Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":June 2, 2026, 6 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
252821 4.3 警告 BST - BestShopPro の nowosci.php におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2011-4812 2011-12-16 15:28 2011-12-14 Show GitHub Exploit DB Packet Storm
252822 7.5 危険 BST - BestShopPro の pokaz_podkat.php における SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2011-4811 2011-12-16 15:28 2011-12-14 Show GitHub Exploit DB Packet Storm
252823 5 警告 WHMCS Limited - WHMCS におけるディレクトリトラバーサルの脆弱性 CWE-22
パス・トラバーサル 		CVE-2011-4810 2011-12-16 15:27 2011-12-14 Show GitHub Exploit DB Packet Storm
252824 5 警告 phpAlbum - phpAlbum の main.php におけるディレクトリトラバーサルの脆弱性 CWE-22
パス・トラバーサル 		CVE-2011-4807 2011-12-16 15:23 2011-12-14 Show GitHub Exploit DB Packet Storm
252825 4.3 警告 phpAlbum - phpAlbum の main.php におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2011-4806 2011-12-16 15:20 2011-12-14 Show GitHub Exploit DB Packet Storm
252826 4.3 警告 SAP - SAP Crystal Report Server の pubDBLogon.jsp におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2011-4805 2011-12-16 15:18 2011-12-14 Show GitHub Exploit DB Packet Storm
252827 7.5 危険 Authenex - ASAS Server 上の Authenex Web Management Control における SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2011-4801 2011-12-16 15:16 2011-09-16 Show GitHub Exploit DB Packet Storm
252828 9 危険 Rhino Software - Serv-U FTP サーバにおけるディレクトリトラバーサルの脆弱性 CWE-22
パス・トラバーサル 		CVE-2011-4800 2011-12-16 15:15 2011-12-14 Show GitHub Exploit DB Packet Storm
252829 4.3 警告 マイクロソフト - Microsoft Internet Explorer におけるコンテンツを読まれる脆弱性 CWE-200
情報漏えい 		CVE-2011-3404 2011-12-16 11:52 2011-12-13 Show GitHub Exploit DB Packet Storm
252830 9.3 危険 マイクロソフト - Windows 2008 および Windows 7 上で稼働する Microsoft Internet Explorer 9 における権限昇格の脆弱性 CWE-Other
その他 		CVE-2011-2019 2011-12-16 11:50 2011-12-13 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:June 2, 2026, 4:18 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
208561 7.5 HIGH
Network 		google tensorflow In TensorFlow release candidate versions 2.4.0rc*, the general implementation for matching filesystem paths to globbing pattern is vulnerable to an access out of bounds of the array holding the direc… CWE-125
Out-of-bounds Read 		CVE-2020-26269 2024-11-21 14:19 2020-12-11 Show GitHub Exploit DB Packet Storm
208562 7.8 HIGH
Local 		google tensorflow In affected versions of TensorFlow the tf.raw_ops.DataFormatVecPermute API does not validate the src_format and dst_format attributes. The code assumes that these two arguments define a permutation o… CWE-125
Out-of-bounds Read 		CVE-2020-26267 2024-11-21 14:19 2020-12-11 Show GitHub Exploit DB Packet Storm
208563 5.3 MEDIUM
Local 		google tensorflow In affected versions of TensorFlow under certain cases a saved model can trigger use of uninitialized values during code execution. This is caused by having tensor buffers be filled with the default … CWE-908
 Use of Uninitialized Resource 		CVE-2020-26266 2024-11-21 14:19 2020-12-11 Show GitHub Exploit DB Packet Storm
208564 9.8 CRITICAL
Network 		askey ap5100w_firmware Askey AP5100W_Dual_SIG_1.01.097 and all prior versions use a weak password at the Operating System (rlx-linux) level. This allows an attacker to gain unauthorized access as an admin or root user to t… CWE-521
Weak Password Requirements  		CVE-2020-26201 2024-11-21 14:19 2020-12-11 Show GitHub Exploit DB Packet Storm
208565 4.4 MEDIUM
Local 		google tensorflow In affected versions of TensorFlow the tf.raw_ops.ImmutableConst operation returns a constant tensor created from a memory mapped file which is assumed immutable. However, if the type of the tensor i… NVD-CWE-Other
CVE-2020-26268 2024-11-21 14:19 2020-12-11 Show GitHub Exploit DB Packet Storm
208566 8.8 HIGH
Network 		fastadmin fastadmin The member center function in fastadmin V1.0.0.20200506_beta is vulnerable to a Server-Side Template Injection (SSTI) vulnerability. CWE-74
Injection 		CVE-2020-25967 2024-11-21 14:19 2020-12-11 Show GitHub Exploit DB Packet Storm
208567 3.3 LOW
Local 		google tensorflow In affected versions of TensorFlow under certain cases, loading a saved model can result in accessing uninitialized memory while building the computation graph. The MakeEdge function creates an edge … CWE-125
CWE-908
Out-of-bounds Read
 Use of Uninitialized Resource 		CVE-2020-26271 2024-11-21 14:19 2020-12-11 Show GitHub Exploit DB Packet Storm
208568 5.4 MEDIUM
Network 		gitlab gitlab A XSS vulnerability exists in Gitlab CE/EE from 12.4 before 13.4.7, 13.5 before 13.5.5, and 13.6 before 13.6.2 that allows an attacker to perform cross-site scripting to other users via importing a m… CWE-79
Cross-site Scripting 		CVE-2020-26407 2024-11-21 14:19 2020-12-10 Show GitHub Exploit DB Packet Storm
208569 6.5 MEDIUM
Network 		matrix
fedoraproject 		synapse
fedora 		Matrix is an ecosystem for open federated Instant Messaging and VoIP. Synapse is a reference "homeserver" implementation of Matrix. A malicious or poorly-implemented homeserver can inject malformed e… CWE-400
 Uncontrolled Resource Consumption 		CVE-2020-26257 2024-11-21 14:19 2020-12-10 Show GitHub Exploit DB Packet Storm
208570 7.9 HIGH
Local 		jupyterhub systemdspawner jupyterhub-systemdspawner enables JupyterHub to spawn single-user notebook servers using systemd. In jupyterhub-systemdspawner before version 0.15 user API tokens issued to single-user servers are sp… CWE-668
 Exposure of Resource to Wrong Sphere 		CVE-2020-26261 2024-11-21 14:19 2020-12-10 Show GitHub Exploit DB Packet Storm