Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":May 12, 2026, 4:01 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
250691 5 警告 マイクロソフト - Microsoft Internet Explorer における文書の存在を容易に推測される脆弱性 CWE-264
認可・権限・アクセス制御 		CVE-2011-4689 2011-12-12 16:33 2011-12-7 Show GitHub Exploit DB Packet Storm
250692 5 警告 Mozilla Foundation - Mozilla Firefox におけるブラウザキャッシュ内の文書の存在を容易に推測される脆弱性 CWE-264
認可・権限・アクセス制御 		CVE-2011-4688 2011-12-12 16:31 2011-12-7 Show GitHub Exploit DB Packet Storm
250693 4.3 警告 Mozilla Foundation - 複数の Mozilla 製品のレイアウトエンジンにおける重要な情報を取得される脆弱性 CWE-362
競合状態 		CVE-2010-5074 2011-12-12 16:22 2010-03-31 Show GitHub Exploit DB Packet Storm
250694 5 警告 Google - Google Chrome の JavaScript 実装における重要な情報を取得される脆弱性 CWE-264
認可・権限・アクセス制御 		CVE-2010-5073 2011-12-12 16:21 2011-12-7 Show GitHub Exploit DB Packet Storm
250695 5 警告 Opera Software ASA - Opera の JavaScript 実装における重要な情報を取得される脆弱性 CWE-264
認可・権限・アクセス制御 		CVE-2010-5072 2011-12-12 16:20 2011-12-7 Show GitHub Exploit DB Packet Storm
250696 5 警告 マイクロソフト - Microsoft Internet Explorer の JavaScript 実装における重要な情報を取得される脆弱性 CWE-264
認可・権限・アクセス制御 		CVE-2010-5071 2011-12-12 16:19 2011-12-7 Show GitHub Exploit DB Packet Storm
250697 5 警告 アップル - Apple Safari の JavaScript 実装における重要な情報を取得される脆弱性 CWE-264
認可・権限・アクセス制御 		CVE-2010-5070 2011-12-12 16:17 2011-12-7 Show GitHub Exploit DB Packet Storm
250698 4.3 警告 Google - Google Chrome の Cascading Style Sheets 実装における重要な情報を取得される脆弱性 CWE-200
情報漏えい 		CVE-2010-5069 2011-12-12 16:16 2011-12-7 Show GitHub Exploit DB Packet Storm
250699 4.3 警告 Opera Software ASA - Opera の Cascading Style Sheets (CSS) 実装における重要な情報を取得される脆弱性 CWE-200
情報漏えい 		CVE-2010-5068 2011-12-12 16:14 2011-12-7 Show GitHub Exploit DB Packet Storm
250700 5 警告 Mozilla Foundation - 複数の Mozilla 製品の JavaScript 実装における重要な情報を取得される脆弱性 CWE-264
認可・権限・アクセス制御 		CVE-2002-2437 2011-12-12 16:12 2011-12-7 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:May 12, 2026, 5:06 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
196761 6.1 MEDIUM
Network 		siemens climatix_pol908_firmware
climatix_pol909_firmware 		A vulnerability has been identified in Climatix POL908 (BACnet/IP module) (All versions), Climatix POL909 (AWM module) (All versions < V11.32). A persistent cross-site scripting (XSS) vulnerability e… CWE-79
Cross-site Scripting 		CVE-2020-7574 2024-11-21 14:37 2020-04-15 Show GitHub Exploit DB Packet Storm
196762 5.3 MEDIUM
Network 		sds_project sds sds through 3.2.0 is vulnerable to Prototype Pollution.The library could be tricked into adding or modifying properties of the 'Object.prototype' by abusing the 'set' function located in 'js/set.js'. CWE-1321
 Improperly Controlled Modification of Object Prototype Attributes ('Prototype Pollution') 		CVE-2020-7618 2024-11-21 14:37 2020-04-7 Show GitHub Exploit DB Packet Storm
196763 5.3 MEDIUM
Network 		express-mock-middleware_project express-mock-middleware express-mock-middleware through 0.0.6 is vulnerable to Prototype Pollution. Exported functions by the package can be tricked into adding or modifying properties of the `Object.prototype`. Exploitatio… CWE-1321
 Improperly Controlled Modification of Object Prototype Attributes ('Prototype Pollution') 		CVE-2020-7616 2024-11-21 14:37 2020-04-7 Show GitHub Exploit DB Packet Storm
196764 7.8 HIGH
Local 		fsa_project fsa fsa through 0.5.1 is vulnerable to Command Injection. The first argument of 'execGitCommand()', located within 'lib/rep.js#63' can be controlled by users without any sanitization to inject arbitrary … CWE-78
OS Command  		CVE-2020-7615 2024-11-21 14:37 2020-04-7 Show GitHub Exploit DB Packet Storm
196765 9.8 CRITICAL
Network 		npm-programmatic_project npm-programmatic npm-programmatic through 0.0.12 is vulnerable to Command Injection.The packages and option properties are concatenated together without any validation and are used by the 'exec' function directly. CWE-20
CWE-78
 Improper Input Validation 
OS Command  		CVE-2020-7614 2024-11-21 14:37 2020-04-7 Show GitHub Exploit DB Packet Storm
196766 8.1 HIGH
Network 		clamscan_project clamscan clamscan through 1.2.0 is vulnerable to Command Injection. It is possible to inject arbitrary commands as part of the `_is_clamav_binary` function located within `Index.js`. It should be noted that t… CWE-78
OS Command  		CVE-2020-7613 2024-11-21 14:37 2020-04-7 Show GitHub Exploit DB Packet Storm
196767 9.8 CRITICAL
Network 		jooby jooby This affects the package io.jooby:jooby-netty before 1.6.9, from 2.0.0 and before 2.2.1. The DefaultHttpHeaders is set to false which means it does not validates that the header isn't being abused fo… NVD-CWE-Other
CVE-2020-7622 2024-11-21 14:37 2020-04-7 Show GitHub Exploit DB Packet Storm
196768 5.3 MEDIUM
Network 		dot_project dot eivindfjeldstad-dot below 1.0.3 is vulnerable to Prototype Pollution.The function 'set' could be tricked into adding or modifying properties of 'Object.prototype' using a '__proto__' payload. CWE-1321
 Improperly Controlled Modification of Object Prototype Attributes ('Prototype Pollution') 		CVE-2020-7639 2024-11-21 14:37 2020-04-6 Show GitHub Exploit DB Packet Storm
196769 5.3 MEDIUM
Network 		confinit_project confinit confinit through 0.3.0 is vulnerable to Prototype Pollution.The 'setDeepProperty' function could be tricked into adding or modifying properties of 'Object.prototype' using a '__proto__' payload. CWE-1321
 Improperly Controlled Modification of Object Prototype Attributes ('Prototype Pollution') 		CVE-2020-7638 2024-11-21 14:37 2020-04-6 Show GitHub Exploit DB Packet Storm
196770 5.3 MEDIUM
Network 		class-transformer_project class-transformer class-transformer before 0.3.1 allow attackers to perform Prototype Pollution. The classToPlainFromExist function could be tricked into adding or modifying properties of Object.prototype using a __pr… CWE-1321
 Improperly Controlled Modification of Object Prototype Attributes ('Prototype Pollution') 		CVE-2020-7637 2024-11-21 14:37 2020-04-6 Show GitHub Exploit DB Packet Storm