Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":May 15, 2026, 6 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
251281 7.5 危険 Lucid Crew - Pixie CMS における SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2011-4710 2011-12-13 14:53 2011-12-8 Show GitHub Exploit DB Packet Storm
251282 4.3 警告 Hotaru CMS - Hotaru CMS の Search プラグイン内にある Hotaru.php におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2011-4709 2011-12-13 14:52 2011-12-8 Show GitHub Exploit DB Packet Storm
251283 4.3 警告 IBM - IBM Rational Asset Manager におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2011-4708 2011-12-13 14:51 2011-05-5 Show GitHub Exploit DB Packet Storm
251284 4.3 警告 SAP - SAP Netweaver の Virus Scan Interface におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2011-4707 2011-12-13 14:50 2011-12-8 Show GitHub Exploit DB Packet Storm
251285 5 警告 Igor Sysoev - nginx におけるヒープベースのバッファオーバーフローの脆弱性 CWE-119
バッファエラー 		CVE-2011-4315 2011-12-13 14:49 2011-11-15 Show GitHub Exploit DB Packet Storm
251286 7.5 危険 Mambo Foundation - Mambo CMS の administrator/index2.php における SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2011-2917 2011-12-13 14:41 2011-12-8 Show GitHub Exploit DB Packet Storm
251287 6.8 警告 MIT Kerberos - MIT Kerberos の process_tgs_req 関数におけるサービス運用妨害 (DoS) の脆弱性 CWE-399
リソース管理の問題 		CVE-2011-1530 2011-12-13 14:40 2011-12-6 Show GitHub Exploit DB Packet Storm
251288 6.4 警告 BlackBerry - BlackBerry Administration API におけるテキストファイルを読まれる脆弱性 CWE-noinfo
情報不足 		CVE-2011-0287 2011-12-13 14:35 2011-07-12 Show GitHub Exploit DB Packet Storm
251289 6.4 警告 Widelands - Widelands におけるパストラバーサル攻撃を誘発される脆弱性 CWE-22
パス・トラバーサル 		CVE-2011-4675 2011-12-12 18:21 2011-12-5 Show GitHub Exploit DB Packet Storm
251290 5 警告 One Click Orgs - One Click Orgs のパスワードリセット機能におけるユーザアカウントを列挙される脆弱性 CWE-255
証明書・パスワード管理 		CVE-2011-4678 2011-12-12 18:19 2011-12-6 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:May 15, 2026, 4:28 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
209391 7.8 HIGH
Local 		pypi bsdiff4 A buffer overflow in the patching routine of bsdiff4 before 1.2.0 allows an attacker to write to heap memory (beyond allocated bounds) via a crafted patch file. CWE-787
 Out-of-bounds Write 		CVE-2020-15904 2024-11-21 14:06 2020-07-23 Show GitHub Exploit DB Packet Storm
209392 6.1 MEDIUM
Network 		nagios nagios_xi Graph Explorer in Nagios XI before 5.7.2 allows XSS via the link url option. CWE-79
Cross-site Scripting 		CVE-2020-15902 2024-11-21 14:06 2020-07-23 Show GitHub Exploit DB Packet Storm
209393 8.8 HIGH
Network 		nagios nagios_xi In Nagios XI before 5.7.3, ajaxhelper.php allows remote authenticated attackers to execute arbitrary commands via cmdsubsys. NVD-CWE-noinfo
CVE-2020-15901 2024-11-21 14:06 2020-07-23 Show GitHub Exploit DB Packet Storm
209394 6.1 MEDIUM
Network 		dlink dir-816l_firmware An XSS issue was discovered on D-Link DIR-816L devices 2.x before 1.10b04Beta02. In the file webinc/js/info.php, no output filtration is applied to the RESULT parameter, before it's printed on the we… CWE-79
Cross-site Scripting 		CVE-2020-15895 2024-11-21 14:06 2020-07-23 Show GitHub Exploit DB Packet Storm
209395 7.5 HIGH
Network 		dlink dir-816l_firmware An issue was discovered on D-Link DIR-816L devices 2.x before 1.10b04Beta02. There exists an exposed administration function in getcfg.php, which can be used to call various services. It can be utili… CWE-306
Missing Authentication for Critical Function 		CVE-2020-15894 2024-11-21 14:06 2020-07-23 Show GitHub Exploit DB Packet Storm
209396 7.5 HIGH
Network 		dlink dap-1522_firmware An authentication-bypass issue was discovered on D-Link DAP-1522 devices 1.4x before 1.10b04Beta02. There exist a few pages that are directly accessible by any unauthorized user, e.g., logout.php and… CWE-287
Improper Authentication 		CVE-2020-15896 2024-11-21 14:06 2020-07-23 Show GitHub Exploit DB Packet Storm
209397 9.8 CRITICAL
Network 		dlink dir-816l_firmware An issue was discovered on D-Link DIR-816L devices 2.x before 1.10b04Beta02. Universal Plug and Play (UPnP) is enabled by default on port 1900. An attacker can perform command injection by injecting … CWE-78
OS Command  		CVE-2020-15893 2024-11-21 14:06 2020-07-23 Show GitHub Exploit DB Packet Storm
209398 9.8 CRITICAL
Network 		dlink dap-1520_firmware An issue was discovered in apply.cgi on D-Link DAP-1520 devices before 1.10b04Beta02. Whenever a user performs a login action from the web interface, the request values are being forwarded to the ssi… CWE-787
CWE-669
 Out-of-bounds Write
 Incorrect Resource Transfer Between Spheres 		CVE-2020-15892 2024-11-21 14:06 2020-07-23 Show GitHub Exploit DB Packet Storm
209399 7.5 HIGH
Network 		codesys control_rte
control_for_beaglebone
control_for_empc-a\/imx6
control_for_iot2000
control_for_linux
control_for_plcnext
control_for_pfc100
control_for_pfc200
control_for_raspber… 		CODESYS Control runtime system before 3.5.16.10 allows Uncontrolled Memory Allocation. CWE-401
 Missing Release of Memory after Effective Lifetime 		CVE-2020-15806 2024-11-21 14:06 2020-07-23 Show GitHub Exploit DB Packet Storm
209400 7.5 HIGH
Network 		luajit
debian
canonical 		luajit
debian_linux
ubuntu_linux 		LuaJit through 2.1.0-beta3 has an out-of-bounds read because __gc handler frame traversal is mishandled. CWE-125
Out-of-bounds Read 		CVE-2020-15890 2024-11-21 14:06 2020-07-22 Show GitHub Exploit DB Packet Storm