Vulnerability Search Top

Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

Vulnerability Information Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":May 18, 2026, 6 p.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
249941	5	警告	IBM	-	IBM OmniFind におけるサービス運用妨害 (DoS) 状態となる脆弱性	CWE-399 リソース管理の問題	CVE-2010-3899	2012-03-27 18:42	2010-11-12	Show	GitHub Exploit DB Packet Storm

249942	5	警告	IBM	-	IBM OmniFind における認証を回避する脆弱性	CWE-264 認可・権限・アクセス制御	CVE-2010-3898	2012-03-27 18:42	2010-11-12	Show	GitHub Exploit DB Packet Storm

249943	5	警告	IBM	-	IBM OmniFind の ESSearchApplication/palette.do における重要な情報を取得される脆弱性	CWE-255 証明書・パスワード管理	CVE-2010-3897	2012-03-27 18:42	2010-11-12	Show	GitHub Exploit DB Packet Storm

249944	7.5	危険	IBM	-	IBM OmniFind の ESSearchApplication ディレクトリツリーにおけるサーバ設定を変更される脆弱性	CWE-287 不適切な認証	CVE-2010-3896	2012-03-27 18:42	2010-11-12	Show	GitHub Exploit DB Packet Storm

249945	7.2	危険	IBM	-	IBM OmniFind の esRunCommand における権限を取得される脆弱性	CWE-264 認可・権限・アクセス制御	CVE-2010-3895	2012-03-27 18:42	2010-11-12	Show	GitHub Exploit DB Packet Storm

249946	9.3	危険	IBM	-	IBM OmniFind の Java_com_ibm_es_oss_CryptionNative_ESEncrypt 関数におけるスタックベースのバッファオーバーフローの脆弱性	CWE-119 バッファエラー	CVE-2010-3894	2012-03-27 18:42	2010-11-12	Show	GitHub Exploit DB Packet Storm

249947	7.5	危険	IBM	-	IBM OmniFind の管理インタフェースにおける任意の管理者操作を実行される脆弱性	CWE-264 認可・権限・アクセス制御	CVE-2010-3893	2012-03-27 18:42	2010-11-12	Show	GitHub Exploit DB Packet Storm

249948	6.8	警告	IBM	-	IBM OmniFind のログインフォームにおけるセッションをハイジャックされる脆弱性	CWE-Other その他	CVE-2010-3892	2012-03-27 18:42	2010-11-12	Show	GitHub Exploit DB Packet Storm

249949	6.8	警告	IBM	-	IBM OmniFind の ESAdmin/security.do におけるクロスサイトリクエストフォージェリの脆弱性	CWE-352 同一生成元ポリシー違反	CVE-2010-3891	2012-03-27 18:42	2010-11-12	Show	GitHub Exploit DB Packet Storm

249950	4.3	警告	IBM	-	IBM OmniFind におけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2010-3890	2012-03-27 18:42	2010-11-12	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:May 18, 2026, 4:12 a.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
213721	9.8	CRITICAL Network	dom4j_project oracle opensuse netapp canonical	dom4j insurance_policy_administration_j2ee insurance_rules_palette retail_integration_bus webcenter_portal utilities_framework flexcube_core_banking business_process_management_s…	dom4j before 2.0.3 and 2.1.x before 2.1.3 allows external DTDs and External Entities by default, which might enable XXE attacks. However, there is popular external documentation from OWASP showing ho…	CWE-611 XXE	CVE-2020-10683	2024-11-21 13:55	2020-05-2	Show	GitHub Exploit DB Packet Storm

213722	5.2	MEDIUM Local	redhat	ansible_engine ansible_tower	An archive traversal flaw was found in all ansible-engine versions 2.9.x prior to 2.9.7, when running ansible-galaxy collection install. When extracting a collection .tar.gz file, the directory is cr…	CWE-22 Path Traversal	CVE-2020-10691	2024-11-21 13:55	2020-05-1	Show	GitHub Exploit DB Packet Storm

213723	7.5	HIGH Network	json_project fedoraproject opensuse debian apple	json fedora leap debian_linux macos	The JSON gem through 2.2.0 for Ruby, as used in Ruby 2.4 through 2.4.9, 2.5 through 2.5.7, and 2.6 through 2.6.5, has an Unsafe Object Creation Vulnerability. This is quite similar to CVE-2013-0269, …	CWE-20 Improper Input Validation	CVE-2020-10663	2024-11-21 13:55	2020-04-29	Show	GitHub Exploit DB Packet Storm

213724	7.5	HIGH Network	inductiveautomation	ignition_gateway	An unprotected logging route may allow an attacker to write endless log statements into the database without space limits or authentication. This results in consuming the entire available hard-disk s…	CWE-306 Missing Authentication for Critical Function	CVE-2020-10641	2024-11-21 13:55	2020-04-29	Show	GitHub Exploit DB Packet Storm

213725	7.5	HIGH Network	windriver	vxworks	The IGMP component in VxWorks 6.8.3 IPNET CVE patches created in 2019 has a NULL Pointer Dereference.	CWE-476 NULL Pointer Dereference	CVE-2020-10664	2024-11-21 13:55	2020-04-27	Show	GitHub Exploit DB Packet Storm

213726	8.2	HIGH Network	redhat	openshift_container_platform	A flaw was found in OpenShift Container Platform version 4.1 and later. Sensitive information was found to be logged by the image registry operator allowing an attacker able to gain access to those l…	-	CVE-2020-10712	2024-11-21 13:55	2020-04-23	Show	GitHub Exploit DB Packet Storm

213727	9.8	CRITICAL Network	sysaid	on-premise	SysAid On-Premise 20.1.11, by default, allows the AJP protocol port, which is vulnerable to a GhostCat attack. Additionally, it allows unauthenticated access to upload files, which can be used to exe…	CWE-434 Unrestricted Upload of File with Dangerous Type	CVE-2020-10569	2024-11-21 13:55	2020-04-22	Show	GitHub Exploit DB Packet Storm

213728	9.8	CRITICAL Network	mitel	mivoice_connect_client mivoice_connect	A weak encryption vulnerability in Mitel MiVoice Connect Client before 214.100.1214.0 could allow an unauthenticated attacker to gain access to user credentials. A successful exploit could allow an a…	CWE-327 Use of a Broken or Risky Cryptographic Algorithm	CVE-2020-10377	2024-11-21 13:55	2020-04-17	Show	GitHub Exploit DB Packet Storm

213729	7.5	HIGH Network	trianglemicroworks	scada_data_gateway	Triangle MicroWorks SCADA Data Gateway 3.02.0697 through 4.0.122, 2.41.0213 through 4.0.122 allows remote attackers cause a denial-of-service condition due to a lack of proper validation of the lengt…	CWE-787 Out-of-bounds Write	CVE-2020-10615	2024-11-21 13:55	2020-04-16	Show	GitHub Exploit DB Packet Storm

213730	7.5	HIGH Network	trianglemicroworks	scada_data_gateway	Triangle MicroWorks SCADA Data Gateway 3.02.0697 through 4.0.122, 2.41.0213 through 4.0.122 allows remote attackers to disclose sensitive information due to the lack of proper validation of user-supp…	CWE-125 Out-of-bounds Read	CVE-2020-10613	2024-11-21 13:55	2020-04-16	Show	GitHub Exploit DB Packet Storm