Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":May 29, 2026, 6 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
252071 10 危険 オラクル - Oracle Java SE の JavaFX コンポーネントにおける脆弱性 CWE-noinfo
情報不足 		CVE-2012-0508 2012-02-20 10:41 2012-02-14 Show GitHub Exploit DB Packet Storm
252072 9.3 危険 サン・マイクロシステムズ - Oracle Java SE の Java Runtime Environment (JRE) コンポーネントにおける脆弱性 CWE-noinfo
情報不足 		CVE-2012-0504 2012-02-20 10:34 2012-02-14 Show GitHub Exploit DB Packet Storm
252073 6.8 警告 Hulihan Applications - Hulihan Amethyst の admin/update_user におけるクロスサイトリクエストフォージェリの脆弱性 CWE-352
同一生成元ポリシー違反 		CVE-2010-5085 2012-02-17 14:43 2012-02-14 Show GitHub Exploit DB Packet Storm
252074 6 警告 e107.org - e107 の CSRF 保護メカニズムにおける管理者認証をハイジャックされる脆弱性 CWE-352
同一生成元ポリシー違反 		CVE-2010-5084 2012-02-17 14:43 2012-02-14 Show GitHub Exploit DB Packet Storm
252075 7.5 危険 PHPNUKE - PHP-Nuke 用 Web_Links module における SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2010-5083 2012-02-17 14:42 2012-02-14 Show GitHub Exploit DB Packet Storm
252076 4.3 警告 Bluechip Software - TYPO3 用 Post data records to facebook エクステンションにおけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2012-1087 2012-02-17 14:42 2012-02-14 Show GitHub Exploit DB Packet Storm
252077 4.3 警告 UrlTool - TYPO3 用 UrlTool エクステンションにおけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2012-1086 2012-02-17 14:41 2012-02-14 Show GitHub Exploit DB Packet Storm
252078 5 警告 BE User Switch - TYPO3 用 BE User Switch エクステンションにおける重要な情報を取得される脆弱性 CWE-noinfo
情報不足 		CVE-2012-1085 2012-02-17 14:40 2012-02-14 Show GitHub Exploit DB Packet Storm
252079 4.3 警告 BE User Switch - TYPO3 用 BE User Switch エクステンションにおけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2012-1084 2012-02-17 14:39 2012-02-14 Show GitHub Exploit DB Packet Storm
252080 6.8 警告 Terminal PHP Shell - TYPO3 用 Terminal PHP Shell エクステンションにおけるクロスサイトリクエストフォージェリの脆弱性 CWE-352
同一生成元ポリシー違反 		CVE-2012-1083 2012-02-17 14:38 2012-02-14 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:May 29, 2026, 4:16 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
208501 7.5 HIGH
Network 		stampit supermixer Prototype pollution in Stampit supermixer 1.0.3 allows an attacker to modify the prototype of a base object which can vary in severity depending on the implementation. CWE-1321
 Improperly Controlled Modification of Object Prototype Attributes ('Prototype Pollution') 		CVE-2020-24939 2024-11-21 14:16 2021-06-17 Show GitHub Exploit DB Packet Storm
208502 7.5 HIGH
Network 		pharmacy_medical_store_and_sale_point_project pharmacy_medical_store_and_sale_point The catID parameter in Pharmacy Medical Store and Sale Point v1.0 has been found to be vulnerable to a Time-Based blind SQL injection via the /medical/inventories.php path which allows attackers to r… CWE-89
SQL Injection 		CVE-2020-24862 2024-11-21 14:16 2021-06-3 Show GitHub Exploit DB Packet Storm
208503 8.8 HIGH
Network 		libraw libraw Libraw before 0.20.1 has a stack buffer overflow via LibRaw::identify_process_dng_fields in identify.cpp. CWE-787
 Out-of-bounds Write 		CVE-2020-24870 2024-11-21 14:16 2021-06-3 Show GitHub Exploit DB Packet Storm
208504 4.3 MEDIUM
Network 		pluck-cms pluck An issue was discovered in Pluck 4.7.10-dev2. There is a CSRF vulnerability that can editpage via a /admin.php?action=editpage CWE-352
 Origin Validation Error 		CVE-2020-24740 2024-11-21 14:16 2021-05-19 Show GitHub Exploit DB Packet Storm
208505 7.8 HIGH
Local 		ui unifi_video In Ubiquiti UniFi Video v3.10.13, when the executable starts, its first library validation is in the current directory. This allows the impersonation and modification of the library to execute code o… CWE-427
 Uncontrolled Search Path Element 		CVE-2020-24755 2024-11-21 14:16 2021-05-18 Show GitHub Exploit DB Packet Storm
208506 5.4 MEDIUM
Network 		cmswing cmswing There is a cross site scripting vulnerability on CmsWing 1.3.7. This vulnerability (stored XSS) is triggered when visitors access the article module. CWE-79
Cross-site Scripting 		CVE-2020-24993 2024-11-21 14:16 2021-05-18 Show GitHub Exploit DB Packet Storm
208507 5.4 MEDIUM
Network 		cmswing cmswing There is a cross site scripting vulnerability on CmsWing 1.3.7. This vulnerability (stored XSS) is triggered when an administrator accesses the content management module. CWE-79
Cross-site Scripting 		CVE-2020-24992 2024-11-21 14:16 2021-05-18 Show GitHub Exploit DB Packet Storm
208508 9.8 CRITICAL
Network 		ambarella oryx_rtsp_server A buffer overflow in the RTSP service of the Ambarella Oryx RTSP Server 2020-01-07 allows an unauthenticated attacker to send a crafted RTSP request, with a long digest authentication header, to exec… CWE-120
Classic Buffer Overflow 		CVE-2020-24918 2024-11-21 14:16 2021-04-30 Show GitHub Exploit DB Packet Storm
208509 7.8 HIGH
Local 		ffmpeg ffmpeg Buffer overflow vulnerability in sniff_channel_order function in aacdec_template.c in ffmpeg 3.1.2, allows attackers to execute arbitrary code (local). CWE-120
Classic Buffer Overflow 		CVE-2020-24995 2024-11-21 14:16 2021-03-31 Show GitHub Exploit DB Packet Storm
208510 8.8 HIGH
Network 		libass_project libass Stack overflow in the parse_tag function in libass/ass_parse.c in libass before 0.15.0 allows remote attackers to cause a denial of service or remote code execution via a crafted file. CWE-770
 Allocation of Resources Without Limits or Throttling 		CVE-2020-24994 2024-11-21 14:16 2021-03-24 Show GitHub Exploit DB Packet Storm