Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":May 2, 2026, 6 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
252261 6.4 警告 ヒューレット・パッカード
レッドハット
日立
オラクル		 - Oracle Sun Products Suite の Oracle Communications Messaging Server コンポーネントにおける脆弱性 CWE-noinfo
情報不足 		CVE-2010-3564 2010-12-16 15:22 2010-10-12 Show GitHub Exploit DB Packet Storm
252262 9.3 危険 アップル - Apple Safari の WebKit における任意のコードを実行される脆弱性 CWE-DesignError
CVE-2010-3817 2010-12-16 14:18 2010-11-22 Show GitHub Exploit DB Packet Storm
252263 9.3 危険 アップル - Apple Safari の WebKit における任意のコードを実行される脆弱性 CWE-399
リソース管理の問題 		CVE-2010-3816 2010-12-16 14:18 2010-11-22 Show GitHub Exploit DB Packet Storm
252264 9.3 危険 アップル - Apple Safari の WebKit における任意のコードを実行される脆弱性 CWE-399
リソース管理の問題 		CVE-2010-3811 2010-12-16 14:16 2010-11-22 Show GitHub Exploit DB Packet Storm
252265 5 警告 The PHP Group
サイバートラスト株式会社
レッドハット		 - PHP のセッションシリアライザにおける任意のセッション変数に変更される脆弱性 CWE-264
認可・権限・アクセス制御 		CVE-2010-3065 2010-12-15 15:28 2010-05-31 Show GitHub Exploit DB Packet Storm
252266 5 警告 日立 - JP1/NETM 製品 におけるサービス運用妨害 (DoS) の脆弱性 CWE-noinfo
情報不足 		- 2010-12-15 15:27 2010-07-30 Show GitHub Exploit DB Packet Storm
252267 5 警告 The PHP Group
サイバートラスト株式会社
ターボリナックス
レッドハット		 - PHP におけるサービス運用妨害 (DoS) の脆弱性 CWE-399
リソース管理の問題 		CVE-2010-1917 2010-12-15 15:27 2010-05-11 Show GitHub Exploit DB Packet Storm
252268 5 警告 The PHP Group
アップル
ターボリナックス
サイバートラスト株式会社
レッドハット		 - PHP の xmlrpc 拡張におけるサービス運用妨害 (DoS) の脆弱性 CWE-Other
その他 		CVE-2010-0397 2010-12-15 15:27 2010-03-16 Show GitHub Exploit DB Packet Storm
252269 6.4 警告 The PHP Group
サイバートラスト株式会社
レッドハット		 - PHP の Linear Congruential Generator における値を推測される脆弱性 CWE-310
暗号の問題 		CVE-2010-1128 2010-12-15 15:26 2010-03-26 Show GitHub Exploit DB Packet Storm
252270 6.9 警告 GNU Project
日本電気
ターボリナックス
サイバートラスト株式会社
レッドハット		 - GNU Libtool の libltdl における権限昇格の脆弱性 CWE-DesignError
CVE-2009-3736 2010-12-15 15:26 2009-11-16 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:May 2, 2026, 4:08 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
199881 7.2 HIGH
Network 		paloaltonetworks pan-os An OS Command Injection vulnerability in PAN-OS management server allows authenticated administrators to execute arbitrary OS commands with root privileges when uploading a new certificate in FIPS-CC… CWE-78
OS Command  		CVE-2020-2028 2024-11-21 14:24 2020-06-11 Show GitHub Exploit DB Packet Storm
199882 7.2 HIGH
Network 		paloaltonetworks pan-os A buffer overflow vulnerability in the authd component of the PAN-OS management server allows authenticated administrators to disrupt system processes and potentially execute arbitrary code with root… CWE-787
 Out-of-bounds Write 		CVE-2020-2027 2024-11-21 14:24 2020-06-11 Show GitHub Exploit DB Packet Storm
199883 8.8 HIGH
Local 		katacontainers
fedoraproject 		runtime
fedora 		A malicious guest compromised before a container creation (e.g. a malicious guest image or a guest running multiple containers) can trick the kata runtime into mounting the untrusted container filesy… CWE-59
Link Following 		CVE-2020-2026 2024-11-21 14:24 2020-06-11 Show GitHub Exploit DB Packet Storm
199884 6.3 MEDIUM
Local 		katacontainers runtime Kata Containers doesn't restrict containers from accessing the guest's root filesystem device. Malicious containers can exploit this to gain code execution on the guest and masquerade as the kata-age… NVD-CWE-noinfo
CVE-2020-2023 2024-11-21 14:24 2020-06-11 Show GitHub Exploit DB Packet Storm
199885 8.8 HIGH
Network 		jenkins play_framework Jenkins Play Framework Plugin 1.0.2 and earlier lets users specify the path to the `play` command on the Jenkins master for a form validation endpoint, resulting in an OS command injection vulnerabil… CWE-78
OS Command  		CVE-2020-2200 2024-11-21 14:24 2020-06-3 Show GitHub Exploit DB Packet Storm
199886 6.1 MEDIUM
Network 		jenkins subversion_partial_release_manager Jenkins Subversion Partial Release Manager Plugin 1.0.1 and earlier does not escape the error message for the repository URL field form validation, resulting in a reflected cross-site scripting vulne… CWE-79
Cross-site Scripting 		CVE-2020-2199 2024-11-21 14:24 2020-06-3 Show GitHub Exploit DB Packet Storm
199887 6.5 MEDIUM
Network 		jenkins project_inheritance Jenkins Project Inheritance Plugin 19.08.02 and earlier does not redact encrypted secrets in the 'getConfigAsXML' API URL when transmitting job config.xml data to users without Job/Configure. CWE-522
 Insufficiently Protected Credentials 		CVE-2020-2198 2024-11-21 14:24 2020-06-3 Show GitHub Exploit DB Packet Storm
199888 4.3 MEDIUM
Network 		jenkins project_inheritance Jenkins Project Inheritance Plugin 19.08.02 and earlier does not require users to have Job/ExtendedRead permission to access Inheritance Project job configurations in XML format. CWE-276
Incorrect Default Permissions  		CVE-2020-2197 2024-11-21 14:24 2020-06-3 Show GitHub Exploit DB Packet Storm
199889 8.0 HIGH
Network 		jenkins selenium Jenkins Selenium Plugin 3.141.59 and earlier has no CSRF protection for its HTTP endpoints, allowing attackers to perform all administrative actions provided by the plugin. CWE-352
 Origin Validation Error 		CVE-2020-2196 2024-11-21 14:24 2020-06-3 Show GitHub Exploit DB Packet Storm
199890 5.4 MEDIUM
Network 		jenkins compact_columns Jenkins Compact Columns Plugin 1.11 and earlier displays the unprocessed job description in tooltips, resulting in a stored cross-site scripting vulnerability that can be exploited by users with Job/… CWE-79
Cross-site Scripting 		CVE-2020-2195 2024-11-21 14:24 2020-06-3 Show GitHub Exploit DB Packet Storm