Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":May 15, 2026, 6 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
250851 5 警告 オラクル - Oracle Solaris における Network の処理に関する脆弱性 CWE-noinfo
情報不足 		CVE-2012-0096 2012-01-23 10:04 2012-01-17 Show GitHub Exploit DB Packet Storm
250852 6.8 警告 オラクル - Oracle Solaris における Kerberos の処理に関する脆弱性 CWE-noinfo
情報不足 		CVE-2012-0100 2012-01-23 10:03 2012-01-17 Show GitHub Exploit DB Packet Storm
250853 7.8 危険 オラクル - Oracle Solaris における TCP/IP の処理に関する脆弱性 CWE-noinfo
情報不足 		CVE-2012-0094 2012-01-23 09:59 2012-01-17 Show GitHub Exploit DB Packet Storm
250854 9.3 危険 7-Technologies - 7-Technologies Interactive Graphical SCADA System における権限を取得される脆弱性 CWE-Other
その他 		CVE-2011-4053 2012-01-20 16:50 2012-01-19 Show GitHub Exploit DB Packet Storm
250855 2.1 注意 DELL EMC (旧 EMC Corporation) - EMC SourceOne Email Management の Web 検索機能における重要な情報を取得される脆弱性 CWE-255
証明書・パスワード管理 		CVE-2011-4142 2012-01-20 16:49 2012-01-19 Show GitHub Exploit DB Packet Storm
250856 4.6 警告 IBM - IBM WebSphere Application Server の iscdeploy におけるファイルを読まれる脆弱性 CWE-264
認可・権限・アクセス制御 		CVE-2011-1376 2012-01-20 16:48 2012-01-18 Show GitHub Exploit DB Packet Storm
250857 4 警告 オラクル - Oracle JD Edwards Products の JD Edwards EnterpriseOne Tools コンポーネントにおける脆弱性 CWE-noinfo
情報不足 		CVE-2011-2317 2012-01-20 16:45 2012-01-17 Show GitHub Exploit DB Packet Storm
250858 4 警告 オラクル - Oracle JD Edwards Products の JD Edwards EnterpriseOne Tools コンポーネントにおける脆弱性 CWE-noinfo
情報不足 		CVE-2011-3524 2012-01-20 16:44 2012-01-17 Show GitHub Exploit DB Packet Storm
250859 4 警告 オラクル - Oracle JD Edwards Products の JD Edwards EnterpriseOne Tools コンポーネントにおける脆弱性 CWE-noinfo
情報不足 		CVE-2011-3514 2012-01-20 16:43 2012-01-17 Show GitHub Exploit DB Packet Storm
250860 4 警告 オラクル - Oracle JD Edwards Products の JD Edwards EnterpriseOne Tools コンポーネントにおける脆弱性 CWE-noinfo
情報不足 		CVE-2011-3509 2012-01-20 16:40 2012-01-17 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:May 15, 2026, 4:28 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
209801 9.1 CRITICAL
Network 		ntop ndpi In nDPI through 3.2, the packet parsing code is vulnerable to a heap-based buffer over-read in ndpi_parse_packet_line_info in lib/ndpi_main.c. CWE-125
Out-of-bounds Read 		CVE-2020-15471 2024-11-21 14:05 2020-07-1 Show GitHub Exploit DB Packet Storm
209802 5.5 MEDIUM
Local 		rockcarry ffjpeg ffjpeg through 2020-02-24 has a heap-based buffer overflow in jfif_decode in jfif.c. CWE-787
 Out-of-bounds Write 		CVE-2020-15470 2024-11-21 14:05 2020-07-1 Show GitHub Exploit DB Packet Storm
209803 9.8 CRITICAL
Network 		persian_vip_download_script_project persian_vip_download_script Persian VIP Download Script 1.0 allows SQL Injection via the cart_edit.php active parameter. CWE-89
SQL Injection 		CVE-2020-15468 2024-11-21 14:05 2020-07-1 Show GitHub Exploit DB Packet Storm
209804 6.1 MEDIUM
Network 		nozominetworks guardian Nozomi Guardian before 19.0.4 allows attackers to achieve stored XSS (in the web front end) by leveraging the ability to create a custom field with a crafted field name. CWE-79
Cross-site Scripting 		CVE-2020-15307 2024-11-21 14:05 2020-07-1 Show GitHub Exploit DB Packet Storm
209805 9.8 CRITICAL
Network 		draytek vigor3900_firmware
vigor2960_firmware
vigor300b_firmware 		On DrayTek Vigor3900, Vigor2960, and Vigor300B devices before 1.5.1, cgi-bin/mainfunction.cgi/cvmcfgupload allows remote command execution via shell metacharacters in a filename when the text/x-pytho… CWE-78
OS Command  		CVE-2020-15415 2024-11-21 14:05 2020-06-30 Show GitHub Exploit DB Packet Storm
209806 4.3 MEDIUM
Network 		misp misp An issue was discovered in MISP 2.4.128. app/Controller/EventsController.php lacks an event ACL check before proceeding to allow a user to send an event contact form. CWE-862
 Missing Authorization 		CVE-2020-15412 2024-11-21 14:05 2020-06-30 Show GitHub Exploit DB Packet Storm
209807 9.8 CRITICAL
Network 		misp misp An issue was discovered in MISP 2.4.128. app/Controller/AttributesController.php has insufficient ACL checks in the attachment downloader. NVD-CWE-noinfo
CVE-2020-15411 2024-11-21 14:05 2020-06-30 Show GitHub Exploit DB Packet Storm
209808 4.4 MEDIUM
Local 		iobit malware_fighter IOBit Malware Fighter Pro 8.0.2.547 allows local users to gain privileges for file deletion by manipulating malicious flagged file locations with an NTFS junction and an Object Manager symbolic link. CWE-59
Link Following 		CVE-2020-15401 2024-11-21 14:05 2020-06-30 Show GitHub Exploit DB Packet Storm
209809 4.3 MEDIUM
Network 		cakefoundation cakephp CakePHP before 4.0.6 mishandles CSRF token generation. This might be remotely exploitable in conjunction with XSS. CWE-352
CWE-79
 Origin Validation Error
Cross-site Scripting 		CVE-2020-15400 2024-11-21 14:05 2020-06-30 Show GitHub Exploit DB Packet Storm
209810 7.8 HIGH
Local 		hylafax\+_project
ifax 		hylafax\+
hylafax_enterprise 		HylaFAX+ through 7.0.2 and HylaFAX Enterprise have scripts that execute binaries from directories writable by unprivileged users (e.g., locations under /var/spool/hylafax that are writable by the uuc… CWE-732
 Incorrect Permission Assignment for Critical Resource 		CVE-2020-15397 2024-11-21 14:05 2020-06-30 Show GitHub Exploit DB Packet Storm