Vulnerability Search Top

Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

Vulnerability Information Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":May 12, 2026, 6 p.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
250961	4.3	警告	Zoho Corporation	-	ManageEngine ADManager Plus におけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2010-5050	2011-11-25 11:43	2011-11-23	Show	GitHub Exploit DB Packet Storm

250962	7.5	危険	Zabbix	-	Zabbix の events.php における SQL インジェクションの脆弱性	CWE-89 SQLインジェクション	CVE-2010-5049	2011-11-25 11:42	2011-11-23	Show	GitHub Exploit DB Packet Storm

250963	4.3	警告	JoomlaTune Joomla!	-	JoomlaTune JComments におけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2010-5048	2011-11-25 11:42	2011-11-23	Show	GitHub Exploit DB Packet Storm

250964	7.5	危険	V-EVA	-	V-EVA Press Release Script における任意の SQL コマンドを実行される脆弱性	CWE-89 SQLインジェクション	CVE-2010-5047	2011-11-25 11:41	2011-11-23	Show	GitHub Exploit DB Packet Storm

250965	4.3	警告	ecoCMS	-	ecoCMS の admin.php におけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2010-5046	2011-11-25 11:40	2011-11-23	Show	GitHub Exploit DB Packet Storm

250966	7.5	危険	Alephsystem	-	CMS Ariadna の detResolucion.php における SQL インジェクションの脆弱性	CWE-89 SQLインジェクション	CVE-2010-5058	2011-11-25 10:14	2011-11-23	Show	GitHub Exploit DB Packet Storm

250967	7.5	危険	Alephsystem	-	CMS Ariadna の detResolucion.php における SQL インジェクションの脆弱性	CWE-89 SQLインジェクション	CVE-2010-5057	2011-11-25 10:13	2011-11-23	Show	GitHub Exploit DB Packet Storm

250968	7.5	危険	IXXO Internet Solutions	-	XOBBIX コンポーネントにおける SQL インジェクションの脆弱性	CWE-89 SQLインジェクション	CVE-2010-5053	2011-11-25 10:08	2011-11-23	Show	GitHub Exploit DB Packet Storm

250969	4.3	警告	Joomla!	-	Joomla! におけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2011-4332	2011-11-25 09:39	2011-03-24	Show	GitHub Exploit DB Packet Storm

250970	5	警告	Joomla!	-	Joomla! における任意のユーザのパスワードを変更される脆弱性	CWE-189 数値処理の問題	CVE-2011-4321	2011-11-25 09:38	2011-10-28	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:May 13, 2026, 5:05 a.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
196391	5.5	MEDIUM Local	linux canonical opensuse netapp	linux_kernel ubuntu_linux leap cloud_backup steelstore_cloud_integrated_storage data_availability_services solidfire hci_management_node active_iq_unified_manager h410c_fir…	ext4_protect_reserved_inode in fs/ext4/block_validity.c in the Linux kernel through 5.5.3 allows attackers to cause a denial of service (soft lockup) via a crafted journal size.	CWE-400 CWE-834 Uncontrolled Resource Consumption Excessive Iteration	CVE-2020-8992	2024-11-21 14:39	2020-02-14	Show	GitHub Exploit DB Packet Storm

196392	2.3	LOW Local	redhat	lvm2	vg_lookup in daemons/lvmetad/lvmetad-core.c in LVM2 2.02 mismanages memory, leading to an lvmetad memory leak, as demonstrated by running pvs. NOTE: RedHat disputes CVE-2020-8991 as not being a vulne…	CWE-401 Missing Release of Memory after Effective Lifetime	CVE-2020-8991	2024-11-21 14:39	2020-02-14	Show	GitHub Exploit DB Packet Storm

196393	5.3	MEDIUM Network	voatz	voatz	In the Voatz application 2020-01-01 for Android, the amount of data transmitted during a single voter's vote depends on the different lengths of the metadata across the available voting choices, whic…	CWE-203 Information Exposure Through Discrepancy	CVE-2020-8989	2024-11-21 14:39	2020-02-14	Show	GitHub Exploit DB Packet Storm

196394	5.9	MEDIUM Network	voatz	voatz	The Voatz application 2020-01-01 for Android allows only 100 million different PINs, which makes it easier for attackers (after using root access to make a copy of the local database) to discover log…	CWE-330 CWE-521 Use of Insufficiently Random Values Weak Password Requirements	CVE-2020-8988	2024-11-21 14:39	2020-02-14	Show	GitHub Exploit DB Packet Storm

196395	6.1	MEDIUM Network	mantisbt	source_integration	A cross-site scripting (XSS) vulnerability was discovered in the Source Integration plugin before 1.6.2 and 2.x before 2.3.1 for MantisBT. The repo_delete.php Delete Repository page allows execution …	CWE-79 Cross-site Scripting	CVE-2020-8981	2024-11-21 14:39	2020-02-14	Show	GitHub Exploit DB Packet Storm

196396	6.5	MEDIUM Network	salesagility	suitecrm	SuiteCRM through 7.11.10 allows SQL Injection via the SOAP API, the EmailUIAjax interface, or the MailMerge module.	CWE-89 SQL Injection	CVE-2020-8804	2024-11-21 14:39	2020-02-14	Show	GitHub Exploit DB Packet Storm

196397	9.8	CRITICAL Network	salesagility	suitecrm	SuiteCRM through 7.11.11 allows Directory Traversal to include arbitrary .php files within the webroot via add_to_prospect_list.	CWE-22 Path Traversal	CVE-2020-8803	2024-11-21 14:39	2020-02-14	Show	GitHub Exploit DB Packet Storm

196398	9.8	CRITICAL Network	salesagility	suitecrm	SuiteCRM through 7.11.11 has Incorrect Access Control via action_saveHTMLField Bean Manipulation.	CWE-89 SQL Injection	CVE-2020-8802	2024-11-21 14:39	2020-02-14	Show	GitHub Exploit DB Packet Storm

196399	7.2	HIGH Network	salesagility	suitecrm	SuiteCRM through 7.11.11 allows PHAR Deserialization.	CWE-502 Deserialization of Untrusted Data	CVE-2020-8801	2024-11-21 14:39	2020-02-14	Show	GitHub Exploit DB Packet Storm

196400	8.8	HIGH Network	salesagility	suitecrm	SuiteCRM through 7.11.11 allows EmailsControllerActionGetFromFields PHP Object Injection.	CWE-74 Injection	CVE-2020-8800	2024-11-21 14:39	2020-02-14	Show	GitHub Exploit DB Packet Storm