Vulnerability Search Top

Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

Vulnerability Information Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":May 12, 2026, 6 p.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
250381	7.8	危険	MySQL AB	-	Windows 上で稼働する MySQL におけるサービス運用妨害 (DoS) の脆弱性	CWE-399 リソース管理の問題	CVE-2011-5049	2012-01-6 15:39	2012-01-4	Show	GitHub Exploit DB Packet Storm

250382	5.1	警告	e107.org	-	e107 の usersettings.php における SQL インジェクションの脆弱性	CWE-89 SQLインジェクション	CVE-2011-4921	2012-01-6 15:28	2012-01-4	Show	GitHub Exploit DB Packet Storm

250383	4.3	警告	e107.org	-	e107 におけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2011-4920	2012-01-6 15:28	2012-01-4	Show	GitHub Exploit DB Packet Storm

250384	4.3	警告	IBM	-	IBM TFIM および TFIMBG における意図された認証または認証要件を回避される脆弱性	CWE-264 認可・権限・アクセス制御	CVE-2011-1386	2012-01-6 15:26	2011-12-13	Show	GitHub Exploit DB Packet Storm

250385	4	警告	IBM	-	IBM AIX 上の invscout.rte における任意のファイルを削除される脆弱性	CWE-59 リンク解釈の問題	CVE-2011-1384	2012-01-6 15:24	2011-12-2	Show	GitHub Exploit DB Packet Storm

250386	4.3	警告	IBM	-	IBM Web Experience Factory におけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2011-5048	2012-01-6 15:23	2012-01-3	Show	GitHub Exploit DB Packet Storm

250387	4.3	警告	Electric Sheep Fencing	-	pfSense におけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2011-5047	2012-01-6 15:22	2012-01-3	Show	GitHub Exploit DB Packet Storm

250388	7.5	危険	Electric Sheep Fencing	-	pfSense における証明書を作成される脆弱性	CWE-264 認可・権限・アクセス制御	CVE-2011-4197	2012-01-6 15:21	2011-12-20	Show	GitHub Exploit DB Packet Storm

250389	4.3	警告	Splunk	-	Splunk の Splunk Web におけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2011-4778	2012-01-5 16:29	2011-12-12	Show	GitHub Exploit DB Packet Storm

250390	9.3	危険	Splunk	-	Splunk における任意のファイルを読まれる脆弱性	CWE-287 不適切な認証	CVE-2011-4644	2012-01-5 16:28	2012-01-3	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:May 13, 2026, 5:05 a.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
196861	9.8	CRITICAL Network	prosody debian	mod_auth_ldap2 mod_auth_ldap debian_linux	The mod_auth_ldap and mod_auth_ldap2 Community Modules through 2020-01-27 for Prosody incompletely verify the XMPP address passed to the is_admin() function. This grants remote entities admin-only fu…	CWE-863 Incorrect Authorization	CVE-2020-8086	2024-11-21 14:38	2020-01-29	Show	GitHub Exploit DB Packet Storm

196862	5.4	MEDIUM Network	liferay	liferay_portal	In LifeRay Portal CE 7.1.0 through 7.2.1 GA2, the First Name, Middle Name, and Last Name fields for user accounts in MyAccountPortlet are all vulnerable to a persistent XSS issue. Any user can modify…	CWE-79 Cross-site Scripting	CVE-2020-7934	2024-11-21 14:38	2020-01-28	Show	GitHub Exploit DB Packet Storm

196863	8.8	HIGH Network	super_file_explorer_project	super_file_explorer	An arbitrary file upload vulnerability has been discovered in the Super File Explorer app 1.0.1 for iOS. The vulnerability is located in the developer path that is accessible and hidden next to the r…	CWE-434 Unrestricted Upload of File with Dangerous Type	CVE-2020-7998	2024-11-21 14:38	2020-01-28	Show	GitHub Exploit DB Packet Storm

196864	6.1	MEDIUM Network	asus	rt-ac66u_firmware	ASUS WRT-AC66U 3 RT 3.0.0.4.372_67 devices allow XSS via the Client Name field to the Parental Control feature.	CWE-79 Cross-site Scripting	CVE-2020-7997	2024-11-21 14:38	2020-01-28	Show	GitHub Exploit DB Packet Storm

196865	6.1	MEDIUM Network	typo3	typo3	svg.swf in TYPO3 6.2.0 to 6.2.38 ELTS and 7.0.0 to 7.1.0 could allow an unauthenticated, remote attacker to conduct a cross-site scripting (XSS) attack on a targeted system. This may be at a contrib/…	CWE-79 Cross-site Scripting	CVE-2020-8091	2024-11-21 14:38	2020-01-28	Show	GitHub Exploit DB Packet Storm

196866	4.8	MEDIUM Network	a1	wlan_box_adb_vv2220_firmware	The Username field in the Storage Service settings of A1 WLAN Box ADB VV2220v2 devices allows stored XSS (after a successful Administrator login).	CWE-79 Cross-site Scripting	CVE-2020-8090	2024-11-21 14:38	2020-01-28	Show	GitHub Exploit DB Packet Storm

196867	9.8	CRITICAL Network	usebb	usebb	panel_login.php in UseBB 1.0.12 allows type juggling for login bypass because != is used instead of !== for password hashes, which mishandles hashes that begin with 0e followed by exclusively numeric…	NVD-CWE-noinfo	CVE-2020-8088	2024-11-21 14:38	2020-01-28	Show	GitHub Exploit DB Packet Storm

196868	9.8	CRITICAL Network	smc	d3g0804w_firmware	SMC Networks D3G0804W D3GNV5M-3.5.1.6.10_GA devices allow remote command execution by leveraging access to the Network Diagnostic Tools screen, as demonstrated by an admin login. The attacker must us…	CWE-20 Improper Input Validation	CVE-2020-8087	2024-11-21 14:38	2020-01-28	Show	GitHub Exploit DB Packet Storm

196869	7.8	HIGH Local	valvesoftware	dota_2	rendersystemdx9.dll in Valve Dota 2 before 7.23f allows remote attackers to achieve code execution or denial of service by creating a gaming server and inviting a victim to this server, because a cra…	NVD-CWE-noinfo	CVE-2020-7952	2024-11-21 14:38	2020-01-28	Show	GitHub Exploit DB Packet Storm

196870	7.8	HIGH Local	valvesoftware	dota_2	meshsystem.dll in Valve Dota 2 before 7.23e allows remote attackers to achieve code execution or denial of service by creating a gaming server and inviting a victim to this server, because a crafted …	CWE-787 Out-of-bounds Write	CVE-2020-7951	2024-11-21 14:38	2020-01-28	Show	GitHub Exploit DB Packet Storm