Vulnerability Search Top

Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

Vulnerability Information Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":May 13, 2026, 6 p.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
252661	7.2	危険	マイクロソフト	-	Microsoft Windows の win32k.sys における権限昇格の脆弱性	CWE-Other その他	CVE-2011-1225	2011-05-9 12:01	2011-04-12	Show	GitHub Exploit DB Packet Storm

252662	7.2	危険	マイクロソフト	-	Microsoft Windows の win32k.sys における権限昇格の脆弱性	CWE-Other その他	CVE-2011-0677	2011-05-9 11:59	2011-04-12	Show	GitHub Exploit DB Packet Storm

252663	7.2	危険	マイクロソフト	-	Microsoft Windows の win32k.sys における権限昇格の脆弱性	CWE-Other その他	CVE-2011-0676	2011-05-9 11:57	2011-04-12	Show	GitHub Exploit DB Packet Storm

252664	7.2	危険	マイクロソフト	-	Microsoft Windows XP の win32k.sys における権限昇格の脆弱性	CWE-Other その他	CVE-2011-0673	2011-05-9 11:56	2011-04-12	Show	GitHub Exploit DB Packet Storm

252665	7.2	危険	マイクロソフト	-	Microsoft Windows の win32k.sys における権限昇格の脆弱性	CWE-399 リソース管理の問題	CVE-2011-1242	2011-05-9 11:55	2011-04-12	Show	GitHub Exploit DB Packet Storm

252666	7.2	危険	マイクロソフト	-	Microsoft Windows の win32k.sys における権限昇格の脆弱性	CWE-399 リソース管理の問題	CVE-2011-1241	2011-05-9 11:53	2011-04-12	Show	GitHub Exploit DB Packet Storm

252667	7.2	危険	マイクロソフト	-	Microsoft Windows の win32k.sys における権限昇格の脆弱性	CWE-399 リソース管理の問題	CVE-2011-1240	2011-05-9 11:52	2011-04-12	Show	GitHub Exploit DB Packet Storm

252668	7.2	危険	マイクロソフト	-	Microsoft Windows の win32k.sys における権限昇格の脆弱性	CWE-399 リソース管理の問題	CVE-2011-1239	2011-05-9 11:51	2011-04-12	Show	GitHub Exploit DB Packet Storm

252669	7.2	危険	マイクロソフト	-	Microsoft Windows の win32k.sys における権限昇格の脆弱性	CWE-399 リソース管理の問題	CVE-2011-1238	2011-05-9 11:50	2011-04-12	Show	GitHub Exploit DB Packet Storm

252670	7.2	危険	マイクロソフト	-	Microsoft Windows の win32k.sys における権限昇格の脆弱性	CWE-399 リソース管理の問題	CVE-2011-1237	2011-05-9 11:49	2011-04-12	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:May 14, 2026, 4 a.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
209531	6.5	MEDIUM Network	gogs	gogs	In Gogs 0.11.91, MakeEmailPrimary in models/user_mail.go lacks a "not the owner of the email" check.	CWE-281 Improper Preservation of Permissions	CVE-2020-14958	2024-11-21 14:04	2020-06-22	Show	GitHub Exploit DB Packet Storm

209532	5.9	MEDIUM Network	mutt debian neomutt fedoraproject canonical opensuse	mutt debian_linux neomutt fedora ubuntu_linux leap	Mutt before 1.14.4 and NeoMutt before 2020-06-19 have a STARTTLS buffering issue that affects IMAP, SMTP, and POP3. When a server sends a "begin TLS" response, the client reads additional data (e.g.,…	CWE-74 Injection	CVE-2020-14954	2024-11-21 14:04	2020-06-22	Show	GitHub Exploit DB Packet Storm

209533	8.8	HIGH Network	aapanel	aapanel	aaPanel through 6.6.6 allows remote authenticated users to execute arbitrary commands via shell metacharacters in a modified /system?action=ServiceAdmin request (start, stop, or restart) to the setti…	CWE-78 OS Command	CVE-2020-14950	2024-11-21 14:04	2020-06-22	Show	GitHub Exploit DB Packet Storm

209534	9.8	CRITICAL Network	tendenci	tendenci	Tendenci 12.0.10 allows unrestricted deserialization in apps\helpdesk\views\staff.py.	CWE-502 Deserialization of Untrusted Data	CVE-2020-14942	2024-11-21 14:04	2020-06-22	Show	GitHub Exploit DB Packet Storm

209535	8.8	HIGH Network	squirrelmail	squirrelmail	compose.php in SquirrelMail 1.4.22 calls unserialize for the $attachments value, which originates from an HTTP POST request. NOTE: the vendor disputes this because these two conditions for PHP object…	CWE-502 Deserialization of Untrusted Data	CVE-2020-14933	2024-11-21 14:04	2020-06-20	Show	GitHub Exploit DB Packet Storm

209536	9.8	CRITICAL Network	squirrelmail	squirrelmail	compose.php in SquirrelMail 1.4.22 calls unserialize for the $mailtodata value, which originates from an HTTP GET request. This is related to mailto.php.	CWE-502 Deserialization of Untrusted Data	CVE-2020-14932	2024-11-21 14:04	2020-06-20	Show	GitHub Exploit DB Packet Storm

209537	9.8	CRITICAL Network	dmitry_project	dmitry	A stack-based buffer overflow in DMitry (Deepmagic Information Gathering Tool) 1.3a might allow remote WHOIS servers to execute arbitrary code via a long line in a response that is mishandled by nic_…	CWE-787 Out-of-bounds Write	CVE-2020-14931	2024-11-21 14:04	2020-06-20	Show	GitHub Exploit DB Packet Storm

209538	8.1	HIGH Network	bt_ctroms_terminal_project	bt_ctroms_terminal	An issue was discovered in BT CTROMS Terminal OS Port Portal CT-464. Account takeover can occur because the password-reset feature discloses the verification token. Upon a getverificationcode.jsp req…	CWE-319 CWE-522 Cleartext Transmission of Sensitive Information Insufficiently Protected Credentials	CVE-2020-14930	2024-11-21 14:04	2020-06-20	Show	GitHub Exploit DB Packet Storm

209539	7.5	HIGH Network	alpine_project fedoraproject debian	alpine fedora debian_linux	Alpine before 2.23 silently proceeds to use an insecure connection after a /tls is sent in certain circumstances involving PREAUTH, which is a less secure behavior than the alternative of closing the…	NVD-CWE-Other	CVE-2020-14929	2024-11-21 14:04	2020-06-20	Show	GitHub Exploit DB Packet Storm

209540	4.8	MEDIUM Network	naviwebs	navigate_cms	Navigate CMS 2.9 allows XSS via the Alias or Real URL field of the "Web Sites > Create > Aliases > Add" screen.	CWE-79 Cross-site Scripting	CVE-2020-14927	2024-11-21 14:04	2020-06-20	Show	GitHub Exploit DB Packet Storm