Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":May 28, 2026, 4:09 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
252431 9.3 危険 マイクロソフト - 複数の Microsoft Windows 製品の Windows Packager 設定における任意のコードを実行される脆弱性 CWE-Other
その他 		CVE-2012-0013 2012-01-13 15:45 2012-01-10 Show GitHub Exploit DB Packet Storm
252432 10 危険 Final Draft - Final Draft におけるスタックベースのバッファオーバーフローの脆弱性 CWE-119
バッファエラー 		CVE-2011-5059 2012-01-12 15:54 2012-01-10 Show GitHub Exploit DB Packet Storm
252433 6.4 警告 3S-Smart Software Solutions - 3S CoDeSys における任意のディレクトリを作成される脆弱性 CWE-264
認可・権限・アクセス制御 		CVE-2011-5058 2012-01-12 15:53 2012-01-10 Show GitHub Exploit DB Packet Storm
252434 7.8 危険 ヒューレット・パッカード - 複数の HP 製品の HP-ChaiSOE Web サーバにおけるディレクトリトラバーサルの脆弱性 CWE-200
情報漏えい 		CVE-2011-4785 2012-01-11 16:11 2012-01-9 Show GitHub Exploit DB Packet Storm
252435 5 警告 Apache Software Foundation - Apache Struts におけるランタイムデータの値を変更される脆弱性 CWE-264
認可・権限・アクセス制御 		CVE-2011-5057 2012-01-11 15:17 2012-01-8 Show GitHub Exploit DB Packet Storm
252436 9.3 危険 Apache Software Foundation - Apache Struts における任意のコマンドを実行される脆弱性 CWE-264
認可・権限・アクセス制御 		CVE-2012-0392 2012-01-11 15:11 2012-01-8 Show GitHub Exploit DB Packet Storm
252437 9.3 危険 Apache Software Foundation - Apache Struts における任意の Java コードを実行される脆弱性 CWE-20
不適切な入力確認 		CVE-2012-0391 2012-01-11 14:57 2012-01-8 Show GitHub Exploit DB Packet Storm
252438 5 警告 Wibu-Systems AG - CodeMeter Runtime におけるサービス運用妨害 (DoS) の脆弱性 CWE-noinfo
情報不足 		CVE-2011-4057 2012-01-11 14:02 2012-01-11 Show GitHub Exploit DB Packet Storm
252439 5 警告 MediaWiki - MediaWiki における重要な情報を取得される脆弱性 CWE-264
認可・権限・アクセス制御 		CVE-2011-4361 2012-01-11 11:22 2011-11-28 Show GitHub Exploit DB Packet Storm
252440 5 警告 MediaWiki - MediaWiki における制限されているすべてのページのタイトルを取得される脆弱性 CWE-264
認可・権限・アクセス制御 		CVE-2011-4360 2012-01-11 11:15 2011-11-28 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:May 28, 2026, 4:16 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
208701 7.8 HIGH
Local 		163 netease_mail_master Guangzhou NetEase Mail Master 4.14.1.1004 on Windows has a DLL hijacking vulnerability. Attackers can use this vulnerability to execute malicious code. CWE-427
 Uncontrolled Search Path Element 		CVE-2020-24161 2024-11-21 14:14 2020-09-4 Show GitHub Exploit DB Packet Storm
208702 7.8 HIGH
Local 		tencent tim Shenzhen Tencent TIM Windows client 3.0.0.21315 has a DLL hijacking vulnerability, which can be exploited by attackers to execute malicious code. CWE-427
 Uncontrolled Search Path Element 		CVE-2020-24160 2024-11-21 14:14 2020-09-4 Show GitHub Exploit DB Packet Storm
208703 7.8 HIGH
Local 		163 netease_youdao_dictionary NetEase Youdao Dictionary has a DLL hijacking vulnerability, which can be exploited by attackers to gain server permissions. This affects Guangzhou NetEase Youdao Dictionary 8.9.2.0. CWE-427
 Uncontrolled Search Path Element 		CVE-2020-24159 2024-11-21 14:14 2020-09-4 Show GitHub Exploit DB Packet Storm
208704 7.8 HIGH
Local 		360 speed_browser 360 Speed Browser 12.0.1247.0 has a DLL hijacking vulnerability, which can be exploited by attackers to execute malicious code. It is a dual-core browser owned by Beijing Qihoo Technology. CWE-427
 Uncontrolled Search Path Element 		CVE-2020-24158 2024-11-21 14:14 2020-09-4 Show GitHub Exploit DB Packet Storm
208705 6.1 MEDIUM
Network 		xuxueli xxl-job Multiple cross-site scripting (XSS) vulnerabilities in xxl-job v2.2.0 allow remote attackers to inject arbitrary web script or HTML via (1) AppName and (2)AddressList parameter in JobGroupController.… CWE-79
Cross-site Scripting 		CVE-2020-23814 2024-11-21 14:14 2020-09-4 Show GitHub Exploit DB Packet Storm
208706 7.5 HIGH
Network 		xuxueli xxl-job xxl-job 2.2.0 allows Information Disclosure of username, model, and password via job/admin/controller/UserController.java. NVD-CWE-noinfo
CVE-2020-23811 2024-11-21 14:14 2020-09-4 Show GitHub Exploit DB Packet Storm
208707 5.5 MEDIUM
Local 		midnightbsd
freebsd 		midnightbsd
freebsd 		In MidnightBSD before 1.2.6 and 1.3 before August 2020, and FreeBSD before 7, a NULL pointer dereference was found in the Linux emulation layer that allows attackers to crash the running kernel. Duri… CWE-476
 NULL Pointer Dereference 		CVE-2020-24385 2024-11-21 14:14 2020-09-4 Show GitHub Exploit DB Packet Storm
208708 6.1 MEDIUM
Network 		golang
fedoraproject
opensuse
oracle 		go
fedora
leap
communications_cloud_native_core_policy 		Go before 1.14.8 and 1.15.x before 1.15.1 allows XSS because text/html is the default for CGI/FCGI handlers that lack a Content-Type header. CWE-79
Cross-site Scripting 		CVE-2020-24553 2024-11-21 14:14 2020-09-3 Show GitHub Exploit DB Packet Storm
208709 9.8 CRITICAL
Network 		forlogic qualiex ForLogic Qualiex v1 and v3 has weak token expiration. This allows remote unauthenticated privilege escalation and access to sensitive data via token reuse. CWE-672
 Operation on a Resource after Expiration or Release 		CVE-2020-24030 2024-11-21 14:14 2020-09-3 Show GitHub Exploit DB Packet Storm
208710 9.8 CRITICAL
Network 		forlogic qualiex Because of unauthenticated password changes in ForLogic Qualiex v1 and v3, customer and admin permissions and data can be accessed via a simple request. CWE-287
Improper Authentication 		CVE-2020-24029 2024-11-21 14:14 2020-09-3 Show GitHub Exploit DB Packet Storm