Vulnerability Search Top

Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

Vulnerability Information Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":May 7, 2026, 12:09 p.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
250401	6.8	警告	アップル	-	Apple Mac OS X の QuickTime におけるバッファオーバーフローの脆弱性	CWE-119 バッファエラー	CVE-2011-3222	2011-10-26 09:42	2011-10-14	Show	GitHub Exploit DB Packet Storm

250402	6.8	警告	アップル	-	Apple Mac OS X の QuickTime における任意のコードを実行される脆弱性	CWE-94 コード・インジェクション	CVE-2011-3221	2011-10-26 09:41	2011-10-14	Show	GitHub Exploit DB Packet Storm

250403	6.8	警告	Django Software Foundation	-	Django の CSRF 保護メカニズムにおける認証されずに偽造されたリクエストを誘発される脆弱性	CWE-352 同一生成元ポリシー違反	CVE-2011-4140	2011-10-25 16:54	2011-09-9	Show	GitHub Exploit DB Packet Storm

250404	5	警告	Django Software Foundation	-	Django におけるキャッシュポイズニング攻撃を誘発される脆弱性	CWE-20 不適切な入力確認	CVE-2011-4139	2011-10-25 16:54	2011-09-9	Show	GitHub Exploit DB Packet Storm

250405	5	警告	Django Software Foundation	-	Django の URLField 実装内にある verify_exists 機能における任意の GET リクエストを誘発される脆弱性	CWE-20 不適切な入力確認	CVE-2011-4138	2011-10-25 16:53	2011-09-9	Show	GitHub Exploit DB Packet Storm

250406	5	警告	Django Software Foundation	-	Django の URLField 実装内にある verify_exists 機能におけるサービス運用妨害 (リソース消費) の脆弱性	CWE-399 リソース管理の問題	CVE-2011-4137	2011-10-25 16:53	2011-09-9	Show	GitHub Exploit DB Packet Storm

250407	5.8	警告	Django Software Foundation	-	Django の django.contrib.sessions におけるセッションを変更される脆弱性	CWE-20 不適切な入力確認	CVE-2011-4136	2011-10-25 16:52	2011-09-9	Show	GitHub Exploit DB Packet Storm

250408	4.3	警告	シスコシステムズ	-	Cisco TelePresence Video Communication Servers の管理インターフェイスにおけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2011-3294	2011-10-25 16:50	2011-10-12	Show	GitHub Exploit DB Packet Storm

250409	10	危険	ヒューレット・パッカード	-	HP Data Protector における任意のコードを実行される脆弱性	CWE-noinfo 情報不足	CVE-2011-3162	2011-10-25 16:50	2011-10-18	Show	GitHub Exploit DB Packet Storm

250410	10	危険	ヒューレット・パッカード	-	HP Data Protector における任意のコードを実行される脆弱性	CWE-noinfo 情報不足	CVE-2011-3161	2011-10-25 16:49	2011-10-18	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:May 7, 2026, 4:22 a.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
197461	5.3	MEDIUM Network	sonicwall	sonicos	SonicOS SSLVPN LDAP login request allows remote attackers to cause external service interaction (DNS) due to improper validation of the request. This vulnerability impact SonicOS version 6.5.4.4-44n …	CWE-20 Improper Input Validation	CVE-2020-5130	2024-11-21 14:33	2020-07-18	Show	GitHub Exploit DB Packet Storm

197462	6.5	MEDIUM Network	traccar	traccar	Traccar GPS Tracking System before version 4.9 has a LDAP injection vulnerability. It occurs when user input is being used in LDAP search filter. By providing specially crafted input, an attacker can…	CWE-74 Injection	CVE-2020-5246	2024-11-21 14:33	2020-07-15	Show	GitHub Exploit DB Packet Storm

197463	6.5	MEDIUM Network	dell	powerprotect_data_manager powerprotect_x400_firmware	Dell PowerProtect Data Manager (PPDM) versions prior to 19.4 and Dell PowerProtect X400 versions prior to 3.2 contain an improper authorization vulnerability. A remote authenticated malicious user ma…	CWE-552 Files or Directories Accessible to External Parties	CVE-2020-5356	2024-11-21 14:33	2020-07-7	Show	GitHub Exploit DB Packet Storm

197464	8.8	HIGH Network	dell	emc_data_protection_advisor	Dell EMC Data Protection Advisor 6.4, 6.5 and 18.1 contain an OS command injection vulnerability. A remote authenticated malicious user may exploit this vulnerability to execute arbitrary commands on…	CWE-78 OS Command	CVE-2020-5352	2024-11-21 14:33	2020-07-7	Show	GitHub Exploit DB Packet Storm

197465	6.5	MEDIUM Network	github_flavored_markdown_project fedoraproject	github_flavored_markdown fedora	The table extension in GitHub Flavored Markdown before version 0.29.0.gfm.1 takes O(n * n) time to parse certain inputs. An attacker could craft a markdown table which would take an unreasonably long…	-	CVE-2020-5238	2024-11-21 14:33	2020-07-2	Show	GitHub Exploit DB Packet Storm

197466	5.4	MEDIUM Network	dell	powermax_os emc_unisphere_for_powermax_virtual_appliance emc_unisphere_for_powermax	Dell EMC Unisphere for PowerMax versions prior to 9.1.0.17, Dell EMC Unisphere for PowerMax Virtual Appliance versions prior to 9.1.0.17, and PowerMax OS Release 5978 contain an authorization bypass …	CWE-862 Missing Authorization	CVE-2020-5345	2024-11-21 14:33	2020-06-24	Show	GitHub Exploit DB Packet Storm

197467	7.8	HIGH Local	dell	endpoint_security_suite_enterprise encryption	Dell Encryption versions prior to 10.7 and Dell Endpoint Security Suite versions prior to 2.7 contain a privilege escalation vulnerability due to incorrect permissions. A local malicious user with lo…	CWE-732 Incorrect Permission Assignment for Critical Resource	CVE-2020-5358	2024-11-21 14:33	2020-06-16	Show	GitHub Exploit DB Packet Storm

197468	4.4	MEDIUM Local	dell	chengming_3967_firmware chengming_3977_firmware chengming_3980_firmware chengming_3988_firmware chengming_3990_firmware chengming_3991_firmware g3_15_3500_firmware g3_15_3590_fir…	Dell Client Consumer and Commercial platforms include an improper authorization vulnerability in the Dell Manageability interface for which an unauthorized actor, with local system access with OS adm…	CWE-862 Missing Authorization	CVE-2020-5362	2024-11-21 14:33	2020-06-11	Show	GitHub Exploit DB Packet Storm

197469	7.5	HIGH Network	whitesourcesoftware	whitesource	The dashboard in WhiteSource Application Vulnerability Management (AVM) before version 20.4.1 allows Log Injection via a %0A%0D substring in the idp parameter to the /saml/login URI. This closes the …	CWE-116 Improper Encoding or Escaping of Output	CVE-2020-5304	2024-11-21 14:33	2020-06-9	Show	GitHub Exploit DB Packet Storm

197470	4.8	MEDIUM Network	octobercms	october	In OctoberCMS (october/october composer package) versions from 1.0.319 and before 1.0.466, a user with the ability to use the import functionality of the `ImportExportController` behavior can be soci…	CWE-79 Cross-site Scripting	CVE-2020-5298	2024-11-21 14:33	2020-06-4	Show	GitHub Exploit DB Packet Storm