Vulnerability Search Top

Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

Vulnerability Information Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":June 3, 2026, 10 a.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
250651	2.6	注意	amix	-	Skeletonz CMS 1.0 のコメント機能におけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2010-4734	2012-03-27 18:42	2011-02-15	Show	GitHub Exploit DB Packet Storm

250652	4.3	警告	LightNEasy	-	LightNEasy の LightNEasy.php におけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2010-4753	2012-03-27 18:42	2011-03-1	Show	GitHub Exploit DB Packet Storm

250653	6.8	警告	LightNEasy	-	LightNEasy の LightNEasy.php における SQL インジェクションの脆弱性	CWE-89 SQLインジェクション	CVE-2010-4752	2012-03-27 18:42	2011-03-1	Show	GitHub Exploit DB Packet Storm

250654	6	警告	LightNEasy	-	LightNEasy の LightNEasy.php における SQL インジェクションの脆弱性	CWE-89 SQLインジェクション	CVE-2010-4751	2012-03-27 18:42	2011-03-1	Show	GitHub Exploit DB Packet Storm

250655	6.8	警告	blogcms	-	BLOG:CMS の admin/libs/ADMIN.php におけるクロスサイトリクエストフォージェリの脆弱性	CWE-352 同一生成元ポリシー違反	CVE-2010-4750	2012-03-27 18:42	2011-03-1	Show	GitHub Exploit DB Packet Storm

250656	6.8	警告	Zikula Foundation	-	Zikula におけるクロスサイトリクエストフォージェリ攻撃を誘発される脆弱性	CWE-352 同一生成元ポリシー違反	CVE-2010-4729	2012-03-27 18:42	2011-02-8	Show	GitHub Exploit DB Packet Storm

250657	5	警告	Zikula Foundation	-	Zikula における乱数化をベースにした保護機能を破られる脆弱性	CWE-310 暗号の問題	CVE-2010-4728	2012-03-27 18:42	2011-02-8	Show	GitHub Exploit DB Packet Storm

250658	10	危険	Smarty	-	Smarty における詳細不明の脆弱性	CWE-20 不適切な入力確認	CVE-2010-4727	2012-03-27 18:42	2011-02-3	Show	GitHub Exploit DB Packet Storm

250659	10	危険	Smarty	-	Smarty の math プラグインにおける詳細不明の脆弱性	CWE-noinfo 情報不足	CVE-2010-4726	2012-03-27 18:42	2011-02-3	Show	GitHub Exploit DB Packet Storm

250660	10	危険	Smarty	-	Smarty における詳細不明の脆弱性	CWE-noinfo 情報不足	CVE-2010-4725	2012-03-27 18:42	2011-02-3	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:June 3, 2026, 4:18 a.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
208891	4.3	MEDIUM Network	gitlab	gitlab	Information about the starred projects for private user profiles was exposed via the GraphQL API starting from 12.2 via the REST API. This affects GitLab >=12.2 to <13.4.7, >=13.5 to <13.5.5, and >=1…	CWE-200 CWE-862 Information Exposure Missing Authorization	CVE-2020-26415	2024-11-21 14:19	2020-12-11	Show	GitHub Exploit DB Packet Storm

208892	5.3	MEDIUM Network	gitlab	gitlab	An issue has been discovered in GitLab CE/EE affecting all versions starting from 13.4 before 13.6.2. Information disclosure via GraphQL results in user email being unexpectedly visible.	CWE-200 Information Exposure	CVE-2020-26413	2024-11-21 14:19	2020-12-11	Show	GitHub Exploit DB Packet Storm

208893	4.3	MEDIUM Network	gitlab	gitlab	Removed group members were able to use the To-Do functionality to retrieve updated information on confidential epics starting in GitLab EE 13.2 before 13.6.2.	NVD-CWE-noinfo	CVE-2020-26412	2024-11-21 14:19	2020-12-11	Show	GitHub Exploit DB Packet Storm

208894	5.3	MEDIUM Network	gitlab	gitlab	A limited information disclosure vulnerability exists in Gitlab CE/EE from >= 12.2 to <13.4.7, >=13.5 to <13.5.5, and >=13.6 to <13.6.2 that allows an attacker to view limited information in user's p…	CWE-862 Missing Authorization	CVE-2020-26408	2024-11-21 14:19	2020-12-11	Show	GitHub Exploit DB Packet Storm

208895	6.5	MEDIUM Network	gitlab	gitlab	A DOS vulnerability exists in Gitlab CE/EE >=10.3, <13.4.7,>=13.5, <13.5.5,>=13.6, <13.6.2 that allows an attacker to trigger uncontrolled resource by bypassing input validation in markdown fields.	CWE-20 CWE-400 Improper Input Validation Uncontrolled Resource Consumption	CVE-2020-26409	2024-11-21 14:19	2020-12-11	Show	GitHub Exploit DB Packet Storm

208896	3.3	LOW Local	google	tensorflow	In affected versions of TensorFlow running an LSTM/GRU model where the LSTM/GRU layer receives an input with zero-length results in a CHECK failure when using the CUDA backend. This can result in a q…	CWE-20 Improper Input Validation	CVE-2020-26270	2024-11-21 14:19	2020-12-11	Show	GitHub Exploit DB Packet Storm

208897	7.5	HIGH Network	google	tensorflow	In TensorFlow release candidate versions 2.4.0rc*, the general implementation for matching filesystem paths to globbing pattern is vulnerable to an access out of bounds of the array holding the direc…	CWE-125 Out-of-bounds Read	CVE-2020-26269	2024-11-21 14:19	2020-12-11	Show	GitHub Exploit DB Packet Storm

208898	7.8	HIGH Local	google	tensorflow	In affected versions of TensorFlow the tf.raw_ops.DataFormatVecPermute API does not validate the src_format and dst_format attributes. The code assumes that these two arguments define a permutation o…	CWE-125 Out-of-bounds Read	CVE-2020-26267	2024-11-21 14:19	2020-12-11	Show	GitHub Exploit DB Packet Storm

208899	5.3	MEDIUM Local	google	tensorflow	In affected versions of TensorFlow under certain cases a saved model can trigger use of uninitialized values during code execution. This is caused by having tensor buffers be filled with the default …	CWE-908 Use of Uninitialized Resource	CVE-2020-26266	2024-11-21 14:19	2020-12-11	Show	GitHub Exploit DB Packet Storm

208900	9.8	CRITICAL Network	askey	ap5100w_firmware	Askey AP5100W_Dual_SIG_1.01.097 and all prior versions use a weak password at the Operating System (rlx-linux) level. This allows an attacker to gain unauthorized access as an admin or root user to t…	CWE-521 Weak Password Requirements	CVE-2020-26201	2024-11-21 14:19	2020-12-11	Show	GitHub Exploit DB Packet Storm