Vulnerability Search Top

Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

Vulnerability Information Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":May 13, 2026, 2:01 p.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
250891	7.5	危険	2daybiz	-	2daybiz Polls Script の searchvote.php における SQL インジェクションの脆弱性	CWE-89 SQLインジェクション	CVE-2010-5004	2011-12-9 14:16	2011-11-2	Show	GitHub Exploit DB Packet Storm

250892	4.3	警告	Rayzz	-	Rayzz Photoz の members/profileCommentsResponse.php におけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2010-5005	2011-12-9 14:15	2011-11-2	Show	GitHub Exploit DB Packet Storm

250893	7.5	危険	Emophp Programming	-	EMO Realty Manager の googlemap/index.php における SQL インジェクションの脆弱性	CWE-89 SQLインジェクション	CVE-2010-5006	2011-12-9 14:15	2011-11-2	Show	GitHub Exploit DB Packet Storm

250894	4.3	警告	ut-files	-	UTStats の pages/match_report.php におけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2010-5007	2011-12-9 14:14	2011-11-2	Show	GitHub Exploit DB Packet Storm

250895	7.5	危険	Denali	-	BrightSuite Groupware における SQL インジェクションの脆弱性	CWE-89 SQLインジェクション	CVE-2010-5008	2011-12-9 14:13	2011-11-2	Show	GitHub Exploit DB Packet Storm

250896	7.5	危険	ut-files	-	UTStats の index.php における SQL インジェクションの脆弱性	CWE-89 SQLインジェクション	CVE-2010-5009	2011-12-9 14:12	2011-11-2	Show	GitHub Exploit DB Packet Storm

250897	4.3	警告	FullSite Pty Ltd	-	SchoolMation におけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2010-5010	2011-12-9 14:10	2011-11-2	Show	GitHub Exploit DB Packet Storm

250898	7.5	危険	FullSite Pty Ltd	-	SchoolMation における SQL インジェクションの脆弱性	CWE-89 SQLインジェクション	CVE-2010-5011	2011-12-9 14:10	2011-11-2	Show	GitHub Exploit DB Packet Storm

250899	7.5	危険	David Noguera Gutierrez	-	DaLogin における SQL インジェクションの脆弱性	CWE-89 SQLインジェクション	CVE-2010-5012	2011-12-9 14:09	2011-11-2	Show	GitHub Exploit DB Packet Storm

250900	7.5	危険	McKenzie Creations	-	Mckenzie Creations Virtual Real Estate Manager における SQL インジェクションの脆弱性	CWE-89 SQLインジェクション	CVE-2010-5013	2011-12-9 14:04	2011-11-2	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:May 13, 2026, 5:05 a.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
196461	5.5	MEDIUM Local	lenovo	pcmanager	A denial of service vulnerability was reported in Lenovo PCManager, prior to version 3.0.200.2042, that could allow configuration files to be written to non-standard locations.	CWE-276 Incorrect Default Permissions	CVE-2020-8357	2024-11-21 14:38	2021-03-10	Show	GitHub Exploit DB Packet Storm

196462	4.9	MEDIUM Network	lenovo	xclarity_orchestrator	An internal product security audit of LXCO, prior to version 1.2.2, discovered that optional passwords, if specified, for the Syslog and SMTP forwarders are written to an internal LXCO log file in cl…	CWE-319 Cleartext Transmission of Sensitive Information	CVE-2020-8356	2024-11-21 14:38	2021-03-10	Show	GitHub Exploit DB Packet Storm

196463	9.8	CRITICAL Network	fs-path_project	fs-path	fs-path node module before 0.0.25 is vulnerable to command injection by way of user-supplied inputs via the `copy`, `copySync`, `remove`, and `removeSync` methods.	CWE-77 Command Injection	CVE-2020-8298	2024-11-21 14:38	2021-03-5	Show	GitHub Exploit DB Packet Storm

196464	6.7	MEDIUM Local	nextcloud fedoraproject	nextcloud_server fedora	Nextcloud Server prior to 20.0.0 stores passwords in a recoverable format even when external storage is not configured.	CWE-521 Weak Password Requirements	CVE-2020-8296	2024-11-21 14:38	2021-03-4	Show	GitHub Exploit DB Packet Storm

196465	6.5	MEDIUM Network	mongodb	mongodb	A user authorized to perform database queries may trigger denial of service by issuing specially crafted query contain a type of regex. This issue affects MongoDB Server v3.6 versions prior to 3.6.21…	NVD-CWE-Other	CVE-2020-7929	2024-11-21 14:38	2021-03-2	Show	GitHub Exploit DB Packet Storm

196466	7.0	HIGH Local	opensuse	cyrus-sasl	A Insecure Temporary File vulnerability in the packaging of cyrus-sasl of openSUSE Factory allows local attackers to escalate to root. This issue affects: openSUSE Factory cyrus-sasl version 2.1.27-4…	-	CVE-2020-8032	2024-11-21 14:38	2021-02-25	Show	GitHub Exploit DB Packet Storm

196467	4.3	MEDIUM Network	nextcloud	deck	Nextcloud Deck before 1.0.2 suffers from an insecure direct object reference (IDOR) vulnerability that permits users with a duplicate user identifier to access deck data of a previous deleted user.	CWE-639 Authorization Bypass Through User-Controlled Key	CVE-2020-8297	2024-11-21 14:38	2021-02-24	Show	GitHub Exploit DB Packet Storm

196468	4.4	MEDIUM Local	suse	caas_platform	A Insecure Temporary File vulnerability in skuba of SUSE CaaS Platform 4.5 allows local attackers to leak the bootstrapToken or modify the configuration file before it is processed, leading to arbitr…	-	CVE-2020-8030	2024-11-21 14:38	2021-02-12	Show	GitHub Exploit DB Packet Storm

196469	4.0	MEDIUM Local	suse	caas_platform	A Incorrect Permission Assignment for Critical Resource vulnerability in skuba of SUSE CaaS Platform 4.5 allows local attackers to gain access to the kublet key. This issue affects: SUSE CaaS Platfor…	-	CVE-2020-8029	2024-11-21 14:38	2021-02-12	Show	GitHub Exploit DB Packet Storm

196470	5.4	MEDIUM Network	opensuse	open_build_service	A Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Open Build Service allows remote attackers to store JS code in markdown that is not properly es…	-	CVE-2020-8031	2024-11-21 14:38	2021-02-12	Show	GitHub Exploit DB Packet Storm