Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":April 30, 2026, 6 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
252861 4.9 警告 オラクル - Oracle Solaris における GigaSwift Ethernet ドライバの処理に関する脆弱性 CWE-noinfo
情報不足 		CVE-2010-2386 2010-08-3 19:20 2010-07-13 Show GitHub Exploit DB Packet Storm
252862 5.6 警告 オラクル - Oracle Solaris における ZFS の処理に関する脆弱性 CWE-noinfo
情報不足 		CVE-2010-2392 2010-08-3 19:20 2010-07-13 Show GitHub Exploit DB Packet Storm
252863 6.2 警告 オラクル - Oracle Solaris における rdist の処理に関する脆弱性 CWE-noinfo
情報不足 		CVE-2010-0916 2010-08-3 19:20 2010-07-13 Show GitHub Exploit DB Packet Storm
252864 7.5 危険 OpenBSD
FreeBSD
オラクル
NetBSD		 - 複数の製品の ftpd におけるクロスサイトリクエストフォージェリの脆弱性 CWE-352
同一生成元ポリシー違反 		CVE-2008-4247 2010-08-3 19:19 2008-09-25 Show GitHub Exploit DB Packet Storm
252865 7.5 危険 ターボリナックス
MySQL AB		 - MySQL で使用される yaSSL における複数のスタックベースのバッファオーバーフローの脆弱性 CWE-119
バッファエラー 		CVE-2009-4484 2010-08-3 18:59 2009-12-30 Show GitHub Exploit DB Packet Storm
252866 2.1 注意 オラクル - Oracle Database Server の Export コンポーネントにおける脆弱性 CWE-noinfo
情報不足 		CVE-2010-0901 2010-08-2 19:32 2010-07-13 Show GitHub Exploit DB Packet Storm
252867 2.6 注意 オラクル - Windows 上で稼働する Oracle Database Server の Network Layer コンポーネントにおける脆弱性 CWE-noinfo
情報不足 		CVE-2010-0900 2010-08-2 19:32 2010-07-13 Show GitHub Exploit DB Packet Storm
252868 4.3 警告 オラクル - Oracle Database Server の Application Express コンポーネントにおける脆弱性 CWE-noinfo
情報不足 		CVE-2010-0892 2010-08-2 19:32 2010-07-13 Show GitHub Exploit DB Packet Storm
252869 6 警告 オラクル - Oracle Database Server の Oracle OLAP コンポーネントにおける脆弱性 CWE-noinfo
情報不足 		CVE-2010-0902 2010-08-2 19:31 2010-07-13 Show GitHub Exploit DB Packet Storm
252870 7.8 危険 オラクル - Windows 上で稼働する Oracle Database Server の Net Foundation Layer コンポーネントにおける脆弱性 CWE-noinfo
情報不足 		CVE-2010-0903 2010-08-2 19:31 2010-07-13 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:April 30, 2026, 4:58 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
198411 9.8 CRITICAL
Network 		clusterlabs hawk An issue was discovered in ClusterLabs Hawk 2.x through 2.3.0-x. There is a Ruby shell code injection issue via the hawk_remember_me_id parameter in the login_from_cookie cookie. The user logout rout… CWE-78
OS Command  		CVE-2020-35458 2024-11-21 14:27 2021-01-13 Show GitHub Exploit DB Packet Storm
198412 5.4 MEDIUM
Network 		python
fedoraproject 		pillow
fedora 		In Pillow before 8.1.0, SGIRleDecode has a 4-byte buffer over-read when decoding crafted SGI RLE image files because offsets and length tables are mishandled. CWE-125
Out-of-bounds Read 		CVE-2020-35655 2024-11-21 14:27 2021-01-12 Show GitHub Exploit DB Packet Storm
198413 8.8 HIGH
Network 		python
fedoraproject 		pillow
fedora 		In Pillow before 8.1.0, TiffDecode has a heap-based buffer overflow when decoding crafted YCbCr files because of certain interpretation conflicts with LibTIFF in RGBA mode. CWE-787
 Out-of-bounds Write 		CVE-2020-35654 2024-11-21 14:27 2021-01-12 Show GitHub Exploit DB Packet Storm
198414 7.1 HIGH
Network 		python
fedoraproject
debian 		pillow
fedora
debian_linux 		In Pillow before 8.1.0, PcxDecode has a buffer over-read when decoding a crafted PCX file because the user-supplied stride value is trusted for buffer calculations. CWE-125
Out-of-bounds Read 		CVE-2020-35653 2024-11-21 14:27 2021-01-12 Show GitHub Exploit DB Packet Storm
198415 8.8 HIGH
Network 		cacti
fedoraproject 		cacti
fedora 		An issue was discovered in Cacti 1.2.x through 1.2.16. A SQL injection vulnerability in data_debug.php allows remote authenticated attackers to execute arbitrary SQL commands via the site_id paramete… CWE-89
SQL Injection 		CVE-2020-35701 2024-11-21 14:27 2021-01-12 Show GitHub Exploit DB Packet Storm
198416 7.8 HIGH
Local 		anydesk anydesk AnyDesk before 6.1.0 on Windows, when run in portable mode on a system where the attacker has write access to the application directory, allows this attacker to compromise a local user account via a … CWE-427
 Uncontrolled Search Path Element 		CVE-2020-35483 2024-11-21 14:27 2021-01-12 Show GitHub Exploit DB Packet Storm
198417 5.4 MEDIUM
Network 		quest policy_authority_for_unified_communications Reflected XSS in Quest Policy Authority 8.1.2.200 allows remote attackers to inject malicious code into the browser via a specially crafted link to the BrowseDirs.do file via the title parameter. NOT… CWE-79
Cross-site Scripting 		CVE-2020-35727 2024-11-21 14:27 2021-01-11 Show GitHub Exploit DB Packet Storm
198418 6.1 MEDIUM
Network 		quest policy_authority_for_unified_communications Reflected XSS in Quest Policy Authority 8.1.2.200 allows remote attackers to inject malicious code into the browser via a specially crafted link to the /WebCM/Applications/Reports/index.jsp file via … CWE-79
Cross-site Scripting 		CVE-2020-35726 2024-11-21 14:27 2021-01-11 Show GitHub Exploit DB Packet Storm
198419 6.1 MEDIUM
Network 		quest policy_authority_for_unified_communications Reflected XSS in Quest Policy Authority 8.1.2.200 allows remote attackers to inject malicious code into the browser via a specially crafted link to the /WebCM/index.jsp file via the msg parameter. NO… CWE-79
Cross-site Scripting 		CVE-2020-35725 2024-11-21 14:27 2021-01-11 Show GitHub Exploit DB Packet Storm
198420 5.4 MEDIUM
Network 		quest policy_authority_for_unified_communications Reflected XSS in Quest Policy Authority 8.1.2.200 allows remote attackers to inject malicious code into the browser via a specially crafted link to the Error.jsp file via the err parameter (or indire… CWE-79
Cross-site Scripting 		CVE-2020-35724 2024-11-21 14:27 2021-01-11 Show GitHub Exploit DB Packet Storm