Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":April 29, 2026, 6 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
252831 9.3 危険 マイクロソフト - Microsoft Windows Movie Maker および Microsoft Producer におけるバッファオーバーフローの脆弱性 CWE-119
バッファエラー 		CVE-2010-0265 2010-03-19 10:27 2010-03-9 Show GitHub Exploit DB Packet Storm
252832 8.5 危険 Samba Project - Samba の smbd におけるファイルパーミッションを回避される脆弱性 CWE-264
認可・権限・アクセス制御 		CVE-2010-0728 2010-03-18 12:09 2010-03-10 Show GitHub Exploit DB Packet Storm
252833 7.2 危険 IBM - IBM AIX および VIOS の qosmod におけるバッファオーバーフローの脆弱性 CWE-119
バッファエラー 		CVE-2010-0960 2010-03-18 12:09 2010-03-5 Show GitHub Exploit DB Packet Storm
252834 7.2 危険 IBM - IBM AIX および VIOS の qoslist におけるバッファオーバーフローの脆弱性 CWE-119
バッファエラー 		CVE-2010-0961 2010-03-18 12:09 2010-03-5 Show GitHub Exploit DB Packet Storm
252835 9 危険 マイクロソフト - Microsoft Virtual PC の VMM におけるゲスト OS 内で任意のカーネルモードコードを実行される脆弱性 CWE-264
認可・権限・アクセス制御 		CVE-2009-1542 2010-03-17 12:18 2009-07-14 Show GitHub Exploit DB Packet Storm
252836 6.8 警告 IBM - IBM Lotus Domino Web Access におけるクロスサイトリクエストフォージェリの脆弱性 CWE-352
同一生成元ポリシー違反 		CVE-2010-0921 2010-03-16 11:15 2010-03-3 Show GitHub Exploit DB Packet Storm
252837 4.3 警告 IBM - IBM Lotus Domino Web Access におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2010-0920 2010-03-16 11:14 2010-03-3 Show GitHub Exploit DB Packet Storm
252838 10 危険 IBM - IBM Lotus Domino Web Access の UltraLite 機能における脆弱性 CWE-noinfo
情報不足 		CVE-2010-0918 2010-03-16 11:14 2010-03-3 Show GitHub Exploit DB Packet Storm
252839 4.9 警告 サイバートラスト株式会社
レッドハット
SystemTap		 - SystemTap の _get_argv および _get_compat_argv 関数におけるサービス運用妨害 (DoS) の脆弱性 CWE-189
数値処理の問題 		CVE-2010-0411 2010-03-16 11:14 2010-02-8 Show GitHub Exploit DB Packet Storm
252840 10 危険 サイバートラスト株式会社
レッドハット
SystemTap		 - SystemTap の stap-server における任意のコマンドを実行される脆弱性 CWE-94
コード・インジェクション 		CVE-2009-4273 2010-03-16 11:14 2010-01-26 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:April 29, 2026, 4:51 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
199561 6.1 MEDIUM
Network 		online_examination_system_project online_examination_system Cross-site scripting (XSS) vulnerability in Online Examination System 1.0 via the q parameter to feedback.php. CWE-79
Cross-site Scripting 		CVE-2020-29257 2024-11-21 14:23 2020-12-10 Show GitHub Exploit DB Packet Storm
199562 7.5 HIGH
Network 		plummac ik-401_firmware An improper webserver configuration on Plum IK-401 devices with firmware before 1.02 allows an attacker (with network access to the device) to obtain the configuration file, including hashed credenti… CWE-306
Missing Authentication for Critical Function 		CVE-2020-28946 2024-11-21 14:23 2020-12-9 Show GitHub Exploit DB Packet Storm
199563 5.5 MEDIUM
Local 		nlnetlabs
debian 		unbound
name_server_daemon
debian_linux 		NLnet Labs Unbound, up to and including version 1.12.0, and NLnet Labs NSD, up to and including version 4.3.3, contain a local vulnerability that would allow for a local symlink attack. When writing … CWE-59
Link Following 		CVE-2020-28935 2024-11-21 14:23 2020-12-8 Show GitHub Exploit DB Packet Storm
199564 6.1 MEDIUM
Network 		seeddms seeddms Cross-site scripting (XSS) exists in SeedDMS 6.0.13 via the folderid parameter to views/bootstrap/class.DropFolderChooser.php. CWE-79
Cross-site Scripting 		CVE-2020-28727 2024-11-21 14:23 2020-12-7 Show GitHub Exploit DB Packet Storm
199565 7.8 HIGH
Local 		kaspersky anti-ransomware_tool The installer of Kaspersky Anti-Ransomware Tool (KART) prior to KART 4.0 Patch C was vulnerable to a DLL hijacking attack that allowed an attacker to elevate privileges during installation process. CWE-427
 Uncontrolled Search Path Element 		CVE-2020-28950 2024-11-21 14:23 2020-12-5 Show GitHub Exploit DB Packet Storm
199566 5.5 MEDIUM
Local 		qemu
debian 		qemu
debian_linux 		hw/net/e1000e_core.c in QEMU 5.0.0 has an infinite loop via an RX descriptor with a NULL buffer address. CWE-835
 Loop with Unreachable Exit Condition ('Infinite Loop') 		CVE-2020-28916 2024-11-21 14:23 2020-12-4 Show GitHub Exploit DB Packet Storm
199567 2.7 LOW
Network 		lightbend play_framework An issue was discovered in Play Framework 2.8.0 through 2.8.4. Carefully crafted JSON payloads sent as a form field lead to Data Amplification. This affects users migrating from a Play version prior … NVD-CWE-Other
CVE-2020-28923 2024-11-21 14:23 2020-12-4 Show GitHub Exploit DB Packet Storm
199568 7.2 HIGH
Network 		openclinic_project openclinic OpenClinic version 0.8.2 is affected by a medical/test_new.php insecure file upload vulnerability. This vulnerability allows authenticated users (with substantial privileges) to upload malicious file… CWE-434
 Unrestricted Upload of File with Dangerous Type  		CVE-2020-28939 2024-11-21 14:23 2020-12-4 Show GitHub Exploit DB Packet Storm
199569 5.4 MEDIUM
Network 		openclinic_project openclinic OpenClinic version 0.8.2 is affected by a stored XSS vulnerability in lib/Check.php that allows users of the application to force actions on behalf of other users. CWE-79
Cross-site Scripting 		CVE-2020-28938 2024-11-21 14:23 2020-12-4 Show GitHub Exploit DB Packet Storm
199570 7.5 HIGH
Network 		openclinic_project openclinic OpenClinic version 0.8.2 is affected by a missing authentication vulnerability that allows unauthenticated users to access any patient's medical test results, possibly resulting in disclosure of Prot… CWE-306
CWE-425
Missing Authentication for Critical Function
 Direct Request ('Forced Browsing') 		CVE-2020-28937 2024-11-21 14:23 2020-12-4 Show GitHub Exploit DB Packet Storm