Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":May 12, 2026, 6 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
252121 9.3 危険 アドビシステムズ - Adobe Shockwave Player の CursorAsset x32 コンポーネントにおける整数オーバーフローの脆弱性 CWE-189
数値処理の問題 		CVE-2011-2120 2011-06-30 10:58 2011-06-14 Show GitHub Exploit DB Packet Storm
252122 9.3 危険 アドビシステムズ - Adobe Shockwave Player の Dirapi.dll における任意のコードを実行される脆弱性 CWE-119
バッファエラー 		CVE-2011-2119 2011-06-30 10:57 2011-06-14 Show GitHub Exploit DB Packet Storm
252123 9.3 危険 アドビシステムズ - Adobe Shockwave Player の FLV ASSET Xtra コンポーネントにおける任意のコードを実行される脆弱性 CWE-20
不適切な入力確認 		CVE-2011-2118 2011-06-30 10:56 2011-06-14 Show GitHub Exploit DB Packet Storm
252124 9.3 危険 アドビシステムズ - Adobe Shockwave Player における任意のコードを実行される脆弱性 CWE-119
バッファエラー 		CVE-2011-2117 2011-06-30 10:55 2011-06-14 Show GitHub Exploit DB Packet Storm
252125 9.3 危険 アドビシステムズ - Adobe Shockwave Player の IML32.dll における任意のコードを実行される脆弱性 CWE-119
バッファエラー 		CVE-2011-2116 2011-06-30 10:55 2011-06-14 Show GitHub Exploit DB Packet Storm
252126 9.3 危険 アドビシステムズ - Adobe Shockwave Player の IML32.dll における任意のコードを実行される脆弱性 CWE-119
バッファエラー 		CVE-2011-2115 2011-06-30 10:54 2011-06-14 Show GitHub Exploit DB Packet Storm
252127 9.3 危険 アドビシステムズ - Adobe Shockwave Player における任意のコードを実行される脆弱性 CWE-119
バッファエラー 		CVE-2011-2114 2011-06-30 10:53 2011-06-14 Show GitHub Exploit DB Packet Storm
252128 9.3 危険 アドビシステムズ - Adobe Shockwave Player の Shockwave3DAsset コンポーネントにおけるバッファオーバーフローの脆弱性 CWE-119
バッファエラー 		CVE-2011-2113 2011-06-30 10:53 2011-06-14 Show GitHub Exploit DB Packet Storm
252129 9.3 危険 アドビシステムズ - Adobe Shockwave Player の IML32.dll におけるバッファオーバーフローの脆弱性 CWE-119
バッファエラー 		CVE-2011-2112 2011-06-30 10:52 2011-06-14 Show GitHub Exploit DB Packet Storm
252130 9.3 危険 アドビシステムズ - Adobe Shockwave Player の IML32.dll における任意のコードを実行される脆弱性 CWE-119
バッファエラー 		CVE-2011-2111 2011-06-30 10:51 2011-06-14 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:May 13, 2026, 5:05 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
209451 5.4 MEDIUM
Network 		django_two-factor_authentication_project django_two-factor_authentication Django Two-Factor Authentication before 1.12, stores the user's password in clear text in the user session (base64-encoded). The password is stored in the session when the user submits their username… CWE-312
 Cleartext Storage of Sensitive Information 		CVE-2020-15105 2024-11-21 14:04 2020-07-11 Show GitHub Exploit DB Packet Storm
209452 8.6 HIGH
Network 		amazon tough The tough library (Rust/crates.io) prior to version 0.7.1 does not properly verify the threshold of cryptographic signatures. It allows an attacker to duplicate a valid signature in order to circumve… CWE-347
 Improper Verification of Cryptographic Signature 		CVE-2020-15093 2024-11-21 14:04 2020-07-10 Show GitHub Exploit DB Packet Storm
209453 4.8 MEDIUM
Network 		northwestern timelinejs In TimelineJS before version 3.7.0, some user data renders as HTML. An attacker could implement an XSS exploit with maliciously crafted content in a number of data fields. This risk is present whethe… CWE-79
Cross-site Scripting 		CVE-2020-15092 2024-11-21 14:04 2020-07-10 Show GitHub Exploit DB Packet Storm
209454 5.3 MEDIUM
Adjacent 		yubico yubikey_5_nfc_firmware An information leak was discovered on Yubico YubiKey 5 NFC devices 5.0.0 to 5.2.6 and 5.3.0 to 5.3.1. The OTP application allows a user to set optional access codes on OTP slots. This access code is … CWE-862
 Missing Authorization 		CVE-2020-15001 2024-11-21 14:04 2020-07-10 Show GitHub Exploit DB Packet Storm
209455 5.9 MEDIUM
Network 		yubico yubikey_5_nfc_firmware A PIN management problem was discovered on Yubico YubiKey 5 devices 5.2.0 to 5.2.6. OpenPGP has three passwords: Admin PIN, Reset Code, and User PIN. The Reset Code is used to reset the User PIN, but… NVD-CWE-Other
CVE-2020-15000 2024-11-21 14:04 2020-07-10 Show GitHub Exploit DB Packet Storm
209456 5.4 MEDIUM
Network 		phplist phplist An issue was discovered in phpList through 3.5.4. An XSS vulnerability occurs within the Import Administrators section via upload of an edited text document. This also affects the Subscriber Lists se… CWE-79
Cross-site Scripting 		CVE-2020-15073 2024-11-21 14:04 2020-07-9 Show GitHub Exploit DB Packet Storm
209457 8.8 HIGH
Network 		phplist phplist An issue was discovered in phpList through 3.5.4. An error-based SQL Injection vulnerability exists via the Import Administrators section. CWE-89
SQL Injection 		CVE-2020-15072 2024-11-21 14:04 2020-07-9 Show GitHub Exploit DB Packet Storm
209458 7.5 HIGH
Network 		connectwise connectwise_automate A SQLi exists in the probe code of all Connectwise Automate versions before 2020.7 or 2019.12. A SQL Injection in the probe implementation to save data to a custom table exists due to inadequate serv… CWE-89
SQL Injection 		CVE-2020-15008 2024-11-21 14:04 2020-07-8 Show GitHub Exploit DB Packet Storm
209459 4.4 MEDIUM
Local 		npmjs
opensuse
fedoraproject 		npm
leap
fedora 		Versions of the npm CLI prior to 6.14.6 are vulnerable to an information exposure vulnerability through log files. The CLI supports URLs like "<protocol>://[<user>[:<password>]@]<hostname>[:<port>][:… - CVE-2020-15095 2024-11-21 14:04 2020-07-8 Show GitHub Exploit DB Packet Storm
209460 5.4 MEDIUM
Network 		nedi nedi NeDi 1.9C is vulnerable to cross-site scripting (XSS) attack. The application allows an attacker to execute arbitrary JavaScript code via the Monitoring-Map.php hde parameter. CWE-79
Cross-site Scripting 		CVE-2020-15035 2024-11-21 14:04 2020-07-8 Show GitHub Exploit DB Packet Storm