Vulnerability Search Top

Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

Vulnerability Information Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":May 12, 2026, 6 p.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
252531	7.2	危険	マイクロソフト	-	Microsoft Windows の win32k.sys における権限昇格の脆弱性	CWE-399 リソース管理の問題	CVE-2011-1236	2011-05-9 11:48	2011-04-12	Show	GitHub Exploit DB Packet Storm

252532	7.2	危険	マイクロソフト	-	Microsoft Windows の win32k.sys における権限昇格の脆弱性	CWE-399 リソース管理の問題	CVE-2011-1235	2011-05-9 11:46	2011-04-12	Show	GitHub Exploit DB Packet Storm

252533	6.8	警告	freedesktop.org サイバートラスト株式会社 foolabs OpenOffice.org Project レッドハット	-	xpdf および poppler などの製品で利用される PDF パーサの FoFiType1::parse 関数における任意のコードを実行される脆弱性	CWE-20 不適切な入力確認	CVE-2010-3704	2011-05-9 11:29	2010-10-7	Show	GitHub Exploit DB Packet Storm

252534	6.8	警告	freedesktop.org サイバートラスト株式会社 foolabs OpenOffice.org Project レッドハット	-	xpdf および poppler などの製品で利用される PDF パーサの Gfx::getPos 関数におけるサービス運用妨害 (DoS) の脆弱性	CWE-20 不適切な入力確認	CVE-2010-3702	2011-05-9 11:26	2010-10-7	Show	GitHub Exploit DB Packet Storm

252535	7.5	危険	サイバートラスト株式会社 The Perl Foundation レッドハットオラクル	-	Perl の Safe モジュールにおける任意のコードを挿入または実行される脆弱性	CWE-264 認可・権限・アクセス制御	CVE-2010-1168	2011-05-9 11:13	2010-06-7	Show	GitHub Exploit DB Packet Storm

252536	9.3	危険	サン・マイクロシステムズサイバートラスト株式会社 Mozilla Foundation レッドハットオラクル	-	Mozilla NSS の正規表現の解析における任意のコードを実行される脆弱性	CWE-119 バッファエラー	CVE-2009-2404	2011-05-9 11:11	2009-08-1	Show	GitHub Exploit DB Packet Storm

252537	7.5	危険	アップルサイバートラスト株式会社 xmlsoft.org レッドハットオラクル	-	libxslt の pattern.c におけるバッファオーバーフローの脆弱性	CWE-119 バッファエラー	CVE-2008-1767	2011-05-9 11:07	2008-05-21	Show	GitHub Exploit DB Packet Storm

252538	9.3	危険	レッドハット GNOME Project オラクル	-	Evolution の iCalendar 添付ファイルの処理に関するヒープベースのバッファオーバーフローの脆弱性	CWE-119 バッファエラー	CVE-2008-1109	2011-05-9 11:04	2008-06-4	Show	GitHub Exploit DB Packet Storm

252539	7.6	危険	レッドハット GNOME Project オラクル	-	Evolution のタイムゾーン処理に関するバッファーオーバーフローの脆弱性	CWE-119 バッファエラー	CVE-2008-1108	2011-05-9 10:51	2008-06-4	Show	GitHub Exploit DB Packet Storm

252540	2.6	注意	レッドハットオラクル	-	gedit の不正なファイル名の処理によるフォーマットストリングの脆弱性	-	CVE-2005-1686	2011-05-9 10:49	2005-05-24	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:May 13, 2026, 5:05 a.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
196251	5.5	MEDIUM Local	huawei	taurus-al00b_firmware	Huawei smartphones Taurus-AL00B with versions earlier than 10.0.0.205(C00E201R7P2) have an improper authentication vulnerability. The software insufficiently validate the user's identity when a user …	CWE-287 Improper Authentication	CVE-2020-9070	2024-11-21 14:39	2020-04-21	Show	GitHub Exploit DB Packet Storm

196252	7.8	HIGH Local	sierrawireless	mobile_broadband_driver_package	The Sierra Wireless Windows Mobile Broadband Driver Packages (MBDP) before build 5043 allows an unprivileged user to overwrite arbitrary files in arbitrary folders using hard links. An unprivileged u…	CWE-59 Link Following	CVE-2020-8948	2024-11-21 14:39	2020-04-16	Show	GitHub Exploit DB Packet Storm

196253	8.8	HIGH Network	wowza	streaming_engine	A remote authenticated authorization-bypass vulnerability in Wowza Streaming Engine 4.8.0 and earlier allows any read-only user to issue requests to the administration panel in order to change functi…	CWE-306 Missing Authentication for Critical Function	CVE-2020-9004	2024-11-21 14:39	2020-04-15	Show	GitHub Exploit DB Packet Storm

196254	5.4	MEDIUM Network	periscopeholdings	buyspeed	Periscope BuySpeed version 14.5 is vulnerable to stored cross-site scripting, which could allow a local, authenticated attacker to store arbitrary JavaScript within the application. This JavaScript i…	CWE-79 Cross-site Scripting	CVE-2020-9056	2024-11-21 14:39	2020-04-11	Show	GitHub Exploit DB Packet Storm

196255	9.8	CRITICAL Network	avira	free_antivirus	An issue was discovered in Avira Free-Antivirus before 15.0.2004.1825. The Self-Protection feature does not prohibit a write operation from an external process. Thus, code injection can be used to tu…	NVD-CWE-noinfo	CVE-2020-8961	2024-11-21 14:39	2020-04-10	Show	GitHub Exploit DB Packet Storm

196256	8.8	HIGH Network	argoproj	argo_cd	As of v1.5.0, the default admin password is set to the argocd-server pod name. For insiders with access to the cluster or logs, this issue could be abused for privilege escalation, as Argo has privil…	CWE-287 CWE-1188 Improper Authentication Insecure Default Initialization of Resource	CVE-2020-8828	2024-11-21 14:39	2020-04-9	Show	GitHub Exploit DB Packet Storm

196257	7.5	HIGH Network	argoproj	argo_cd	As of v1.5.0, the Argo API does not implement anti-automation measures such as rate limiting, account lockouts, or other anti-bruteforce measures. Attackers can submit an unlimited number of authenti…	CWE-307 mproper Restriction of Excessive Authentication Attempts	CVE-2020-8827	2024-11-21 14:39	2020-04-9	Show	GitHub Exploit DB Packet Storm

196258	7.5	HIGH Network	argoproj	argo_cd	As of v1.5.0, the Argo web interface authentication system issued immutable tokens. Authentication tokens, once issued, were usable forever without expiration—there was no refresh or forced re-authen…	CWE-384 Session Fixation	CVE-2020-8826	2024-11-21 14:39	2020-04-9	Show	GitHub Exploit DB Packet Storm

196259	5.5	MEDIUM Local	canonical netapp	ubuntu_linux cloud_backup steelstore_cloud_integrated_storage solidfire_\&_hci_management_node aff_8300_firmware aff_8700_firmware aff_a220_firmware aff_a320_firmware aff_…	The fix for the Linux kernel in Ubuntu 18.04 LTS for CVE-2019-14615 ("The Linux kernel did not properly clear data structures on context switches for certain Intel graphics processors.") was discover…	CWE-200 Information Exposure	CVE-2020-8832	2024-11-21 14:39	2020-04-10	Show	GitHub Exploit DB Packet Storm

196260	6.5	MEDIUM Local	linux canonical opensuse	linux_kernel ubuntu_linux leap	KVM in the Linux kernel on Power8 processors has a conflicting use of HSTATE_HOST_R1 to store r1 state in kvmppc_hv_entry plus in kvmppc_{save,restore}_tm, leading to a stack corruption. Because of t…	CWE-362 Race Condition	CVE-2020-8834	2024-11-21 14:39	2020-04-10	Show	GitHub Exploit DB Packet Storm