Vulnerability Search Top

Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

Vulnerability Information Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":May 1, 2026, 6 p.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
251001	9.3	危険	マイクロソフト	-	Microsoft Windows の win32k.sys における任意のコードを実行される脆弱性	CWE-20 不適切な入力確認	CVE-2011-1873	2011-06-23 11:42	2011-06-14	Show	GitHub Exploit DB Packet Storm

251002	10	危険	マイクロソフト	-	Microsoft Forefront Threat Management Gateway (TMG) 2010 クライアントの NSPLookupServiceNext 関数における任意のコードを実行される脆弱性	CWE-119 バッファエラー	CVE-2011-1889	2011-06-23 11:30	2011-06-14	Show	GitHub Exploit DB Packet Storm

251003	9.3	危険	マイクロソフト	-	Microsoft .NET Framework および Silverlight における任意のコードを実行される脆弱性	CWE-20 不適切な入力確認	CVE-2011-0664	2011-06-23 11:29	2011-06-14	Show	GitHub Exploit DB Packet Storm

251004	9.3	危険	マイクロソフト	-	Microsoft Windows の OLE オートメーションプロトコル実装における整数アンダーフローの脆弱性	CWE-189 数値処理の問題	CVE-2011-0658	2011-06-23 11:28	2011-06-14	Show	GitHub Exploit DB Packet Storm

251005	4.3	警告	マイクロソフト	-	Microsoft Windows の MHTML プロトコルハンドラにおけるクロスサイトスクリプティングを誘導される脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2011-1894	2011-06-23 11:27	2011-06-14	Show	GitHub Exploit DB Packet Storm

251006	5.5	警告	ターボリナックス Timo Sirainen レッドハット	-	Dovecot の plugins/acl/acl-backend-vfile.c におけるアクセス制限を回避される脆弱性	CWE-264 認可・権限・アクセス制御	CVE-2010-3707	2011-06-23 11:15	2010-10-2	Show	GitHub Exploit DB Packet Storm

251007	4	警告	ターボリナックス Timo Sirainen レッドハット	-	Dovecot におけるサービス運用妨害 (master process outage) の脆弱性	CWE-Other その他	CVE-2010-3780	2011-06-23 11:14	2010-10-2	Show	GitHub Exploit DB Packet Storm

251008	4.3	警告	Google	-	Android の Android ブラウザにおける SD カード上の情報を取得される脆弱性	CWE-200 情報漏えい	CVE-2010-4804	2011-06-21 07:53	2011-06-9	Show	GitHub Exploit DB Packet Storm

251009	4.3	警告	株式会社カワイビジネスソフトウエア	-	WeblyGo におけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2011-1330	2011-06-20 12:01	2011-06-20	Show	GitHub Exploit DB Packet Storm

251010	-	-	Autonomy	-	Autonomy KeyView IDOL に複数の脆弱性	-	-	2011-06-20 11:19	2011-06-8	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:May 2, 2026, 4:08 a.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
211261	7.8	HIGH Local	microsoft	windows_server_2008 windows_server_2012 windows_10 windows_8.1 windows_server_2016 windows_7 windows_rt_8.1 windows_server_2019	An elevation of privilege vulnerability exists in the way that the Windows Search Indexer handles objects in memory, aka 'Windows Search Indexer Elevation of Privilege Vulnerability'. This CVE ID is …	NVD-CWE-noinfo	CVE-2020-0625	2024-11-21 13:53	2020-01-15	Show	GitHub Exploit DB Packet Storm

211262	7.8	HIGH Local	microsoft	windows_server_2012 windows_10 windows_8.1 windows_server_2016 windows_7 windows_rt_8.1 windows_server_2019	An elevation of privilege vulnerability exists in the way that the Windows Search Indexer handles objects in memory, aka 'Windows Search Indexer Elevation of Privilege Vulnerability'. This CVE ID is …	NVD-CWE-noinfo	CVE-2020-0623	2024-11-21 13:53	2020-01-15	Show	GitHub Exploit DB Packet Storm

211263	8.8	HIGH Network	3cx debian	phone_system_firmware debian_linux	PhoneSystem Terminal in 3CX Phone System (Debian based installation) 16.0.0.1570 allows an authenticated attacker to run arbitrary commands with the phonesystem user privileges because of "<space><sp…	CWE-77 Command Injection	CVE-2019-9972	2024-11-21 13:52	2022-06-8	Show	GitHub Exploit DB Packet Storm

211264	8.8	HIGH Network	3cx debian	phone_system_firmware debian_linux	PhoneSystem Terminal in 3CX Phone System (Debian based installation) 16.0.0.1570 allows an attacker to gain root privileges by using sudo with the tcpdump command, without a password. This occurs bec…	CWE-269 Improper Privilege Management	CVE-2019-9971	2024-11-21 13:52	2022-06-8	Show	GitHub Exploit DB Packet Storm

211265	7.8	HIGH Local	google	android	In deletePackageVersionedInternal of PackageManagerService.java, there is a possible way to exit Screen Pinning due to a permissions bypass. This could lead to local escalation of privilege with no a…	NVD-CWE-noinfo	CVE-2020-0025	2024-11-21 13:52	2021-03-11	Show	GitHub Exploit DB Packet Storm

211266	5.5	MEDIUM Local	google	android	In the Broadcom Nexus firmware, there is an insecure default password. This could lead to local information disclosure in the kernel with no additional execution privileges needed. User interaction i…	CWE-1188 Insecure Default Initialization of Resource	CVE-2020-0019	2024-11-21 13:52	2020-12-15	Show	GitHub Exploit DB Packet Storm

211267	7.8	HIGH Local	google	android	In the Broadcom Nexus firmware, there is an insecure default password. This could lead to local escalation of privilege in the kernel with no additional execution privileges needed. User interaction …	CWE-798 Use of Hard-coded Credentials	CVE-2020-0016	2024-11-21 13:52	2020-12-15	Show	GitHub Exploit DB Packet Storm

211268	7.8	HIGH Local	google	android	In addWindow of WindowManagerService.java, there is a possible window overlay attack due to an insecure default value. This could lead to local escalation of privilege via tapjacking with no addition…	CWE-1188 Insecure Default Initialization of Resource	CVE-2020-0099	2024-11-21 13:52	2020-12-15	Show	GitHub Exploit DB Packet Storm

211269	7.8	HIGH Local	google	android	In the audio server, there is a missing permission check. This could lead to local escalation of privilege regarding audio settings with no additional execution privileges needed. User interaction is…	CWE-862 Missing Authorization	CVE-2020-0089	2024-11-21 13:52	2020-09-19	Show	GitHub Exploit DB Packet Storm

211270	7.8	HIGH Local	google	android	In screencap, there is a possible command injection due to improper input validation. This could lead to local escalation of privilege in a system process with User execution privileges needed. User …	CWE-20 CWE-77 Improper Input Validation Command Injection	CVE-2020-0130	2024-11-21 13:52	2020-09-18	Show	GitHub Exploit DB Packet Storm