Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":May 20, 2026, 6 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
249961 4.3 警告 Apache Software Foundation - libcloud における証明書偽造の脆弱性 CWE-264
認可・権限・アクセス制御 		CVE-2010-4340 2012-03-27 18:42 2011-09-12 Show GitHub Exploit DB Packet Storm
249962 4.3 警告 hypermail-project - Hypermail におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2010-4339 2012-03-27 18:42 2011-01-14 Show GitHub Exploit DB Packet Storm
249963 6.2 警告 jwilk - ocrodjvu における任意のファイルを変更される脆弱性 CWE-59
リンク解釈の問題 		CVE-2010-4338 2012-03-27 18:42 2011-01-20 Show GitHub Exploit DB Packet Storm
249964 3.3 注意 GNU Project - gnash の configure スクリプトにおける任意のファイルを上書きされる脆弱性 CWE-59
リンク解釈の問題 		CVE-2010-4337 2012-03-27 18:42 2011-01-14 Show GitHub Exploit DB Packet Storm
249965 7.5 危険 Cake Software Foundation - CakePHP の _validatePost 関数における内部 Cake キャッシュを変更される脆弱性 CWE-20
不適切な入力確認 		CVE-2010-4335 2012-03-27 18:42 2011-01-14 Show GitHub Exploit DB Packet Storm
249966 4 警告 io-socket-ssl - IO::Socket::SSL モジュールにおける証明書の制限を回避される脆弱性 CWE-310
暗号の問題 		CVE-2010-4334 2012-03-27 18:42 2011-01-13 Show GitHub Exploit DB Packet Storm
249967 7.5 危険 Laurent Destailleur - AWStats における任意のコマンドを実行される脆弱性 CWE-94
コード・インジェクション 		CVE-2010-4367 2012-03-27 18:42 2010-12-2 Show GitHub Exploit DB Packet Storm
249968 4.3 警告 abk-soft - Chameleon Social Networking の forum_new_topic.php におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2010-4366 2012-03-27 18:42 2010-12-1 Show GitHub Exploit DB Packet Storm
249969 7.5 危険 Joomla!
Jextensions		 - Joomla! のJE Ajax Event Calendar コンポーネントにおける SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2010-4365 2012-03-27 18:42 2010-12-1 Show GitHub Exploit DB Packet Storm
249970 4.3 警告 dadabik - DaDaBIK における保護メカニズムを回避される脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2010-4364 2012-03-27 18:42 2010-12-1 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:May 20, 2026, 4:14 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
210461 7.5 HIGH
Network 		trendmicro antivirus\+_2020
internet_security_2020
maximum_security_2020
premium_security_2020 		An invalid memory read vulnerability in a Trend Micro Secuity 2020 (v16.0.0.1302 and below) consumer family of products' driver could allow an attacker to manipulate the specific driver to do a syste… CWE-125
Out-of-bounds Read 		CVE-2020-15603 2024-11-21 14:05 2020-07-16 Show GitHub Exploit DB Packet Storm
210462 5.6 MEDIUM
Network 		ajv.js ajv An issue was discovered in ajv.validate() in Ajv (aka Another JSON Schema Validator) 6.12.2. A carefully crafted JSON schema could be provided that allows execution of other code by prototype polluti… CWE-1321
 Improperly Controlled Modification of Object Prototype Attributes ('Prototype Pollution') 		CVE-2020-15366 2024-11-21 14:05 2020-07-16 Show GitHub Exploit DB Packet Storm
210463 7.8 HIGH
Local 		trendmicro antivirus\+_2020
internet_security_2020
maximum_security_2020
premium_security_2020 		An untrusted search path remote code execution (RCE) vulnerability in the Trend Micro Secuity 2020 (v16.0.0.1146 and below) consumer family of products could allow an attacker to run arbitrary code o… CWE-426
 Untrusted Search Path 		CVE-2020-15602 2024-11-21 14:05 2020-07-16 Show GitHub Exploit DB Packet Storm
210464 7.5 HIGH
Network 		torproject tor Tor before 0.4.3.6 has an out-of-bounds memory access that allows a remote denial-of-service (crash) attack against Tor instances built to use Mozilla Network Security Services (NSS), aka TROVE-2020-… CWE-125
Out-of-bounds Read 		CVE-2020-15572 2024-11-21 14:05 2020-07-16 Show GitHub Exploit DB Packet Storm
210465 9.8 CRITICAL
Network 		sophos xg_firewall_firmware A SQL injection vulnerability in the user and admin web interfaces of Sophos XG Firewall v18.0 MR1 and older potentially allows an attacker to run arbitrary code remotely. The fix is built into the r… CWE-89
SQL Injection 		CVE-2020-15504 2024-11-21 14:05 2020-07-11 Show GitHub Exploit DB Packet Storm
210466 6.1 MEDIUM
Network 		king-theme kingcomposer A reflected Cross-Site Scripting (XSS) Vulnerability in the KingComposer plugin through 2.9.4 for WordPress allows remote attackers to trick a victim into submitting an install_online_preset AJAX req… CWE-79
Cross-site Scripting 		CVE-2020-15299 2024-11-21 14:05 2020-07-10 Show GitHub Exploit DB Packet Storm
210467 5.9 MEDIUM
Network 		red-gate sql_monitor In Redgate SQL Monitor 7.1.4 through 10.1.6 (inclusive), the scope for disabling some TLS security certificate checks can extend beyond that defined by various options on the Configuration > Notifica… CWE-295
Improper Certificate Validation  		CVE-2020-15526 2024-11-21 14:05 2020-07-10 Show GitHub Exploit DB Packet Storm
210468 6.5 MEDIUM
Network 		cmsuno_project cmsuno An issue was discovered in CMSUno before 1.6.1. uno.php allows CSRF to change the admin password. CWE-352
 Origin Validation Error 		CVE-2020-15600 2024-11-21 14:05 2020-07-8 Show GitHub Exploit DB Packet Storm
210469 6.1 MEDIUM
Network 		victor_cms_project victor_cms Victor CMS through 2019-02-28 allows XSS via the register.php user_firstname or user_lastname field. CWE-79
Cross-site Scripting 		CVE-2020-15599 2024-11-21 14:05 2020-07-8 Show GitHub Exploit DB Packet Storm
210470 9.8 CRITICAL
Network 		riot-os riot RIOT 2020.04 has a buffer overflow in the base64 decoder. The decoding function base64_decode() uses an output buffer estimation function to compute the required buffer capacity and validate against … CWE-119
CWE-131
Incorrect Access of Indexable Resource ('Range Error') 
Incorrect Calculation of Buffer Size 		CVE-2020-15350 2024-11-21 14:05 2020-07-8 Show GitHub Exploit DB Packet Storm