Vulnerability Search Top

Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

Vulnerability Information Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":May 10, 2026, 6 p.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
252481	7.2	危険	マイクロソフト	-	Microsoft Windows XP の Trace Events 機能における権限昇格の脆弱性	CWE-119 バッファエラー	CVE-2011-0045	2011-03-7 14:49	2011-02-8	Show	GitHub Exploit DB Packet Storm

252482	7.2	危険	マイクロソフト	-	複数の Microsoft 製品の Local Security Authority Subsystem Service における権限昇格の脆弱性	CWE-287 不適切な認証	CVE-2011-0039	2011-03-7 14:47	2011-02-8	Show	GitHub Exploit DB Packet Storm

252483	6.8	警告	OTRS プロジェクト	-	OTRS における OS コマンドインジェクションの脆弱性	CWE-78 OSコマンド・インジェクション	CVE-2011-0456	2011-03-7 12:02	2011-03-7	Show	GitHub Exploit DB Packet Storm

252484	7.1	危険	マイクロソフト	-	複数の Microsoft 製品の JScript および VBScript スクリプトエンジンにおける重要な情報を取得される脆弱性	CWE-200 情報漏えい	CVE-2011-0031	2011-03-4 15:12	2011-02-8	Show	GitHub Exploit DB Packet Storm

252485	9.3	危険	マイクロソフト	-	Microsoft Visio の ELEMENTS.DLL における任意のコードを実行される脆弱性	CWE-94 コード・インジェクション	CVE-2011-0093	2011-03-4 15:09	2011-02-8	Show	GitHub Exploit DB Packet Storm

252486	9.3	危険	マイクロソフト	-	Microsoft Visio の LZW ストリーム圧縮機能における任意のコードを実行される脆弱性	CWE-94 コード・インジェクション	CVE-2011-0092	2011-03-4 15:06	2011-02-8	Show	GitHub Exploit DB Packet Storm

252487	5	警告	マイクロソフト	-	Windows Server 2003 上で稼働する Microsoft Active Directory におけるサービス運用妨害 (DoS) の脆弱性	CWE-20 不適切な入力確認	CVE-2011-0040	2011-03-4 15:02	2011-02-8	Show	GitHub Exploit DB Packet Storm

252488	9.3	危険	マイクロソフト	-	複数の Microsoft 製品の Windows OpenType Compact Font Format ドライバにおける任意のコードを実行される脆弱性	CWE-20 不適切な入力確認	CVE-2011-0033	2011-03-4 15:00	2011-02-8	Show	GitHub Exploit DB Packet Storm

252489	9.3	危険	マイクロソフト	-	Microsoft Internet Explorer 8 における権限昇格の脆弱性	CWE-Other その他	CVE-2011-0038	2011-03-4 14:53	2011-02-8	Show	GitHub Exploit DB Packet Storm

252490	9.3	危険	マイクロソフト	-	Microsoft Internet Explorer における任意のコードを実行される脆弱性	CWE-94 コード・インジェクション	CVE-2011-0036	2011-03-4 14:50	2011-02-8	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:May 11, 2026, 4:09 a.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
209881	5.9	MEDIUM Network	pichi_project	pichi	The boost ASIO wrapper in net/asio.cpp in Pichi before 1.3.0 lacks TLS hostname verification.	CWE-295 Improper Certificate Validation	CVE-2020-13616	2024-11-21 14:01	2020-05-27	Show	GitHub Exploit DB Packet Storm

209882	5.9	MEDIUM Network	qore	qore	lib/QoreSocket.cpp in Qore before 0.9.4.2 lacks hostname verification for X.509 certificates.	CWE-295 Improper Certificate Validation	CVE-2020-13615	2024-11-21 14:01	2020-05-27	Show	GitHub Exploit DB Packet Storm

209883	5.9	MEDIUM Network	axel_project fedoraproject opensuse	axel fedora leap backports_sle	An issue was discovered in ssl.c in Axel before 2.17.8. The TLS implementation lacks hostname verification.	CWE-295 Improper Certificate Validation	CVE-2020-13614	2024-11-21 14:01	2020-05-27	Show	GitHub Exploit DB Packet Storm

209884	4.8	MEDIUM Network	bbpress	bbpress	The bbPress plugin through 2.6.4 for WordPress has stored XSS in the Forum creation section, resulting in JavaScript execution at wp-admin/edit.php?post_type=forum (aka the Forum listing page) for al…	CWE-79 Cross-site Scripting	CVE-2020-13487	2024-11-21 14:01	2020-05-26	Show	GitHub Exploit DB Packet Storm

209885	6.1	MEDIUM Network	verbb	knock_knock	The Knock Knock plugin before 1.2.8 for Craft CMS allows malicious redirection.	CWE-601 Open Redirect	CVE-2020-13486	2024-11-21 14:01	2020-05-26	Show	GitHub Exploit DB Packet Storm

209886	9.1	CRITICAL Network	verbb	knock_knock	The Knock Knock plugin before 1.2.8 for Craft CMS allows IP Whitelist bypass via an X-Forwarded-For HTTP header.	CWE-697 Incorrect Comparison	CVE-2020-13485	2024-11-21 14:01	2020-05-26	Show	GitHub Exploit DB Packet Storm

209887	7.4	HIGH Network	em-http-request_project fedoraproject	em-http-request fedora	EM-HTTP-Request 1.1.5 uses the library eventmachine in an insecure way that allows an attacker to perform a man-in-the-middle attack against users of the library. The hostname in a TLS server certifi…	CWE-295 Improper Certificate Validation	CVE-2020-13482	2024-11-21 14:01	2020-05-26	Show	GitHub Exploit DB Packet Storm

209888	5.4	MEDIUM Network	verbb	image_resizer	An issue was discovered in the Image Resizer plugin before 2.0.9 for Craft CMS. There is stored XSS in the Bulk Resize action.	CWE-79 Cross-site Scripting	CVE-2020-13459	2024-11-21 14:01	2020-05-26	Show	GitHub Exploit DB Packet Storm

209889	8.8	HIGH Network	verbb	image_resizer	An issue was discovered in the Image Resizer plugin before 2.0.9 for Craft CMS. There are CSRF issues with the log-clear controller action.	CWE-352 Origin Validation Error	CVE-2020-13458	2024-11-21 14:01	2020-05-26	Show	GitHub Exploit DB Packet Storm

209890	9.8	CRITICAL Network	dext5	dext5	A Remote code execution vulnerability exists in DEXT5Upload in DEXT5 through 2.7.1402870. An attacker can upload a PHP file via dext5handler.jsp handler because the uploaded file is stored under dext…	CWE-434 Unrestricted Upload of File with Dangerous Type	CVE-2020-13442	2024-11-21 14:01	2020-05-26	Show	GitHub Exploit DB Packet Storm