Vulnerability Search Top

Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

Vulnerability Information Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":May 7, 2026, 6 p.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
249851	9.3	危険	マイクロソフト	-	Microsoft PowerPoint 2007 および 2010 における権限昇格の脆弱性	CWE-Other その他	CVE-2011-3396	2011-12-16 11:36	2011-12-13	Show	GitHub Exploit DB Packet Storm

249852	9.3	危険	マイクロソフト	-	Microsoft Windows XP および Windows Server 2003 における任意のコードを実行される脆弱性	CWE-94 コード・インジェクション	CVE-2011-3400	2011-12-16 11:35	2011-12-13	Show	GitHub Exploit DB Packet Storm

249853	9.3	危険	マイクロソフト	-	複数の Microsoft Windows 製品の ENCDEC.DLL における任意のコードを実行される脆弱性	CWE-94 コード・インジェクション	CVE-2011-3401	2011-12-16 11:34	2011-12-13	Show	GitHub Exploit DB Packet Storm

249854	9.3	危険	マイクロソフト	-	Microsoft Publisher における任意のコードを実行される脆弱性	CWE-94 コード・インジェクション	CVE-2011-3412	2011-12-16 11:32	2011-12-13	Show	GitHub Exploit DB Packet Storm

249855	9.3	危険	マイクロソフト	-	Microsoft Publisher における任意のコードを実行される脆弱性	CWE-94 コード・インジェクション	CVE-2011-3411	2011-12-16 11:31	2011-12-13	Show	GitHub Exploit DB Packet Storm

249856	9.3	危険	マイクロソフト	-	Microsoft Publisher における任意のコードを実行される脆弱性	CWE-20 不適切な入力確認	CVE-2011-3410	2011-12-16 11:25	2011-12-13	Show	GitHub Exploit DB Packet Storm

249857	9.3	危険	マイクロソフト	-	Microsoft Publisher 2003 および 2007 における任意のコードを実行される脆弱性	CWE-94 コード・インジェクション	CVE-2011-1508	2011-12-16 11:19	2011-12-13	Show	GitHub Exploit DB Packet Storm

249858	9.3	危険	マイクロソフト	-	Microsoft Windows XP および Windows Server 2003 における任意のコードを実行される脆弱性	CWE-94 コード・インジェクション	CVE-2011-3397	2011-12-16 11:16	2011-12-13	Show	GitHub Exploit DB Packet Storm

249859	9.3	危険	マイクロソフト	-	複数の Microsoft Office 製品における任意のコードを実行される脆弱性	CWE-399 リソース管理の問題	CVE-2011-1983	2011-12-16 11:15	2011-12-13	Show	GitHub Exploit DB Packet Storm

249860	7.2	危険	マイクロソフト	-	複数の Microsoft 製品の簡体字中国語版 Microsoft Office IME における権限昇格の脆弱性	CWE-264 認可・権限・アクセス制御	CVE-2011-2010	2011-12-16 11:09	2011-12-13	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:May 7, 2026, 4:22 a.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
199011	7.5	HIGH Network	fasterxml oracle debian netapp	jackson-databind weblogic_server commerce_platform utilities_framework peoplesoft_enterprise_peopletools primavera_unifier sd-wan_edge coherence global_lifecycle_management_ne…	jackson-databind before 2.13.0 allows a Java StackOverflow exception and denial of service via a large depth of nested objects.	CWE-787 Out-of-bounds Write	CVE-2020-36518	2024-11-21 14:29	2022-03-11	Show	GitHub Exploit DB Packet Storm

199012	7.5	HIGH Network	home-assistant	home-assistant	An information leak in Nabu Casa Home Assistant Operating System and Home Assistant Supervised 2022.03 allows a DNS operator to gain knowledge about internal network resources via the hardcoded DNS r…	CWE-203 Information Exposure Through Discrepancy	CVE-2020-36517	2024-11-21 14:29	2022-03-11	Show	GitHub Exploit DB Packet Storm

199013	6.1	MEDIUM Network	codetipi	15zine	The 15Zine WordPress theme before 3.3.0 does not sanitise and escape the cbi parameter before outputing it back in the response via the cb_s_a AJAX action, leading to a Reflected Cross-Site Scripting	-	CVE-2020-36510	2024-11-21 14:29	2022-02-28	Show	GitHub Exploit DB Packet Storm

199014	5.9	MEDIUM Network	linux netapp	linux_kernel solidfire_\&_hci_management_node cloud_volumes_ontap_mediator solidfire\ _enterprise_sds_\&_hci_storage_node e-series_santricity_os_controller h300s_firmware	An issue was discovered in the Linux kernel through 5.16.11. The mixed IPID assignment method with the hash-based IPID assignment policy allows an off-path attacker to inject data into a victim's TCP…	CWE-327 Use of a Broken or Risky Cryptographic Algorithm	CVE-2020-36516	2024-11-21 14:29	2022-02-26	Show	GitHub Exploit DB Packet Storm

199015	9.8	CRITICAL Network	acc_reader_project	acc_reader	An issue was discovered in the acc_reader crate through 2020-12-27 for Rust. fill_buf may read from uninitialized memory locations.	CWE-908 Use of Uninitialized Resource	CVE-2020-36514	2024-11-21 14:29	2021-12-27	Show	GitHub Exploit DB Packet Storm

199016	9.8	CRITICAL Network	acc_reader_project	acc_reader	An issue was discovered in the acc_reader crate through 2020-12-27 for Rust. read_up_to may read from uninitialized memory locations.	CWE-908 Use of Uninitialized Resource	CVE-2020-36513	2024-11-21 14:29	2021-12-27	Show	GitHub Exploit DB Packet Storm

199017	9.8	CRITICAL Network	buffoon_project	buffoon	An issue was discovered in the buffoon crate through 2020-12-31 for Rust. InputStream::read_exact may read from uninitialized memory locations.	CWE-908 Use of Uninitialized Resource	CVE-2020-36512	2024-11-21 14:29	2021-12-27	Show	GitHub Exploit DB Packet Storm

199018	7.5	HIGH Network	bite_project	bite	An issue was discovered in the bite crate through 2020-12-31 for Rust. read::BiteReadExpandedExt::read_framed_max may read from uninitialized memory locations.	CWE-908 Use of Uninitialized Resource	CVE-2020-36511	2024-11-21 14:29	2021-12-27	Show	GitHub Exploit DB Packet Storm

199019	6.5	MEDIUM Network	delete_all_comments_easily_project	delete_all_comments_easily	The Delete All Comments Easily WordPress plugin through 1.3 is lacking Cross-Site Request Forgery (CSRF) checks, which could result in an unauthenticated attacker making a logged in admin delete all …	-	CVE-2020-36505	2024-11-21 14:29	2021-11-1	Show	GitHub Exploit DB Packet Storm

199020	6.5	MEDIUM Network	wp-pro-quiz_project	wp-pro-quiz	The WP-Pro-Quiz WordPress plugin through 0.37 does not have CSRF check in place when deleting a quiz, which could allow an attacker to make a logged in admin delete arbitrary quiz on the blog	-	CVE-2020-36504	2024-11-21 14:29	2021-11-1	Show	GitHub Exploit DB Packet Storm