Vulnerability Search Top

Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

Vulnerability Information Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":May 26, 2026, 10 a.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
250221	7.5	危険	WordPress.org edgetechweb	-	Event Registration プラグインにおける SQL インジェクションの脆弱性	CWE-89 SQLインジェクション	CVE-2010-4839	2012-03-27 18:42	2011-09-13	Show	GitHub Exploit DB Packet Storm

250222	6	警告	extensiondepot Joomla!	-	Joomla! の JSupport (com_jsupport) コンポーネントにおける SQL インジェクションの脆弱性	CWE-89 SQLインジェクション	CVE-2010-4838	2012-03-27 18:42	2011-09-13	Show	GitHub Exploit DB Packet Storm

250223	4.3	警告	extensiondepot	-	Joomla! の JSupport (com_jsupport) コンポーネントにおけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2010-4837	2012-03-27 18:42	2011-09-13	Show	GitHub Exploit DB Packet Storm

250224	4.3	警告	phpshop	-	PHPShop の register.html におけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2010-4836	2012-03-27 18:42	2011-09-13	Show	GitHub Exploit DB Packet Storm

250225	4	警告	OneOrZero	-	OneOrZero AIMS の index.php におけるディレクトリトラバーサルの脆弱性	CWE-22 パス・トラバーサル	CVE-2010-4835	2012-03-27 18:42	2011-09-13	Show	GitHub Exploit DB Packet Storm

250226	6.5	警告	OneOrZero	-	OneOrZero AIMS の index.php における SQL インジェクションの脆弱性	CWE-89 SQLインジェクション	CVE-2010-4834	2012-03-27 18:42	2011-09-13	Show	GitHub Exploit DB Packet Storm

250227	9.3	危険	GTK+	-	GTK+ の modules/engines/ms-windows/xp_theme.c における権限を取得される脆弱性	CWE-Other その他	CVE-2010-4833	2012-03-27 18:42	2011-09-6	Show	GitHub Exploit DB Packet Storm

250228	7.5	危険	t-dreams	-	T-Dreams Job Career Package の Resumes/TD_RESUME_Indlist.asp における SQL インジェクションの脆弱性	CWE-89 SQLインジェクション	CVE-2010-4830	2012-03-27 18:42	2011-08-24	Show	GitHub Exploit DB Packet Storm

250229	7.5	危険	t-dreams	-	T-Dreams Cars Ads Package の processview.asp における SQL インジェクションの脆弱性	CWE-89 SQLインジェクション	CVE-2010-4829	2012-03-27 18:42	2011-08-24	Show	GitHub Exploit DB Packet Storm

250230	4.3	警告	SolarWinds	-	SolarWinds Orion NPM におけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2010-4828	2012-03-27 18:42	2011-08-24	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:May 26, 2026, 4:05 a.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
209841	4.3	MEDIUM Physics	gnome debian canonical opensuse	gnome-shell debian_linux ubuntu_linux leap	An issue was discovered in certain configurations of GNOME gnome-shell through 3.36.4. When logging out of an account, the password box from the login dialog reappears with the password still visible…	CWE-522 Insufficiently Protected Credentials	CVE-2020-17489	2024-11-21 14:08	2020-08-12	Show	GitHub Exploit DB Packet Storm

209842	7.5	HIGH Network	radare fedoraproject	radare2 fedora	radare2 4.5.0 misparses signature information in PE files, causing a segmentation fault in r_x509_parse_algorithmidentifier in libr/util/x509.c. This is due to a malformed object identifier in IMAGE_…	NVD-CWE-noinfo	CVE-2020-17487	2024-11-21 14:08	2020-08-12	Show	GitHub Exploit DB Packet Storm

209843	9.8	CRITICAL Network	turcom	trcwifizone	Turcom TRCwifiZone through 2020-08-10 allows authentication bypass by visiting manage/control.php and ignoring 302 Redirect responses.	CWE-670 Always-Incorrect Control Flow Implementation	CVE-2020-17466	2024-11-21 14:08	2020-08-12	Show	GitHub Exploit DB Packet Storm

209844	7.8	HIGH Local	telegram	telegram_desktop	Telegram Desktop through 2.1.13 allows a spoofed file type to bypass the Dangerous File Type Execution protection mechanism, as demonstrated by use of the chat window with a filename that lacks an ex…	CWE-863 Incorrect Authorization	CVE-2020-17448	2024-11-21 14:08	2020-08-12	Show	GitHub Exploit DB Packet Storm

209845	6.1	MEDIUM Network	tiny	tinymce	TinyMCE before 4.9.7 and 5.x before 5.1.4 allows XSS in the core parser, the paste plugin, and the visualchars plugin by using the clipboard or APIs to insert content into the editor.	CWE-79 Cross-site Scripting	CVE-2020-17480	2024-11-21 14:08	2020-08-11	Show	GitHub Exploit DB Packet Storm

209846	9.8	CRITICAL Network	json_pattern_validator_project	json_pattern_validator	jpv (aka Json Pattern Validator) before 2.2.2 does not properly validate input, as demonstrated by a corrupted array.	CWE-20 Improper Input Validation	CVE-2020-17479	2024-11-21 14:08	2020-08-11	Show	GitHub Exploit DB Packet Storm

209847	7.5	HIGH Network	p5-crypt-perl_project	p5-crypt-perl	ECDSA/EC/Point.pm in Crypt::Perl before 0.33 does not properly consider timing attacks against the EC point multiplication algorithm.	CWE-203 Information Exposure Through Discrepancy	CVE-2020-17478	2024-11-21 14:08	2020-08-11	Show	GitHub Exploit DB Packet Storm

209848	6.1	MEDIUM Network	mibew	messenger	Mibew Messenger before 3.2.7 allows XSS via a crafted user name.	CWE-79 Cross-site Scripting	CVE-2020-17476	2024-11-21 14:08	2020-08-11	Show	GitHub Exploit DB Packet Storm

209849	7.2	HIGH Network	flatcore	flatcore	flatCore before 1.5.7 allows upload and execution of a .php file by an admin.	CWE-434 Unrestricted Upload of File with Dangerous Type	CVE-2020-17452	2024-11-21 14:08	2020-08-10	Show	GitHub Exploit DB Packet Storm

209850	4.8	MEDIUM Network	flatcore	flatcore	flatCore before 1.5.7 allows XSS by an admin via the acp/acp.php?tn=pages&sub=edit&editpage=1 page_linkname, page_title, page_content, or page_extracontent parameter, or the acp/acp.php?tn=system&sub…	CWE-79 Cross-site Scripting	CVE-2020-17451	2024-11-21 14:08	2020-08-10	Show	GitHub Exploit DB Packet Storm