Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":May 12, 2026, 10 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
249941 4.3 警告 Sphinx Software - Sphinx Software Mobile Web Server におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2012-1005 2012-02-9 16:52 2012-02-7 Show GitHub Exploit DB Packet Storm
249942 7.5 危険 Hudong - HDWiki の attachement.php における任意のコードを実行される脆弱性 CWE-Other
その他 		CVE-2011-5077 2012-02-9 16:01 2012-02-8 Show GitHub Exploit DB Packet Storm
249943 7.5 危険 Hudong - HDWiki の model/comment.class.php における SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2011-5076 2012-02-9 16:00 2012-02-8 Show GitHub Exploit DB Packet Storm
249944 7.5 危険 Likno Software Inc. - WordPress 用 AllWebMenus プラグインの actions.php における任意の PHP コードを実行される脆弱性 CWE-264
認可・権限・アクセス制御 		CVE-2012-1011 2012-02-9 15:59 2012-02-7 Show GitHub Exploit DB Packet Storm
249945 7.5 危険 Likno Software Inc. - WordPress 用 AllWebMenus プラグインの actions.php における任意の PHP コードを実行される脆弱性 CWE-20
不適切な入力確認 		CVE-2012-1010 2012-02-9 15:59 2012-02-7 Show GitHub Exploit DB Packet Storm
249946 8.5 危険 OpenEMR - OpenEMR の interface/fax/fax_dispatch.php における任意のコマンドを実行される脆弱性 CWE-20
不適切な入力確認 		CVE-2012-0992 2012-02-9 15:57 2012-02-7 Show GitHub Exploit DB Packet Storm
249947 3.5 注意 OpenEMR - OpenEMR におけるディレクトリトラバーサルの脆弱性 CWE-22
パス・トラバーサル 		CVE-2012-0991 2012-02-9 15:57 2012-02-7 Show GitHub Exploit DB Packet Storm
249948 3.5 注意 DClassifieds - DClassifieds の admin/settings/update におけるクロスサイトリクエストフォージェリの脆弱性 CWE-352
同一生成元ポリシー違反 		CVE-2012-0990 2012-02-9 15:56 2012-02-7 Show GitHub Exploit DB Packet Storm
249949 4.3 警告 Zenphoto - Zenphoto の zp-core/admin.php におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2010-4907 2012-02-9 11:18 2011-10-8 Show GitHub Exploit DB Packet Storm
249950 7.5 危険 Zenphoto - Zenphoto の zp-core/full-image.php における SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2010-4906 2012-02-9 11:12 2011-10-8 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:May 12, 2026, 5:06 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
210921 5.5 MEDIUM
Local 		canonical
debian 		ubuntu_linux
debian_linux 		It was discovered that aufs improperly managed inode reference counts in the vfsub_dentry_open() method. A local attacker could use this vulnerability to cause a denial of service attack. NVD-CWE-Other
CVE-2020-11935 2024-11-21 13:58 2023-04-7 Show GitHub Exploit DB Packet Storm
210922 8.1 HIGH
Network 		thimpress learnpress The LearnPress plugin before 3.2.6.9 for WordPress allows remote attackers to escalate the privileges of any user to LP Instructor via the accept-to-be-teacher action parameter. CWE-862
 Missing Authorization 		CVE-2020-11511 2024-11-21 13:58 2021-07-30 Show GitHub Exploit DB Packet Storm
210923 7.8 HIGH
Local 		zscaler client_connector The Zscaler Client Connector for Windows prior to 2.1.2.105 had a DLL hijacking vulnerability caused due to the configuration of OpenSSL. A local adversary may be able to execute arbitrary code in th… CWE-427
 Uncontrolled Search Path Element 		CVE-2020-11634 2024-11-21 13:58 2021-07-16 Show GitHub Exploit DB Packet Storm
210924 7.8 HIGH
Local 		zscaler client_connector The Zscaler Client Connector prior to 2.1.2.150 did not quote the search path for services, which allows a local adversary to execute code with system privileges. CWE-428
 Unquoted Search Path or Element 		CVE-2020-11632 2024-11-21 13:58 2021-07-16 Show GitHub Exploit DB Packet Storm
210925 9.8 CRITICAL
Network 		zscaler client_connector The Zscaler Client Connector for Windows prior to 2.1.2.74 had a stack based buffer overflow when connecting to misconfigured TLS servers. An adversary would potentially have been able to execute arb… CWE-787
 Out-of-bounds Write 		CVE-2020-11633 2024-11-21 13:58 2021-07-16 Show GitHub Exploit DB Packet Storm
210926 5.5 MEDIUM
Local 		wizconnected colors_a60_firmware An issue was discovered in WiZ Colors A60 1.14.0. Wi-Fi credentials are stored in cleartext in flash memory, which presents an information-disclosure risk for a discarded or resold device. CWE-312
 Cleartext Storage of Sensitive Information 		CVE-2020-11924 2024-11-21 13:58 2021-04-3 Show GitHub Exploit DB Packet Storm
210927 5.5 MEDIUM
Local 		wizconnected wiz An issue was discovered in WiZ Colors A60 1.14.0. API credentials are locally logged. CWE-312
 Cleartext Storage of Sensitive Information 		CVE-2020-11923 2024-11-21 13:58 2021-04-3 Show GitHub Exploit DB Packet Storm
210928 8.8 HIGH
Adjacent 		luvion grand_elite_3_connect_firmware An issue was discovered in Luvion Grand Elite 3 Connect through 2020-02-25. Authentication to the device is based on a username and password. The root credentials are the same across all devices of t… CWE-522
 Insufficiently Protected Credentials 		CVE-2020-11925 2024-11-21 13:58 2021-04-3 Show GitHub Exploit DB Packet Storm
210929 4.3 MEDIUM
Adjacent 		wizconnected a60_colors_firmware An issue was discovered in WiZ Colors A60 1.14.0. The device sends unnecessary information to the cloud controller server. Although this information is sent encrypted and has low risk in isolation, i… CWE-200
Information Exposure 		CVE-2020-11922 2024-11-21 13:58 2021-04-3 Show GitHub Exploit DB Packet Storm
210930 7.8 HIGH
Local 		zscaler client_connector The Zscaler Client Connector prior to 3.1.0 did not sufficiently validate RPC clients, which allows a local adversary to execute code with system privileges or perform limited actions for which they … NVD-CWE-noinfo
CVE-2020-11635 2024-11-21 13:58 2021-02-17 Show GitHub Exploit DB Packet Storm