Vulnerability Search Top

Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

Vulnerability Information Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":May 17, 2026, 6 p.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
249871	5	警告	OTRS プロジェクト	-	OTRS の S/MIME の機能における電子メールメッセージを解読される脆弱性	CWE-310 暗号の問題	CVE-2009-5057	2012-03-27 18:42	2011-03-18	Show	GitHub Exploit DB Packet Storm

249872	2.1	注意	OTRS プロジェクト	-	OTRS におけるアクセス制限を回避される脆弱性	CWE-20 不適切な入力確認	CVE-2009-5056	2012-03-27 18:42	2011-03-18	Show	GitHub Exploit DB Packet Storm

249873	3.5	注意	OTRS プロジェクト	-	OTRS におけるアクセス制限を回避される脆弱性	CWE-264 認可・権限・アクセス制御	CVE-2009-5055	2012-03-27 18:42	2011-03-18	Show	GitHub Exploit DB Packet Storm

249874	7.5	危険	Smarty	-	Smarty におけるアクセス制限を回避される脆弱性	CWE-264 認可・権限・アクセス制御	CVE-2009-5054	2012-03-27 18:42	2011-02-3	Show	GitHub Exploit DB Packet Storm

249875	7.5	危険	Smarty	-	Smarty における任意の PHP コードを実行される脆弱性	CWE-noinfo 情報不足	CVE-2009-5053	2012-03-27 18:42	2011-02-3	Show	GitHub Exploit DB Packet Storm

249876	10	危険	Smarty	-	Smarty における詳細不明の脆弱性	CWE-noinfo 情報不足	CVE-2009-5052	2012-03-27 18:42	2011-02-3	Show	GitHub Exploit DB Packet Storm

249877	5	警告	Hastymail	-	Hastymail2 におけるクッキーを取り込まれる脆弱性	CWE-16 環境設定	CVE-2009-5051	2012-03-27 18:42	2011-01-18	Show	GitHub Exploit DB Packet Storm

249878	5	警告	ViewVC	-	ViewVC における cvsdb row_limit 設定を迂回される脆弱性	CWE-399 リソース管理の問題	CVE-2009-5024	2012-03-27 18:42	2011-05-23	Show	GitHub Exploit DB Packet Storm

249879	6.8	警告	catb	-	gif2png における任意のコマンドを実行される脆弱性	CWE-119 バッファエラー	CVE-2009-5018	2012-03-27 18:42	2011-01-14	Show	GitHub Exploit DB Packet Storm

249880	4	警告	IBM	-	IBM Lotus Notes Traveler の traveler.exe におけるサービス運用妨害 (DoS) の脆弱性	CWE-DesignError	CVE-2009-5036	2012-03-27 18:42	2010-12-16	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:May 17, 2026, 4:15 a.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
197051	8.8	HIGH Network	auieo	candidats	CandidATS 2.1.0 is vulnerable to CSRF that allows for an administrator account to be added via the index.php?m=settings&a=addUser URI.	CWE-352 Origin Validation Error	CVE-2020-9341	2024-11-21 14:40	2020-02-23	Show	GitHub Exploit DB Packet Storm

197052	7.2	HIGH Network	fauzantrif_election_project	fauzantrif_election	fauzantrif eLection 2.0 has SQL Injection via the admin/ajax/op_kandidat.php id parameter.	CWE-89 SQL Injection	CVE-2020-9340	2024-11-21 14:40	2020-02-23	Show	GitHub Exploit DB Packet Storm

197053	5.3	MEDIUM Network	smartclient	smartclient	An issue was discovered in SmartClient 12.0. If an unauthenticated attacker makes a POST request to /tools/developerConsoleOperations.jsp or /isomorphic/IDACall with malformed XML data in the _transa…	CWE-209 Information Exposure Through an Error Message	CVE-2020-9351	2024-11-21 14:40	2020-02-23	Show	GitHub Exploit DB Packet Storm

197054	5.4	MEDIUM Network	soplanning	soplanning	SOPlanning 1.45 allows XSS via the Name or Comment to status.php.	CWE-79 Cross-site Scripting	CVE-2020-9339	2024-11-21 14:40	2020-02-23	Show	GitHub Exploit DB Packet Storm

197055	5.4	MEDIUM Network	soplanning	soplanning	SOPlanning 1.45 allows XSS via the "Your SoPlanning url" field.	CWE-79 Cross-site Scripting	CVE-2020-9338	2024-11-21 14:40	2020-02-23	Show	GitHub Exploit DB Packet Storm

197056	5.4	MEDIUM Network	fauzantrif_election_project	fauzantrif_election	fauzantrif eLection 2.0 has XSS via the Admin Dashboard -> Settings -> Election -> "message if election is closed" field.	CWE-79 Cross-site Scripting	CVE-2020-9336	2024-11-21 14:40	2020-02-23	Show	GitHub Exploit DB Packet Storm

197057	5.9	MEDIUM Network	gogs	gogs	Gogs through 0.11.91 allows attackers to violate the admin-specified repo-creation policy due to an internal/db/repo.go race condition.	CWE-362 Race Condition	CVE-2020-9329	2024-11-21 14:40	2020-02-22	Show	GitHub Exploit DB Packet Storm

197058	7.5	HIGH Network	sqlite netapp canonical siemens oracle	sqlite cloud_backup ubuntu_linux sinec_infrastructure_network_services outside_in_technology hyperion_infrastructure_technology enterprise_manager_ops_center communications_netwo…	In SQLite 3.31.1, isAuxiliaryVtabOperator allows attackers to trigger a NULL pointer dereference and segmentation fault because of generated column optimizations.	CWE-476 NULL Pointer Dereference	CVE-2020-9327	2024-11-21 14:40	2020-02-22	Show	GitHub Exploit DB Packet Storm

197059	8.8	HIGH Network	xerox	workcentre_3655_firmware workcentre_3655i_firmware workcentre_5845_firmware workcentre_5855_firmware workcentre_5945_firmware workcentre_5955_firmware workcentre_6655_firmware wo…	Certain Xerox WorkCentre printers before 073.xxx.000.02300 do not require the user to reenter or validate LDAP bind credentials when changing the LDAP connector IP address. A malicious actor who gain…	CWE-306 Missing Authentication for Critical Function	CVE-2020-9330	2024-11-21 14:40	2020-02-22	Show	GitHub Exploit DB Packet Storm

197060	5.5	MEDIUM Local	avira	avira_free_security_suite avira_internet_security_suite avira_exchange_security avira_antivirus_for_small_business avira_prime avira_antivirus_for_endpoint antivirus_server anti-…	Avira AV Engine before 8.3.54.138 allows virus-detection bypass via a crafted ISO archive. This affects versions before 8.3.54.138 of Antivirus for Endpoint, Antivirus for Small Business, Exchange Se…	CWE-434 Unrestricted Upload of File with Dangerous Type	CVE-2020-9320	2024-11-21 14:40	2020-02-21	Show	GitHub Exploit DB Packet Storm