Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":June 6, 2026, 6 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
249831 10 危険 WordPress.org - WordPress の wp-includes/js/swfobject.js における詳細不明な脆弱性 CWE-noinfo
情報不足 		CVE-2012-2400 2012-04-24 15:27 2012-04-21 Show GitHub Exploit DB Packet Storm
249832 6.8 警告 ジャストシステム - 複数のジャストシステム製品における DLL 読み込みに関する脆弱性 CWE-Other
その他 		CVE-2012-1242 2012-04-24 12:00 2012-04-24 Show GitHub Exploit DB Packet Storm
249833 5 警告 CA Technologies - Windows 上で稼働する CA ARCserve Backup におけるサービス運用妨害 (サービスシャットダウン) の脆弱性 CWE-20
不適切な入力確認 		CVE-2012-1662 2012-04-23 15:35 2012-03-20 Show GitHub Exploit DB Packet Storm
249834 6.5 警告 Ryan Walberg - PHP Gift Registry の users.php における SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2012-2236 2012-04-23 14:41 2012-04-20 Show GitHub Exploit DB Packet Storm
249835 4.9 警告 Comodo - Windows 7 64-bit プラットフォーム上で稼働する Comodo Internet Security におけるサービス運用妨害 (DoS) の脆弱性 CWE-94
コード・インジェクション 		CVE-2012-2273 2012-04-23 14:40 2012-04-20 Show GitHub Exploit DB Packet Storm
249836 5 警告 DELL EMC (旧 EMC Corporation) - EMC Data Protection Advisor の DPA_Utilities ライブラリにおける整数オーバーフローの脆弱性 CWE-189
数値処理の問題 		CVE-2012-0407 2012-04-23 14:37 2012-04-20 Show GitHub Exploit DB Packet Storm
249837 7.8 危険 DELL EMC (旧 EMC Corporation) - EMC Data Protection Advisor におけるサービス運用妨害 (DoS) の脆弱性 CWE-264
認可・権限・アクセス制御 		CVE-2012-0406 2012-04-23 14:34 2012-04-20 Show GitHub Exploit DB Packet Storm
249838 4.3 警告 VideoLAN - VideoLAN VLC media player におけるサービス運用妨害 (DoS) の脆弱性 CWE-Other
その他 		CVE-2012-2396 2012-04-23 14:25 2012-04-19 Show GitHub Exploit DB Packet Storm
249839 4.9 警告 ヒューレット・パッカード - 複数のプラットフォーム上で稼働する HP OpenVMS におけるサービス運用妨害 (DoS) の脆弱性 CWE-noinfo
情報不足 		CVE-2012-0134 2012-04-23 14:24 2012-04-16 Show GitHub Exploit DB Packet Storm
249840 10 危険 ICONICS, Inc. - ICONICS GENESIS32 および BizViz におけるバッファオーバーフローの脆弱性 CWE-119
バッファエラー 		CVE-2011-5089 2012-04-20 15:57 2011-07-1 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:June 7, 2026, 4:13 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
209401 8.4 HIGH
Local 		bigbluebutton bigbluebutton The installation procedure in BigBlueButton before 2.2.28 (or earlier) uses ClueCon as the FreeSWITCH password, which allows local users to achieve unintended FreeSWITCH access. CWE-312
 Cleartext Storage of Sensitive Information 		CVE-2020-27613 2024-11-21 14:21 2020-10-22 Show GitHub Exploit DB Packet Storm
209402 4.3 MEDIUM
Network 		bigbluebutton bigbluebutton Greenlight in BigBlueButton through 2.2.28 places usernames in room URLs, which may represent an unintended information leak to users in a room, or an information leak to outsiders if any user publis… CWE-200
Information Exposure 		CVE-2020-27612 2024-11-21 14:21 2020-10-22 Show GitHub Exploit DB Packet Storm
209403 7.3 HIGH
Network 		bigbluebutton bigbluebutton BigBlueButton through 2.2.28 uses STUN/TURN resources from a third party, which may represent an unintended endpoint. CWE-327
 Use of a Broken or Risky Cryptographic Algorithm 		CVE-2020-27611 2024-11-21 14:21 2020-10-22 Show GitHub Exploit DB Packet Storm
209404 7.5 HIGH
Network 		bigbluebutton bigbluebutton The installation procedure in BigBlueButton before 2.2.28 (or earlier) exposes certain network services to external interfaces, and does not automatically set up a firewall configuration to block ext… NVD-CWE-noinfo
CVE-2020-27610 2024-11-21 14:21 2020-10-22 Show GitHub Exploit DB Packet Storm
209405 5.3 MEDIUM
Network 		bigbluebutton bigbluebutton BigBlueButton through 2.2.28 records a video meeting despite the deactivation of video recording in the user interface. This may result in data storage beyond what is authorized for a specific meetin… CWE-863
 Incorrect Authorization 		CVE-2020-27609 2024-11-21 14:21 2020-10-22 Show GitHub Exploit DB Packet Storm
209406 6.1 MEDIUM
Network 		bigbluebutton bigbluebutton In BigBlueButton before 2.2.28 (or earlier), uploaded presentations are sent to clients without a Content-Type header, which allows XSS, as demonstrated by a .png file extension for an HTML document. CWE-79
Cross-site Scripting 		CVE-2020-27608 2024-11-21 14:21 2020-10-22 Show GitHub Exploit DB Packet Storm
209407 6.5 MEDIUM
Network 		bigbluebutton bigbluebutton In BigBlueButton before 2.2.28 (or earlier), the client-side Mute button only signifies that the server should stop accepting audio data from the client. It does not directly configure the client to … NVD-CWE-noinfo
CVE-2020-27607 2024-11-21 14:21 2020-10-22 Show GitHub Exploit DB Packet Storm
209408 5.3 MEDIUM
Network 		bigbluebutton bigbluebutton BigBlueButton before 2.2.28 (or earlier) does not set the secure flag for the session cookie in an https session, which makes it easier for remote attackers to capture this cookie by intercepting its… NVD-CWE-Other
CVE-2020-27606 2024-11-21 14:21 2020-10-22 Show GitHub Exploit DB Packet Storm
209409 9.8 CRITICAL
Network 		bigbluebutton bigbluebutton BigBlueButton through 2.2.28 uses Ghostscript for processing of uploaded EPS documents, and consequently may be subject to attacks related to a "schwache Sandbox." NVD-CWE-Other
CVE-2020-27605 2024-11-21 14:21 2020-10-22 Show GitHub Exploit DB Packet Storm
209410 6.5 MEDIUM
Network 		bigbluebutton bigbluebutton BigBlueButton before 2.3 does not implement LibreOffice sandboxing. This might make it easier for remote authenticated users to read the API shared secret in the bigbluebutton.properties file. With t… CWE-116
 Improper Encoding or Escaping of Output 		CVE-2020-27604 2024-11-21 14:21 2020-10-22 Show GitHub Exploit DB Packet Storm