Vulnerability Search Top

Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

Vulnerability Information Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":May 6, 2026, 6 p.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
252441	5	警告	アップル	-	Apple Mac OS X の AFP Server におけるサービス運用妨害 (DoS) の脆弱性	CWE-20 不適切な入力確認	CVE-2010-1828	2010-11-25 15:17	2010-11-15	Show	GitHub Exploit DB Packet Storm

252442	4.3	警告	アップル	-	Apple Mac OS X の Time Machine における重要な情報を取得される脆弱性	CWE-DesignError	CVE-2010-1803	2010-11-25 15:16	2010-11-15	Show	GitHub Exploit DB Packet Storm

252443	7.5	危険	アップル	-	Apple Mac OS X の OpenSSL における X.509 証明書の認証を回避される脆弱性	CWE-310 暗号の問題	CVE-2010-1378	2010-11-25 15:15	2010-11-12	Show	GitHub Exploit DB Packet Storm

252444	4.9	警告	アップル	-	Apple Mac OS X の hfs 実装におけるサービス運用妨害 (DoS) の脆弱性	CWE-DesignError	CVE-2010-0105	2010-11-25 15:15	2010-04-27	Show	GitHub Exploit DB Packet Storm

252445	9.3	危険	アップルアドビシステムズレッドハット	-	Adobe Flash の ActionScript の処理に脆弱性	CWE-94 コード・インジェクション	CVE-2010-0209	2010-11-25 15:14	2010-08-11	Show	GitHub Exploit DB Packet Storm

252446	9.3	危険	アップルアドビシステムズターボリナックスレッドハット	-	Adobe Flash Player および Adobe AIR における任意のコードを実行される脆弱性	CWE-399 CWE-noinfo	CVE-2009-3793	2010-11-25 15:13	2010-06-10	Show	GitHub Exploit DB Packet Storm

252447	6.8	警告	アップル GNU Project ターボリナックスサイバートラスト株式会社レッドハット	-	GNU gzip における任意のコードを実行される脆弱性	CWE-189 数値処理の問題	CVE-2010-0001	2010-11-25 15:12	2010-01-29	Show	GitHub Exploit DB Packet Storm

252448	2.6	注意	アップルサン・マイクロシステムズ Apache Software Foundation	-	Apache HTTP Server 用 mod_perl の Status.pm におけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2009-0796	2010-11-25 15:12	2009-04-7	Show	GitHub Exploit DB Packet Storm

252449	6.8	警告	アップルサイバートラスト株式会社 WebDAV レッドハット	-	neon における X.509 証明書の処理に関する任意の SSL サーバになりすまされる脆弱性	CWE-310 暗号の問題	CVE-2009-2474	2010-11-25 15:11	2009-08-18	Show	GitHub Exploit DB Packet Storm

252450	4.3	警告	アップルサイバートラスト株式会社 WebDAV レッドハット	-	neon におけるサービス運用妨害 (DoS) の脆弱性	CWE-399 リソース管理の問題	CVE-2009-2473	2010-11-25 15:11	2009-08-18	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:May 7, 2026, 4:22 a.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
210131	9.8	CRITICAL Network	3xlogic	infinias_eidc32_firmware infinias_eidc32_web	3xLOGIC Infinias eIDC32 2.213 devices with Web 1.107 allow Authentication Bypass via CMD.HTM?CMD= because authentication depends on the client side's interpretation of the <KEY>MYKEY</KEY> substring.	CWE-287 CWE-319 Improper Authentication Cleartext Transmission of Sensitive Information	CVE-2020-11542	2024-11-21 13:58	2020-04-5	Show	GitHub Exploit DB Packet Storm

210132	5.5	MEDIUM Local	ivanti	workspace_control	Ivanti Workspace Control before 10.4.30.0, when SCCM integration is enabled, allows local users to obtain sensitive information (keying material).	NVD-CWE-noinfo	CVE-2020-11533	2024-11-21 13:58	2020-04-5	Show	GitHub Exploit DB Packet Storm

210133	6.1	MEDIUM Network	getgrav	grav	Common/Grav.php in Grav before 1.7 has an Open Redirect. This is partially fixed in 1.6.23 and still present in 1.6.x.	CWE-601 Open Redirect	CVE-2020-11529	2024-11-21 13:58	2020-04-5	Show	GitHub Exploit DB Packet Storm

210134	7.5	HIGH Network	bit2spr_project	bit2spr	bit2spr 1992-06-07 has a stack-based buffer overflow (129-byte write) in conv_bitmap in bit2spr.c via a long line in a bitmap file.	CWE-787 Out-of-bounds Write	CVE-2020-11528	2024-11-21 13:58	2020-04-5	Show	GitHub Exploit DB Packet Storm

210135	7.5	HIGH Network	zohocorp	manageengine_opmanager	In Zoho ManageEngine OpManager before 12.4.181, an unauthenticated remote attacker can send a specially crafted URI to read arbitrary files.	NVD-CWE-noinfo	CVE-2020-11527	2024-11-21 13:58	2020-04-5	Show	GitHub Exploit DB Packet Storm

210136	9.8	CRITICAL Network	zohocorp	manageengine_adselfservice_plus	Zoho ManageEngine ADSelfService Plus before 5815 allows unauthenticated remote code execution.	NVD-CWE-noinfo	CVE-2020-11518	2024-11-21 13:58	2020-04-4	Show	GitHub Exploit DB Packet Storm

210137	7.4	HIGH Network	gnu debian opensuse canonical fedoraproject	gnutls debian_linux leap ubuntu_linux fedora	GnuTLS 3.6.x before 3.6.13 uses incorrect cryptography for DTLS. The earliest affected version is 3.6.3 (2018-07-16) because of an error in a 2017-10-06 commit. The DTLS client always uses 32 '\0' by…	CWE-330 Use of Insufficiently Random Values	CVE-2020-11501	2024-11-21 13:58	2020-04-3	Show	GitHub Exploit DB Packet Storm

210138	7.5	HIGH Network	zoom	meetings	Zoom Client for Meetings through 4.6.9 uses the ECB mode of AES for video and audio encryption. Within a meeting, all participants use a single 128-bit key.	CWE-327 Use of a Broken or Risky Cryptographic Algorithm	CVE-2020-11500	2024-11-21 13:58	2020-04-3	Show	GitHub Exploit DB Packet Storm

210139	6.1	MEDIUM Network	firmware_analysis_and_comparison_tool_project	firmware_analysis_and_comparison_tool	Firmware Analysis and Comparison Tool (FACT) 3 has Stored XSS when updating analysis details via a localhost web request, as demonstrated by mishandling of the tags and version fields in helperFuncti…	CWE-79 Cross-site Scripting	CVE-2020-11499	2024-11-21 13:58	2020-04-3	Show	GitHub Exploit DB Packet Storm

210140	8.8	HIGH Network	slack	nebula	Slack Nebula through 1.1.0 contains a relative path vulnerability that allows a low-privileged attacker to execute code in the context of the root user via tun_darwin.go or tun_windows.go. A user can…	CWE-22 Path Traversal	CVE-2020-11498	2024-11-21 13:58	2020-04-3	Show	GitHub Exploit DB Packet Storm