Vulnerability Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":June 1, 2026, 6 p.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
252141	4.3	警告	eFront Learning	-	eFront Community++ におけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2012-1048	2012-02-14 14:48	2012-02-12	Show	GitHub Exploit DB Packet Storm

252142	7.5	危険	ソフォス	-	Cyberoam Central Console におけるディレクトリトラバーサルの脆弱性	CWE-22 パス・トラバーサル	CVE-2012-1047	2012-02-14 14:47	2012-02-12	Show	GitHub Exploit DB Packet Storm

252143	4.3	警告	Symphony CMS	-	Symphony CMS における SQL インジェクションの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2011-4341	2012-02-14 14:46	2012-02-12	Show	GitHub Exploit DB Packet Storm

252144	3.5	注意	Symphony CMS	-	Symphony CMS におけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2011-4340	2012-02-14 14:45	2012-02-12	Show	GitHub Exploit DB Packet Storm

252145	4.3	警告	Deon George	-	phpLDAPadmin におけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2012-0834	2012-02-14 14:45	2012-02-11	Show	GitHub Exploit DB Packet Storm

252146	7.5	危険	Mozilla Foundation	-	複数の Mozilla 製品におけるサービス運用妨害 (DoS) の脆弱性	CWE-399 リソース管理の問題	CVE-2012-0452	2012-02-14 14:42	2012-02-10	Show	GitHub Exploit DB Packet Storm

252147	4.3	警告	IBM	-	IBM Cognos TM1 の TM1 Web におけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2012-1046	2012-02-14 14:18	2012-02-10	Show	GitHub Exploit DB Packet Storm

252148	5	警告	Apache Software Foundation	-	Apache Portable Runtime ライブラリの apr_hash.c におけるサービス運用妨害 (DoS) の脆弱性	CWE-20 不適切な入力確認	CVE-2012-0840	2012-02-14 14:17	2012-02-10	Show	GitHub Exploit DB Packet Storm

252149	5	警告	AdaCore	-	AdaCore Ada Web Services におけるサービス運用妨害 (CPU 資源の消費) の脆弱性	CWE-20 不適切な入力確認	CVE-2012-1035	2012-02-13 16:39	2012-01-27	Show	GitHub Exploit DB Packet Storm

252150	6.5	警告	サイベース	-	Sybase M-Business Anywhere の Web 管理インターフェイスにおけるユーザーアカウントをリストアップされる脆弱性	CWE-264 認可・権限・アクセス制御	CVE-2011-5078	2012-02-13 16:15	2012-02-8	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:June 1, 2026, 4:12 a.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
208461	7.5	HIGH Network	sectona	spectra	Sectona Spectra before 3.4.0 has a vulnerable SOAP API endpoint that leaks sensitive information about the configured assets without proper authentication. This could be used by unauthorized parties …	CWE-306 Missing Authentication for Critical Function	CVE-2020-25966	2024-11-21 14:19	2020-10-29	Show	GitHub Exploit DB Packet Storm

208462	6.1	MEDIUM Network	octopus	octopus_deploy	In Octopus Deploy through 2020.4.2, an attacker could redirect users to an external site via a modified HTTP Host header.	CWE-601 Open Redirect	CVE-2020-26161	2024-11-21 14:19	2020-10-27	Show	GitHub Exploit DB Packet Storm

208463	6.5	MEDIUM Network	dell	emc_networker	Dell EMC NetWorker versions prior to 19.3.0.2 contain an improper authorization vulnerability. Certain remote users with low privileges may exploit this vulnerability to perform 'nsrmmdbd' operations…	CWE-552 Files or Directories Accessible to External Parties	CVE-2020-26183	2024-11-21 14:19	2020-10-17	Show	GitHub Exploit DB Packet Storm

208464	6.5	MEDIUM Network	dell	emc_networker	Dell EMC NetWorker versions prior to 19.3.0.2 contain an incorrect privilege assignment vulnerability. A non-LDAP remote user with low privileges may exploit this vulnerability to perform 'saveset' r…	CWE-552 Files or Directories Accessible to External Parties	CVE-2020-26182	2024-11-21 14:19	2020-10-17	Show	GitHub Exploit DB Packet Storm

208465	6.1	MEDIUM Network	xerox	workcentre_ec7836_firmware workcentre_ec7856_firmware	Xerox WorkCentre EC7836 before 073.050.059.25300 and EC7856 before 073.020.059.25300 devices allow XSS via Description pages.	CWE-79 Cross-site Scripting	CVE-2020-26162	2024-11-21 14:19	2020-10-9	Show	GitHub Exploit DB Packet Storm

208466	5.5	MEDIUM Local	kde opensuse	kdeconnect leap backports_sle	In kdeconnect-kde (aka KDE Connect) before 20.08.2, an attacker on the local network could send crafted packets that trigger use of large amounts of CPU, memory, or network connection slots, aka a De…	CWE-400 Uncontrolled Resource Consumption	CVE-2020-26164	2024-11-21 14:19	2020-10-8	Show	GitHub Exploit DB Packet Storm

208467	8.1	HIGH Network	monocms	monocms	MonoCMS Blog 1.0 is affected by: Arbitrary File Deletion. Any authenticated user can delete files on and off the webserver (php files can be unlinked and not deleted).	CWE-22 Path Traversal	CVE-2020-25985	2024-11-21 14:19	2020-10-7	Show	GitHub Exploit DB Packet Storm

208468	7.5	HIGH Network	monocms	monocms	MonoCMS Blog 1.0 stores hard-coded admin hashes in the log.xml file in the source files for MonoCMS Blog. Hash type is bcrypt and hashcat mode 3200 can be used to crack the hash.	CWE-532 Inclusion of Sensitive Information in Log Files	CVE-2020-25987	2024-11-21 14:19	2020-10-6	Show	GitHub Exploit DB Packet Storm

208469	6.5	MEDIUM Network	monocms	monocms	A Cross Site Request Forgery (CSRF) vulnerability in MonoCMS Blog 1.0 allows attackers to change the password of a user.	CWE-352 Origin Validation Error	CVE-2020-25986	2024-11-21 14:19	2020-10-6	Show	GitHub Exploit DB Packet Storm

208470	8.8	HIGH Network	cuppacms	cuppacms	The file manager option in CuppaCMS before 2019-11-12 allows an authenticated attacker to upload a malicious file within an image extension and through a custom request using the rename function prov…	CWE-434 Unrestricted Upload of File with Dangerous Type	CVE-2020-26048	2024-11-21 14:19	2020-10-6	Show	GitHub Exploit DB Packet Storm

Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed