Vulnerability Search Top

Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

Vulnerability Information Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":May 20, 2026, 6 p.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
249811	7.5	危険	Joomla!	-	Joomla! における SQL インジェクションの脆弱性	CWE-89 SQLインジェクション	CVE-2010-4696	2012-03-27 18:42	2010-11-4	Show	GitHub Exploit DB Packet Storm

249812	4.3	警告	XWiki	-	XWiki Enterprise におけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2010-4642	2012-03-27 18:42	2010-12-30	Show	GitHub Exploit DB Packet Storm

249813	7.5	危険	XWiki	-	XWiki Enterprise における SQL インジェクションの脆弱性	CWE-89 SQLインジェクション	CVE-2010-4641	2012-03-27 18:42	2010-12-30	Show	GitHub Exploit DB Packet Storm

249814	4.3	警告	XWiki	-	XWiki Watch におけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2010-4640	2012-03-27 18:42	2010-12-30	Show	GitHub Exploit DB Packet Storm

249815	7.5	危険	intendance	-	MySource Matrix の index.php における SQL インジェクションの脆弱性	CWE-89 SQLインジェクション	CVE-2010-4639	2012-03-27 18:42	2010-12-30	Show	GitHub Exploit DB Packet Storm

249816	6.8	警告	iptechinside	-	JQuarks4s コンポーネントの submitSurvey 関数における SQL インジェクションの脆弱性	CWE-89 SQLインジェクション	CVE-2010-4638	2012-03-27 18:42	2010-12-30	Show	GitHub Exploit DB Packet Storm

249817	4.3	警告	finalcut	-	WordPress の FeedList プラグインにおけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2010-4637	2012-03-27 18:42	2010-12-30	Show	GitHub Exploit DB Packet Storm

249818	7.5	危険	site2nite	-	Site2Nite Business e-Listings の detail.asp における SQL インジェクションの脆弱性	CWE-89 SQLインジェクション	CVE-2010-4636	2012-03-27 18:42	2010-12-30	Show	GitHub Exploit DB Packet Storm

249819	7.5	危険	site2nite	-	Site2Nite VRBO Listings の detail.asp における SQL インジェクションの脆弱性	CWE-89 SQLインジェクション	CVE-2010-4635	2012-03-27 18:42	2010-12-30	Show	GitHub Exploit DB Packet Storm

249820	7.5	危険	sumeffect	-	digiSHOP の cart.php における SQL インジェクションの脆弱性	CWE-89 SQLインジェクション	CVE-2010-4633	2012-03-27 18:42	2010-12-30	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:May 21, 2026, 4:10 a.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
213611	7.2	HIGH Network	concretecms	concrete_cms	Concrete5 before 8.5.3 allows Unrestricted Upload of File with Dangerous Type such as a .phar file.	CWE-434 Unrestricted Upload of File with Dangerous Type	CVE-2020-11476	2024-11-21 13:57	2020-07-29	Show	GitHub Exploit DB Packet Storm

213612	7.8	HIGH Local	ncp-e	secure_enterprise_client	NCP Secure Enterprise Client before 10.15 r47589 allows a symbolic link attack on enumusb.reg via Support Assistant.	CWE-59 Link Following	CVE-2020-11474	2024-11-21 13:57	2020-07-29	Show	GitHub Exploit DB Packet Storm

213613	7.5	HIGH Network	windriver	vxworks	httpRpmFs in WebCLI in Wind River VxWorks 5.5 through 7 SR0640 has no check for an escape from the web root.	NVD-CWE-noinfo	CVE-2020-11440	2024-11-21 13:57	2020-07-23	Show	GitHub Exploit DB Packet Storm

213614	8.8	HIGH Network	librehealth	librehealth_ehr	LibreHealth EMR v2.0.0 is affected by a Local File Inclusion issue allowing arbitrary PHP to be included and executed within the EMR application.	CWE-22 Path Traversal	CVE-2020-11439	2024-11-21 13:57	2020-07-16	Show	GitHub Exploit DB Packet Storm

213615	8.8	HIGH Network	librehealth	librehealth_ehr	LibreHealth EMR v2.0.0 is affected by systemic CSRF.	CWE-352 Origin Validation Error	CVE-2020-11438	2024-11-21 13:57	2020-07-16	Show	GitHub Exploit DB Packet Storm

213616	4.3	MEDIUM Network	librehealth	librehealth_ehr	LibreHealth EMR v2.0.0 is affected by SQL injection allowing low-privilege authenticated users to enumerate the database.	CWE-89 SQL Injection	CVE-2020-11437	2024-11-21 13:57	2020-07-16	Show	GitHub Exploit DB Packet Storm

213617	9.0	CRITICAL Network	librehealth	librehealth_ehr	LibreHealth EMR v2.0.0 is vulnerable to XSS that results in the ability to force arbitrary actions on behalf of other users including administrators.	CWE-79 Cross-site Scripting	CVE-2020-11436	2024-11-21 13:57	2020-07-16	Show	GitHub Exploit DB Packet Storm

213618	9.1	CRITICAL Network	inetsoftware	pdfc helpdesk clear_reports	The documentation component in i-net Clear Reports 16.0 to 19.2, HelpDesk 8.0 to 8.3, and PDFC 4.3 to 6.2 allows a remote unauthenticated attacker to read arbitrary system files and directories on th…	CWE-22 Path Traversal	CVE-2020-11431	2024-11-21 13:57	2020-05-8	Show	GitHub Exploit DB Packet Storm

213619	7.5	HIGH Network	openvpn	openvpn_access_server	An issue was discovered in OpenVPN Access Server before 2.7.0 and 2.8.x before 2.8.3. With the full featured RPC2 interface enabled, it is possible to achieve a temporary DoS state of the management …	CWE-776 XML Entity Expansion	CVE-2020-11462	2024-11-21 13:57	2020-05-4	Show	GitHub Exploit DB Packet Storm

213620	8.1	HIGH Network	zoom	it_installer	The Zoom IT installer for Windows (ZoomInstallerFull.msi) prior to version 4.6.10 deletes files located in %APPDATA%\Zoom before installing an updated version of the client. Standard users are able t…	CWE-59 CWE-732 Link Following Incorrect Permission Assignment for Critical Resource	CVE-2020-11443	2024-11-21 13:57	2020-05-4	Show	GitHub Exploit DB Packet Storm