Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":May 12, 2026, 6 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
250671 4.3 警告 Hotaru CMS - Hotaru CMS の Search プラグイン内にある Hotaru.php におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2011-4709 2011-12-13 14:52 2011-12-8 Show GitHub Exploit DB Packet Storm
250672 4.3 警告 IBM - IBM Rational Asset Manager におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2011-4708 2011-12-13 14:51 2011-05-5 Show GitHub Exploit DB Packet Storm
250673 4.3 警告 SAP - SAP Netweaver の Virus Scan Interface におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2011-4707 2011-12-13 14:50 2011-12-8 Show GitHub Exploit DB Packet Storm
250674 5 警告 Igor Sysoev - nginx におけるヒープベースのバッファオーバーフローの脆弱性 CWE-119
バッファエラー 		CVE-2011-4315 2011-12-13 14:49 2011-11-15 Show GitHub Exploit DB Packet Storm
250675 7.5 危険 Mambo Foundation - Mambo CMS の administrator/index2.php における SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2011-2917 2011-12-13 14:41 2011-12-8 Show GitHub Exploit DB Packet Storm
250676 6.8 警告 MIT Kerberos - MIT Kerberos の process_tgs_req 関数におけるサービス運用妨害 (DoS) の脆弱性 CWE-399
リソース管理の問題 		CVE-2011-1530 2011-12-13 14:40 2011-12-6 Show GitHub Exploit DB Packet Storm
250677 6.4 警告 BlackBerry - BlackBerry Administration API におけるテキストファイルを読まれる脆弱性 CWE-noinfo
情報不足 		CVE-2011-0287 2011-12-13 14:35 2011-07-12 Show GitHub Exploit DB Packet Storm
250678 6.4 警告 Widelands - Widelands におけるパストラバーサル攻撃を誘発される脆弱性 CWE-22
パス・トラバーサル 		CVE-2011-4675 2011-12-12 18:21 2011-12-5 Show GitHub Exploit DB Packet Storm
250679 5 警告 One Click Orgs - One Click Orgs のパスワードリセット機能におけるユーザアカウントを列挙される脆弱性 CWE-255
証明書・パスワード管理 		CVE-2011-4678 2011-12-12 18:19 2011-12-6 Show GitHub Exploit DB Packet Storm
250680 4 警告 One Click Orgs - One Click Orgs におけるサービス運用妨害 (ログイン障害) の脆弱性 CWE-255
証明書・パスワード管理 		CVE-2011-4555 2011-12-12 18:18 2011-12-6 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:May 12, 2026, 5:06 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
210261 5.3 MEDIUM
Network 		fanuc series_30i_firmware
series_31i_firmware
series_32i-b_plus_firmware
series_35i-b_firmware
power_motion_i-model_a_firmware
series_0i-model_f_plus_firmware
series_0i-model_f_firmware 		A denial-of-service vulnerability in the Fanuc i Series CNC (0i-MD and 0i Mate-MD) could allow an unauthenticated, remote attacker to cause an affected CNC to become inaccessible to other devices. CWE-400
 Uncontrolled Resource Consumption 		CVE-2020-12739 2024-11-21 14:00 2020-08-4 Show GitHub Exploit DB Packet Storm
210262 7.5 HIGH
Network 		cherokee-project cherokee Cherokee 0.4.27 to 1.2.104 is affected by a denial of service due to a NULL pointer dereferences. A remote unauthenticated attacker can crash the server by sending an HTTP request to protected resour… CWE-476
 NULL Pointer Dereference 		CVE-2020-12845 2024-11-21 14:00 2020-07-28 Show GitHub Exploit DB Packet Storm
210263 5.5 MEDIUM
Local 		pulsesecure
ivanti 		pulse_connect_secure
connect_secure
pulse_policy_secure
policy_secure 		An issue was discovered in Pulse Policy Secure (PPS) and Pulse Connect Secure (PCS) Virtual Appliance before 9.1R8. By manipulating a certain kernel boot parameter, it can be tricked into dropping in… NVD-CWE-noinfo
CVE-2020-12880 2024-11-21 14:00 2020-07-28 Show GitHub Exploit DB Packet Storm
210264 9.8 CRITICAL
Network 		fortinet fortios An improper authentication vulnerability in SSL VPN in FortiOS 6.4.0, 6.2.0 to 6.2.3, 6.0.9 and below may result in a user being able to log in successfully without being prompted for the second fact… CWE-287
CWE-178
Improper Authentication
 Improper Handling of Case Sensitivity 		CVE-2020-12812 2024-11-21 14:00 2020-07-25 Show GitHub Exploit DB Packet Storm
210265 6.7 MEDIUM
Local 		dlink dsl-7740c_firmware D-Link DSL-7740C does not properly validate user input, which allows an authenticated LAN user to inject arbitrary command. CWE-78
OS Command  		CVE-2020-12774 2024-11-21 14:00 2020-07-22 Show GitHub Exploit DB Packet Storm
210266 8.8 HIGH
Network 		seczetta neprofile A remote code execution vulnerability was identified in SecZetta NEProfile 3.3.11. Authenticated remote adversaries can invoke code execution upon uploading a carefully crafted JPEG file as part of t… CWE-434
 Unrestricted Upload of File with Dangerous Type  		CVE-2020-12854 2024-11-21 14:00 2020-07-16 Show GitHub Exploit DB Packet Storm
210267 9.8 CRITICAL
Network 		inetsoftware i-net_clear_reports XXE injection can occur in i-net Clear Reports 2019 19.0.287 (Designer), as used in i-net HelpDesk and other products, when XML input containing a reference to an external entity is processed by a we… CWE-611
XXE 		CVE-2020-12684 2024-11-21 14:00 2020-07-16 Show GitHub Exploit DB Packet Storm
210268 4.6 MEDIUM
Physics 		yubico libykpiv
piv_tool_manager
yubikey_smart_card_minidriver 		An issue was discovered in Yubico libykpiv before 2.1.0. An attacker can trigger an incorrect free() in the ykpiv_util_generate_key() function in lib/util.c through incorrect error handling code. Thi… CWE-763
 Release of Invalid Pointer or Reference 		CVE-2020-13132 2024-11-21 14:00 2020-07-10 Show GitHub Exploit DB Packet Storm
210269 4.3 MEDIUM
Physics 		yubico libykpiv
piv_tool_manager
yubikey_smart_card_minidriver 		An issue was discovered in Yubico libykpiv before 2.1.0. lib/util.c in this library (which is included in yubico-piv-tool) does not properly check embedded length fields during device communication. … CWE-125
Out-of-bounds Read 		CVE-2020-13131 2024-11-21 14:00 2020-07-10 Show GitHub Exploit DB Packet Storm
210270 9.8 CRITICAL
Network 		protocol gossipsub Gossipsub 1.0 does not properly resist invalid message spam, such as an eclipse attack or a sybil attack. NVD-CWE-noinfo
CVE-2020-12821 2024-11-21 14:00 2020-07-8 Show GitHub Exploit DB Packet Storm