Vulnerability Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":May 10, 2026, noon

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
250971	6.8	警告	アップル	-	Apple Mac OS X の QuickTime における任意のコードを実行される脆弱性	CWE-94 コード・インジェクション	CVE-2011-3221	2011-10-26 09:41	2011-10-14	Show	GitHub Exploit DB Packet Storm

250972	6.8	警告	Django Software Foundation	-	Django の CSRF 保護メカニズムにおける認証されずに偽造されたリクエストを誘発される脆弱性	CWE-352 同一生成元ポリシー違反	CVE-2011-4140	2011-10-25 16:54	2011-09-9	Show	GitHub Exploit DB Packet Storm

250973	5	警告	Django Software Foundation	-	Django におけるキャッシュポイズニング攻撃を誘発される脆弱性	CWE-20 不適切な入力確認	CVE-2011-4139	2011-10-25 16:54	2011-09-9	Show	GitHub Exploit DB Packet Storm

250974	5	警告	Django Software Foundation	-	Django の URLField 実装内にある verify_exists 機能における任意の GET リクエストを誘発される脆弱性	CWE-20 不適切な入力確認	CVE-2011-4138	2011-10-25 16:53	2011-09-9	Show	GitHub Exploit DB Packet Storm

250975	5	警告	Django Software Foundation	-	Django の URLField 実装内にある verify_exists 機能におけるサービス運用妨害 (リソース消費) の脆弱性	CWE-399 リソース管理の問題	CVE-2011-4137	2011-10-25 16:53	2011-09-9	Show	GitHub Exploit DB Packet Storm

250976	5.8	警告	Django Software Foundation	-	Django の django.contrib.sessions におけるセッションを変更される脆弱性	CWE-20 不適切な入力確認	CVE-2011-4136	2011-10-25 16:52	2011-09-9	Show	GitHub Exploit DB Packet Storm

250977	4.3	警告	シスコシステムズ	-	Cisco TelePresence Video Communication Servers の管理インターフェイスにおけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2011-3294	2011-10-25 16:50	2011-10-12	Show	GitHub Exploit DB Packet Storm

250978	10	危険	ヒューレット・パッカード	-	HP Data Protector における任意のコードを実行される脆弱性	CWE-noinfo 情報不足	CVE-2011-3162	2011-10-25 16:50	2011-10-18	Show	GitHub Exploit DB Packet Storm

250979	10	危険	ヒューレット・パッカード	-	HP Data Protector における任意のコードを実行される脆弱性	CWE-noinfo 情報不足	CVE-2011-3161	2011-10-25 16:49	2011-10-18	Show	GitHub Exploit DB Packet Storm

250980	10	危険	ヒューレット・パッカード	-	HP Data Protector における任意のコードを実行される脆弱性	CWE-noinfo 情報不足	CVE-2011-3160	2011-10-25 16:48	2011-10-18	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:May 10, 2026, 4:58 a.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
210141	7.2	HIGH Network	wso2	identity_server_analytics identity_server identity_server_as_key_manager enterprise_integrator api_microgateway api_manager_analytics api_manager	XXE during an EventPublisher update can occur in Management Console in WSO2 API Manager 3.0.0 and earlier, API Manager Analytics 2.5.0 and earlier, API Microgateway 2.2.0, Enterprise Integrator 6.4.0…	CWE-611 XXE	CVE-2020-12719	2024-11-21 14:00	2020-05-8	Show	GitHub Exploit DB Packet Storm

210142	5.4	MEDIUM Network	php-fusion	php-fusion	In administration/comments.php in PHP-Fusion 9.03.50, an authenticated attacker can take advantage of a stored XSS vulnerability in the Preview Comment feature. The protection mechanism can be bypass…	CWE-79 Cross-site Scripting	CVE-2020-12718	2024-11-21 14:00	2020-05-8	Show	GitHub Exploit DB Packet Storm

210143	6.1	MEDIUM Network	php-fusion	php-fusion	Multiple cross-site scripting vulnerabilities in PHP-Fusion 9.03.50 allow remote attackers to inject arbitrary web script or HTML via the cat_id parameter to downloads/downloads.php or article.php. N…	CWE-79 Cross-site Scripting	CVE-2020-12708	2024-11-21 14:00	2020-05-8	Show	GitHub Exploit DB Packet Storm

210144	6.1	MEDIUM Network	lepton-cms	lepton_cms	An XSS vulnerability exists in modules/wysiwyg/save.php of LeptonCMS 4.5.0. This can be exploited because the only security measure used against XSS is the stripping of SCRIPT elements. A malicious a…	CWE-79 Cross-site Scripting	CVE-2020-12707	2024-11-21 14:00	2020-05-8	Show	GitHub Exploit DB Packet Storm

210145	5.4	MEDIUM Network	php-fusion	php-fusion	Multiple Cross-site scripting vulnerabilities in PHP-Fusion 9.03.50 allow remote attackers to inject arbitrary web script or HTML via the go parameter to faq/faq_admin.php or shoutbox_panel/shoutbox_…	CWE-79 Cross-site Scripting	CVE-2020-12706	2024-11-21 14:00	2020-05-8	Show	GitHub Exploit DB Packet Storm

210146	6.1	MEDIUM Network	lepton-cms	leptoncms	Multiple cross-site scripting (XSS) vulnerabilities exist in LeptonCMS before 4.6.0.	CWE-79 Cross-site Scripting	CVE-2020-12705	2024-11-21 14:00	2020-05-8	Show	GitHub Exploit DB Packet Storm

210147	6.1	MEDIUM Network	ulicms	ulicms	UliCMS before 2020.2 has PageController stored XSS.	CWE-79 Cross-site Scripting	CVE-2020-12704	2024-11-21 14:00	2020-05-8	Show	GitHub Exploit DB Packet Storm

210148	6.1	MEDIUM Network	ulicms	ulicms	UliCMS before 2020.2 has XSS during PackageController uninstall.	CWE-79 Cross-site Scripting	CVE-2020-12703	2024-11-21 14:00	2020-05-8	Show	GitHub Exploit DB Packet Storm

210149	6.1	MEDIUM Network	mitel	shoretel_conference_web mivoice_connect	A reflected cross-site scripting (XSS) vulnerability in the Mitel ShoreTel Conference Web Application 19.50.1000.0 before MiVoice Connect 18.7 SP2 allows remote attackers to inject arbitrary JavaScri…	CWE-79 Cross-site Scripting	CVE-2020-12679	2024-11-21 14:00	2020-05-8	Show	GitHub Exploit DB Packet Storm

210150	6.5	MEDIUM Network	serpico_project	serpico	An issue was discovered in Serpico before 1.3.3. The /admin/attacments_backup endpoint can be requested by non-admin authenticated users. This means that an attacker with a user account can retrieve …	CWE-668 Exposure of Resource to Wrong Sphere	CVE-2020-12687	2024-11-21 14:00	2020-05-8	Show	GitHub Exploit DB Packet Storm

Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed