Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":May 1, 2026, 12:10 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
252621 9.3 危険 マイクロソフト - Microsoft Word および Microsoft Office における任意のコードを実行される脆弱性 CWE-94
コード・インジェクション 		CVE-2010-2748 2010-10-26 15:33 2010-10-12 Show GitHub Exploit DB Packet Storm
252622 9.3 危険 マイクロソフト - Microsoft Word および Microsoft Office における任意のコードを実行される脆弱性 CWE-94
コード・インジェクション 		CVE-2010-2747 2010-10-26 15:32 2010-10-12 Show GitHub Exploit DB Packet Storm
252623 7.2 危険 マイクロソフト - 複数の Microsoft 製品の OpenType Font フォーマットドライバにおける権限を取得される脆弱性 CWE-264
認可・権限・アクセス制御 		CVE-2010-2741 2010-10-26 15:31 2010-10-12 Show GitHub Exploit DB Packet Storm
252624 7.2 危険 マイクロソフト - 複数の Microsoft 製品の OpenType Font フォーマットドライバにおける権限を取得される脆弱性 CWE-264
認可・権限・アクセス制御 		CVE-2010-2740 2010-10-26 15:29 2010-10-12 Show GitHub Exploit DB Packet Storm
252625 7.2 危険 マイクロソフト - 複数の Microsoft 製品のカーネルモードドライバにおける権限昇格の脆弱性 CWE-264
認可・権限・アクセス制御 		CVE-2010-2744 2010-10-26 15:28 2010-10-12 Show GitHub Exploit DB Packet Storm
252626 4.9 警告 マイクロソフト - 複数の Microsoft 製品のカーネルモードドライバにおける権限昇格の脆弱性 CWE-399
リソース管理の問題 		CVE-2010-2549 2010-10-26 15:28 2010-10-12 Show GitHub Exploit DB Packet Storm
252627 6.5 警告 IBM - Linux 上で稼働する IBM DB2 におけるバッファオーバーフローの脆弱性 CWE-119
バッファエラー 		CVE-2010-0462 2010-10-26 15:24 2010-01-28 Show GitHub Exploit DB Packet Storm
252628 9.3 危険 マイクロソフト - 64-bit プラットフォーム上で稼働している Microsoft .NET Framework の JIT コンパイラにおける任意のコードを実行される脆弱性 CWE-94
コード・インジェクション 		CVE-2010-3228 2010-10-25 16:37 2010-10-12 Show GitHub Exploit DB Packet Storm
252629 9.3 危険 マイクロソフト - 複数の Microsoft 製品の Embedded OpenType Font Engine における整数オーバーフローの脆弱性 CWE-189
数値処理の問題 		CVE-2010-1883 2010-10-25 16:37 2010-10-12 Show GitHub Exploit DB Packet Storm
252630 7.6 危険 マイクロソフト - 複数の Microsoft 製品の Media Player Network Sharing Service における任意のコードを実行される脆弱性 CWE-399
リソース管理の問題 		CVE-2010-3225 2010-10-25 16:36 2010-10-12 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:May 1, 2026, 4:54 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
199781 7.5 HIGH
Network 		wayang-cms_project wayang-cms A SQL injection vulnerability in wy_controlls/wy_side_visitor.php of Wayang-CMS v1.0 allows attackers to obtain sensitive database information. CWE-89
SQL Injection 		CVE-2020-29147 2024-11-21 14:23 2021-07-15 Show GitHub Exploit DB Packet Storm
199782 6.1 MEDIUM
Network 		wayang-cms_project wayang-cms A cross site scripting (XSS) vulnerability in index.php of Wayang-CMS v1.0 allows attackers to execute arbitrary web scripts or HTML via a constructed payload created by adding the X-Forwarded-For fi… CWE-79
Cross-site Scripting 		CVE-2020-29146 2024-11-21 14:23 2021-07-15 Show GitHub Exploit DB Packet Storm
199783 5.3 MEDIUM
Network 		fortinet fortisandbox A concurrent execution using shared resource with improper synchronization ('race condition') in the command shell of FortiSandbox before 3.2.2 may allow an authenticated attacker to bring the system… CWE-362
Race Condition 		CVE-2020-29014 2024-11-21 14:23 2021-07-10 Show GitHub Exploit DB Packet Storm
199784 5.4 MEDIUM
Network 		razormist employee_management_system A Cross Site Scripting in SourceCodester Employee Management System 1.0 allows the user to execute alert messages via /Employee Management System/addemp.php on admin account. CWE-79
Cross-site Scripting 		CVE-2020-29215 2024-11-21 14:23 2021-06-16 Show GitHub Exploit DB Packet Storm
199785 9.8 CRITICAL
Network 		alumni_management_system_project alumni_management_system SQL injection vulnerability in SourceCodester Alumni Management System 1.0 allows the user to inject SQL payload to bypass the authentication via admin/login.php. CWE-89
SQL Injection 		CVE-2020-29214 2024-11-21 14:23 2021-06-16 Show GitHub Exploit DB Packet Storm
199786 6.5 MEDIUM
Network 		nightowlsp smart_doorbell_firmware Incorrect access control in push notification service in Night Owl Smart Doorbell FW version 20190505 allows remote users to send push notification events via an exposed PNS server. A remote attacker… CWE-294
Authentication Bypass by Capture-replay  		CVE-2020-28713 2024-11-21 14:23 2021-06-9 Show GitHub Exploit DB Packet Storm
199787 7.5 HIGH
Network 		dlink dir-895l_mfc_firmware The DLink Router DIR-895L MFC v1.21b05 is vulnerable to credentials disclosure in telnet service through decompilation of firmware, that allows an unauthenticated attacker to gain access to the firmw… CWE-312
 Cleartext Storage of Sensitive Information 		CVE-2020-29324 2024-11-21 14:23 2021-06-5 Show GitHub Exploit DB Packet Storm
199788 7.5 HIGH
Network 		dlink dir-885l-mfc_firmware The D-link router DIR-885L-MFC 1.15b02, v1.21b05 is vulnerable to credentials disclosure in telnet service through decompilation of firmware, that allows an unauthenticated attacker to gain access to… CWE-798
CWE-522
 Use of Hard-coded Credentials
 Insufficiently Protected Credentials 		CVE-2020-29323 2024-11-21 14:23 2021-06-5 Show GitHub Exploit DB Packet Storm
199789 7.5 HIGH
Network 		dlink dir-880l_firmware The D-Link router DIR-880L 1.07 is vulnerable to credentials disclosure in telnet service through decompilation of firmware, that allows an unauthenticated attacker to gain access to the firmware and… CWE-798
CWE-522
 Use of Hard-coded Credentials
 Insufficiently Protected Credentials 		CVE-2020-29322 2024-11-21 14:23 2021-06-5 Show GitHub Exploit DB Packet Storm
199790 7.5 HIGH
Network 		dlink dir-868l_firmware The D-Link router DIR-868L 3.01 is vulnerable to credentials disclosure in telnet service through decompilation of firmware, that allows an unauthenticated attacker to gain access to the firmware and… CWE-798
CWE-522
 Use of Hard-coded Credentials
 Insufficiently Protected Credentials 		CVE-2020-29321 2024-11-21 14:23 2021-06-5 Show GitHub Exploit DB Packet Storm