 バッファエラー	CVE-2012-1186	2012-06-7 16:09	2012-06-5	Show	GitHub Exploit DB Packet Storm

249803	9.3	危険	ImageMagick	-	ImageMagick の magick/profile.c または magick/property.c における整数オーバーフローの脆弱性	CWE-189 数値処理の問題	CVE-2012-1185	2012-06-7 16:03	2012-06-5	Show	GitHub Exploit DB Packet Storm

249804	9.3	危険	ImageMagick	-	ImageMagick におけるサービス運用妨害 (メモリ破損) の脆弱性	CWE-119 バッファエラー	CVE-2012-0247	2012-06-7 15:38	2012-02-3	Show	GitHub Exploit DB Packet Storm

249805	7.1	危険	Matt Johnston	-	Dropbear SSH server における任意のコードを実行される脆弱性	CWE-399 リソース管理の問題	CVE-2012-0920	2012-06-7 15:21	2012-06-5	Show	GitHub Exploit DB Packet Storm

249806	7.5	危険	SQLAlchemy	-	Keystone で使用される SQLAlchemy における SQL インジェクションの脆弱性	CWE-89 SQLインジェクション	CVE-2012-0805	2012-06-7 15:17	2012-06-5	Show	GitHub Exploit DB Packet Storm

249807	9.3	危険	Mozilla Foundation	-	複数の Mozilla 製品の glBufferData 関数におけるサービス運用妨害 (DoS) の脆弱性	CWE-119 バッファエラー	CVE-2012-3105	2012-06-7 15:14	2012-06-5	Show	GitHub Exploit DB Packet Storm

249808	9.3	危険	Mozilla Foundation	-	複数の Mozilla 製品の utf16_to_isolatin1 関数におけるヒープベースのバッファオーバーフローの脆弱性	CWE-119 バッファエラー	CVE-2012-1947	2012-06-7 15:11	2012-06-5	Show	GitHub Exploit DB Packet Storm

249809	9.3	危険	Mozilla Foundation	-	複数の Mozilla 製品の nsINode::ReplaceOrInsertBefore 関数における任意のコードを実行される脆弱性	CWE-399 リソース管理の問題	CVE-2012-1946	2012-06-7 15:08	2012-06-5	Show	GitHub Exploit DB Packet Storm

249810	2.9	注意	Mozilla Foundation	-	複数の Mozilla 製品における重要な情報を取得される脆弱性	CWE-200 情報漏えい	CVE-2012-1945	2012-06-7 15:04	2012-06-5	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:June 8, 2026, 4:09 a.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
209441	6.1	MEDIUM Network	apifest	oauth_2.0_server	ApiFest OAuth 2.0 Server 0.3.1 does not validate the redirect URI in accordance with RFC 6749 and is susceptible to an open redirector attack. Specifically, it directly sends an authorization code to…	CWE-601 Open Redirect	CVE-2020-26877	2024-11-21 14:20	2022-06-29	Show	GitHub Exploit DB Packet Storm

209442	9.8	CRITICAL Network	tenda	ac9_firmware	A vulnerability was discovered in Tenda AC9 v3.0 V15.03.06.42_multi and Tenda AC9 V1.0 V15.03.05.19(6318)_CN which allows for remote code execution via shell metacharacters in the guestuser field to …	NVD-CWE-noinfo	CVE-2020-26728	2024-11-21 14:20	2022-02-12	Show	GitHub Exploit DB Packet Storm

209443	9.8	CRITICAL Network	aaptjs_project	aaptjs	An issue was discovered in the add function in Shenzhim AAPTJS 1.3.1 which allows attackers to execute arbitrary code via the filePath parameter.	CWE-78 OS Command	CVE-2020-26707	2024-11-21 14:20	2021-11-1	Show	GitHub Exploit DB Packet Storm

209444	9.1	CRITICAL Network	easyxml_project	easyxml	The parseXML function in Easy-XML 0.5.0 was discovered to have a XML External Entity (XXE) vulnerability which allows for an attacker to expose sensitive data or perform a denial of service (DOS) via…	CWE-611 XXE	CVE-2020-26705	2024-11-21 14:20	2021-11-1	Show	GitHub Exploit DB Packet Storm

209445	9.8	CRITICAL Network	ppgo_jobs_project	ppgo_jobs	Command Injection in PPGo_Jobs v2.8.0 allows remote attackers to execute arbitrary code via the 'AjaxRun()' function.	CWE-78 OS Command	CVE-2020-26772	2024-11-21 14:20	2021-09-9	Show	GitHub Exploit DB Packet Storm

209446	8.8	HIGH Network	objectplanet	opinio	admin/file.do in ObjectPlanet Opinio before 7.15 allows Unrestricted File Upload of executable JSP files, resulting in remote code execution, because filePath can have directory traversal and fileCon…	CWE-22 Path Traversal	CVE-2020-26806	2024-11-21 14:20	2021-08-1	Show	GitHub Exploit DB Packet Storm

209447	7.5	HIGH Network	objectplanet	opinio	ObjectPlanet Opinio before 7.14 allows Expression Language Injection via the admin/permissionList.do from parameter. This can be used to retrieve possibly sensitive serverInfo data.	CWE-917 Improper Neutralization of Special Elements used in an Expression Language Statement ('Expression Language Injection')	CVE-2020-26565	2024-11-21 14:20	2021-08-1	Show	GitHub Exploit DB Packet Storm

209448	6.5	MEDIUM Network	objectplanet	opinio	ObjectPlanet Opinio before 7.15 allows XXE attacks via three steps: modify a .css file to have <!ENTITY content, create a .xml file for a generic survey template (containing a link to this .css file)…	CWE-611 XXE	CVE-2020-26564	2024-11-21 14:20	2021-08-1	Show	GitHub Exploit DB Packet Storm

209449	6.1	MEDIUM Network	objectplanet	opinio	ObjectPlanet Opinio before 7.14 allows reflected XSS via the survey/admin/surveyAdmin.do?action=viewSurveyAdmin query string. (There is also stored XSS if input to survey/admin/*.do is accepted from …	CWE-79 Cross-site Scripting	CVE-2020-26563	2024-11-21 14:20	2021-07-31	Show	GitHub Exploit DB Packet Storm

209450	7.5	HIGH Network	rocket.chat	rocket.chat	The Rocket.Chat desktop application 2.17.11 opens external links without user interaction.	NVD-CWE-noinfo	CVE-2020-26763	2024-11-21 14:20	2021-07-6	Show	GitHub Exploit DB Packet Storm