Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":May 9, 2026, noon

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
249911 9.3 危険 シーメンス - Siemens Tecnomatix FactoryLink におけるバッファオーバーフローの脆弱性 CWE-119
バッファエラー 		CVE-2011-4055 2012-01-11 10:00 2012-01-8 Show GitHub Exploit DB Packet Storm
249912 4.3 警告 RHQ Project
レッドハット		 - RHQ の管理インタフェースにおけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2011-3206 2012-01-11 09:59 2011-08-31 Show GitHub Exploit DB Packet Storm
249913 6.9 警告 KDE project - kcheckpass における設定済みの PAM スタックを呼び出される脆弱性 CWE-287
不適切な認証 		CVE-2011-5054 2012-01-10 16:39 2012-01-6 Show GitHub Exploit DB Packet Storm
249914 2.6 注意 マイクロソフト
WordPress.org		 - WordPress の wp-comments-post.php におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2012-0287 2012-01-10 16:33 2012-01-3 Show GitHub Exploit DB Packet Storm
249915 4.3 警告 Igor Vlasenko - Perl 用の HTML-Template-Pro モジュールにおけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2011-4616 2012-01-10 16:30 2012-01-6 Show GitHub Exploit DB Packet Storm
249916 4.3 警告 GNU Project - GnuTLS の DTLS 実装における部分的に平文に復元される脆弱性 CWE-310
暗号の問題 		CVE-2012-0390 2012-01-10 16:29 2012-01-6 Show GitHub Exploit DB Packet Storm
249917 7.5 危険 Google - Google Chrome におけるスタックベースのバッファオーバーフローの脆弱性 CWE-119
バッファエラー 		CVE-2011-3922 2012-01-10 11:22 2012-01-5 Show GitHub Exploit DB Packet Storm
249918 7.5 危険 Google - Google Chrome におけるサービス運用妨害 (DoS) の脆弱性 CWE-399
リソース管理の問題 		CVE-2011-3921 2012-01-10 11:21 2012-01-5 Show GitHub Exploit DB Packet Storm
249919 7.8 危険 ISC, Inc.
Electric Sheep Fencing
レッドハット		 - ISC DHCP サーバにおけるサービス運用妨害 (dhcp デーモンの停止) の脆弱性 CWE-20
不適切な入力確認 		CVE-2011-2748 2012-01-6 19:20 2011-07-27 Show GitHub Exploit DB Packet Storm
249920 9.3 危険 Mozilla Foundation
レッドハット		 - Mozilla Firefox および Thunderbird の JSSubScriptLoader における権限を取得される脆弱性 CWE-20
不適切な入力確認 		CVE-2011-3647 2012-01-6 19:13 2011-11-8 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:May 9, 2026, 5:07 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
197881 6.8 MEDIUM
Network 		gilacms gila_cms Gila CMS 1.11.8 allows /cm/delete?t=../ Directory Traversal. CWE-22
Path Traversal 		CVE-2020-5513 2024-11-21 14:34 2020-01-7 Show GitHub Exploit DB Packet Storm
197882 6.8 MEDIUM
Network 		gilacms gila_cms Gila CMS 1.11.8 allows /admin/media?path=../ Path Traversal. CWE-22
Path Traversal 		CVE-2020-5512 2024-11-21 14:34 2020-01-7 Show GitHub Exploit DB Packet Storm
197883 7.2 HIGH
Network 		gilacms gila_cms Gila CMS 1.11.8 allows /admin/sql?query= SQL Injection. CWE-89
SQL Injection 		CVE-2020-5515 2024-11-21 14:34 2020-01-7 Show GitHub Exploit DB Packet Storm
197884 9.1 CRITICAL
Network 		gilacms gila_cms Gila CMS 1.11.8 allows Unrestricted Upload of a File with a Dangerous Type via .phar or .phtml to the lzld/thumb?src= URI. CWE-434
 Unrestricted Upload of File with Dangerous Type  		CVE-2020-5514 2024-11-21 14:34 2020-01-7 Show GitHub Exploit DB Packet Storm
197885 7.5 HIGH
Network 		hashbrowncms hashbrown_cms An issue was discovered in HashBrown CMS before 1.3.2. Server/Entity/Resource/Connection.js allows an attacker to reach a parent directory via a crafted name or ID field. CWE-22
Path Traversal 		CVE-2020-5840 2024-11-21 14:34 2020-01-7 Show GitHub Exploit DB Packet Storm
197886 9.8 CRITICAL
Network 		litespeedtech openlitespeed The WebAdmin Console in OpenLiteSpeed before v1.6.5 does not strictly check request URLs, as demonstrated by the "Server Configuration > External App" screen. CWE-20
 Improper Input Validation  		CVE-2020-5519 2024-11-21 14:34 2020-01-6 Show GitHub Exploit DB Packet Storm
197887 9.8 CRITICAL
Network 		apache rust_sgx_sdk Baidu Rust SGX SDK through 1.0.8 has an enclave ID race. There are non-deterministic results in which, sometimes, two global IDs are the same. NVD-CWE-noinfo
CVE-2020-5499 2024-11-21 14:34 2020-01-4 Show GitHub Exploit DB Packet Storm
197888 6.1 MEDIUM
Network 		mitreid connect The OpenID Connect reference implementation for MITREid Connect through 1.3.3 allows XSS due to userInfoJson being included in the page unsanitized. This is related to header.tag. The issue can be ex… CWE-79
Cross-site Scripting 		CVE-2020-5497 2024-11-21 14:34 2020-01-4 Show GitHub Exploit DB Packet Storm
197889 8.8 HIGH
Network 		fontforge
opensuse 		fontforge
leap 		FontForge 20190801 has a heap-based buffer overflow in the Type2NotDefSplines() function in splinesave.c. CWE-787
 Out-of-bounds Write 		CVE-2020-5496 2024-11-21 14:34 2020-01-4 Show GitHub Exploit DB Packet Storm
197890 8.8 HIGH
Network 		fontforge
fedoraproject
opensuse 		fontforge
fedora
leap 		FontForge 20190801 has a use-after-free in SFD_GetFontMetaData in sfd.c. CWE-416
 Use After Free 		CVE-2020-5395 2024-11-21 14:34 2020-01-4 Show GitHub Exploit DB Packet Storm