Vulnerability Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":April 29, 2026, 6 p.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
251291	9.3	危険	サイバートラスト株式会社 Mozilla Foundation レッドハットオラクル	-	複数の Mozilla 製品の nsGenericDOMDataNode::SetTextInternal 関数における整数オーバーフローの脆弱性	CWE-189 数値処理の問題	CVE-2010-1196	2011-01-5 14:39	2010-06-22	Show	GitHub Exploit DB Packet Storm

251292	9.3	危険	Mozilla Foundation オラクル	-	複数の Mozilla 製品の nsCycleCollector::MarkRoots 関数における任意のコードを実行される脆弱性	CWE-399 リソース管理の問題	CVE-2010-0183	2011-01-5 14:19	2010-06-22	Show	GitHub Exploit DB Packet Storm

251293	7.5	危険	レッドハット	-	Red Hat Enterprise MRG の Management Console における任意のジョブを実行される脆弱性	CWE-264 認可・権限・アクセス制御	CVE-2010-4179	2011-01-4 16:28	2010-11-30	Show	GitHub Exploit DB Packet Storm

251294	7.8	危険	シスコシステムズ	-	複数の CIsco 製品上で稼働する remote-access IPSec VPN の実装における有効なグループ名を列挙される脆弱性	CWE-399 リソース管理の問題	CVE-2010-4354	2011-01-4 16:18	2010-09-22	Show	GitHub Exploit DB Packet Storm

251295	4	警告	Pidgin オラクル	-	Pidgin の libpurple 内にある oscar プロトコルプラグインの clientautoresp 関数におけるサービス運用妨害 (DoS) の脆弱性	CWE-399 リソース管理の問題	CVE-2010-2528	2011-01-4 16:14	2010-07-30	Show	GitHub Exploit DB Packet Storm

251296	7.2	危険	VMware	-	複数の VMware 製品の VMware-Tools アップデート機能における権限昇格の脆弱性	CWE-20 不適切な入力確認	CVE-2010-4297	2010-12-27 15:40	2010-12-2	Show	GitHub Exploit DB Packet Storm

251297	7.2	危険	VMware	-	複数の VMware 製品の vmware-mount における権限昇格の脆弱性	CWE-264 認可・権限・アクセス制御	CVE-2010-4296	2010-12-27 15:38	2010-12-2	Show	GitHub Exploit DB Packet Storm

251298	6.9	警告	VMware	-	複数の VMware 製品の vmware-mount における権限昇格の脆弱性	CWE-362 競合状態	CVE-2010-4295	2010-12-27 15:36	2010-12-2	Show	GitHub Exploit DB Packet Storm

251299	9.3	危険	VMware	-	複数の VMware 製品の VMnc メディアコーデック内にあるフレーム復元機能における任意のコードを実行される脆弱性	CWE-94 コード・インジェクション	CVE-2010-4294	2010-12-27 15:33	2010-12-2	Show	GitHub Exploit DB Packet Storm

251300	2.1	注意	アップル	-	Windows 上で稼働する Apple QuickTime における重要な情報を取得される脆弱性	CWE-264 認可・権限・アクセス制御	CVE-2010-0530	2010-12-27 15:07	2010-12-9	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:April 29, 2026, 4:51 a.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
199401	7.8	HIGH Local	zblogcn	z-blogphp	An arbitrary file upload vulnerability in Z-BlogPHP v1.6.1.2100 allows attackers to execute arbitrary code via a crafted JPG file.	CWE-434 Unrestricted Upload of File with Dangerous Type	CVE-2020-29176	2024-11-21 14:23	2021-12-3	Show	GitHub Exploit DB Packet Storm

199402	7.5	HIGH Network	pybbs_project	pybbs	A SQL injection vulnerability in TopicMapper.xml of PybbsCMS v5.2.1 allows attackers to access sensitive database information.	CWE-89 SQL Injection	CVE-2020-28702	2024-11-21 14:23	2021-11-1	Show	GitHub Exploit DB Packet Storm

199403	7.8	HIGH Local	aplixio	pdf_shapingup	Aplioxio PDF ShapingUp 5.0.0.139 contains a buffer overflow which allows attackers to cause a denial of service (DoS) via a crafted PDF file.	CWE-120 Classic Buffer Overflow	CVE-2020-28969	2024-11-21 14:23	2021-10-23	Show	GitHub Exploit DB Packet Storm

199404	5.4	MEDIUM Network	draytek	vigorap_1000c_firmware vigorap_700_firmware vigorap_710_firmware vigorap_800_firmware vigorap_802_firmware vigorap_810_firmware vigorap_900_firmware vigorap_902_firmware vigor…	Draytek VigorAP 1000C contains a stored cross-site scripting (XSS) vulnerability in the RADIUS Setting - RADIUS Server Configuration module. This vulnerability allows attackers to execute arbitrary w…	CWE-79 Cross-site Scripting	CVE-2020-28968	2024-11-21 14:23	2021-10-23	Show	GitHub Exploit DB Packet Storm

199405	8.8	HIGH Network	flashget	flashget	FlashGet v1.9.6 was discovered to contain a buffer overflow in the 'current path directory' function. This vulnerability allows attackers to elevate local process privileges via overwriting the regis…	CWE-120 Classic Buffer Overflow	CVE-2020-28967	2024-11-21 14:23	2021-10-23	Show	GitHub Exploit DB Packet Storm

199406	6.7	MEDIUM Local	tonec	internet_download_manager	Internet Download Manager 6.37.11.1 was discovered to contain a stack buffer overflow in the Search function. This vulnerability allows attackers to escalate local process privileges via unspecified …	CWE-787 Out-of-bounds Write	CVE-2020-28964	2024-11-21 14:23	2021-10-23	Show	GitHub Exploit DB Packet Storm

199407	7.8	HIGH Local	krylack	zip_password_recovery	Passcovery Co. Ltd ZIP Password Recovery v3.70.69.0 was discovered to contain a buffer overflow via the decompress function.	CWE-120 Classic Buffer Overflow	CVE-2020-28963	2024-11-21 14:23	2021-10-23	Show	GitHub Exploit DB Packet Storm

199408	5.4	MEDIUM Network	perfexcrm	perfex_crm	Perfex CRM v2.4.4 was discovered to contain a stored cross-site scripting (XSS) vulnerability in the component ./clients/client via the company name parameter.	CWE-79 Cross-site Scripting	CVE-2020-28961	2024-11-21 14:23	2021-10-23	Show	GitHub Exploit DB Packet Storm

199409	9.8	CRITICAL Network	cct95	chichen_tech_cms	Chichen Tech CMS v1.0 was discovered to contain multiple SQL injection vulnerabilities in the file product_list.php via the id and cid parameters.	CWE-89 SQL Injection	CVE-2020-28960	2024-11-21 14:23	2021-10-23	Show	GitHub Exploit DB Packet Storm

199410	5.4	MEDIUM Network	froxlor	froxlor	Multiple cross-site scripting (XSS) vulnerabilities in the Customer Add module of Foxlor v0.10.16 allows attackers to execute arbitrary web scripts or HTML via a crafted payload entered into the name…	CWE-79 Cross-site Scripting	CVE-2020-28957	2024-11-21 14:23	2021-10-23	Show	GitHub Exploit DB Packet Storm

Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed