Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":May 4, 2026, noon

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
252921 9.3 危険 アドビシステムズ - Adobe Shockwave Player における整数符号エラーの脆弱性 CWE-189
数値処理の問題 		CVE-2010-2875 2010-09-13 15:44 2010-08-24 Show GitHub Exploit DB Packet Storm
252922 9.3 危険 アドビシステムズ - Adobe Shockwave Player における任意のコードを実行される脆弱性 CWE-399
リソース管理の問題 		CVE-2010-2874 2010-09-13 15:44 2010-08-24 Show GitHub Exploit DB Packet Storm
252923 9.3 危険 アドビシステムズ - Adobe Shockwave Player における任意のコードを実行される脆弱性 CWE-20
不適切な入力確認 		CVE-2010-2873 2010-09-13 15:43 2010-08-24 Show GitHub Exploit DB Packet Storm
252924 9.3 危険 アドビシステムズ - Adobe Shockwave Player における任意のコードを実行される脆弱性 CWE-20
不適切な入力確認 		CVE-2010-2872 2010-09-10 15:17 2010-08-24 Show GitHub Exploit DB Packet Storm
252925 9.3 危険 アドビシステムズ - Adobe Shockwave Player の 3D オブジェクト関数における整数オーバーフローの脆弱性 CWE-189
数値処理の問題 		CVE-2010-2871 2010-09-10 15:17 2010-08-24 Show GitHub Exploit DB Packet Storm
252926 9.3 危険 アドビシステムズ - Adobe Shockwave Player の DIRAPIX.dll における任意のコードを実行される脆弱性 CWE-119
バッファエラー 		CVE-2010-2870 2010-09-10 15:17 2010-08-24 Show GitHub Exploit DB Packet Storm
252927 9.3 危険 アドビシステムズ - Adobe Shockwave Player の IML32.dll における任意のコードを実行される脆弱性 CWE-119
バッファエラー 		CVE-2010-2869 2010-09-10 15:16 2010-08-24 Show GitHub Exploit DB Packet Storm
252928 9.3 危険 アドビシステムズ - Adobe Shockwave Player の IML32.dll における任意のコードを実行される脆弱性 CWE-119
バッファエラー 		CVE-2010-2868 2010-09-10 15:16 2010-08-24 Show GitHub Exploit DB Packet Storm
252929 4.3 警告 futomi - futomi's CGI Cafe 製高機能アクセス解析CGI におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2010-2366 2010-09-10 12:01 2010-09-10 Show GitHub Exploit DB Packet Storm
252930 9.3 危険 アドビシステムズ - Adobe Shockwave Player の DIRAPIX.dll における任意のコードを実行される脆弱性 CWE-119
バッファエラー 		CVE-2010-2867 2010-09-9 13:35 2010-08-24 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:May 4, 2026, 4:06 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
200471 5.4 MEDIUM
Network 		progress moveit_transfer In Progress MOVEit Transfer before 2020.1, a malicious user could craft and store a payload within the application. If a victim within the MOVEit Transfer instance interacts with the stored payload, … CWE-79
Cross-site Scripting 		CVE-2020-28647 2024-11-21 14:23 2020-11-17 Show GitHub Exploit DB Packet Storm
200472 8.8 HIGH
Network 		horizontcms_project horizontcms An unrestricted file upload issue in HorizontCMS 1.0.0-beta allows an authenticated remote attacker to upload PHP code through a zip file by uploading a theme, and executing the PHP file via an HTTP … CWE-434
 Unrestricted Upload of File with Dangerous Type  		CVE-2020-28693 2024-11-21 14:23 2020-11-17 Show GitHub Exploit DB Packet Storm
200473 7.2 HIGH
Network 		gilacms gila_cms In Gila CMS 1.16.0, an attacker can upload a shell to tmp directy and abuse .htaccess through the logs function for executing PHP files. CWE-434
 Unrestricted Upload of File with Dangerous Type  		CVE-2020-28692 2024-11-21 14:23 2020-11-17 Show GitHub Exploit DB Packet Storm
200474 7.5 HIGH
Network 		cloudavid pparam Memory leak in IPv6Param::setAddress in CloudAvid PParam 1.3.1. CWE-401
 Missing Release of Memory after Effective Lifetime 		CVE-2020-28723 2024-11-21 14:23 2020-11-17 Show GitHub Exploit DB Packet Storm
200475 6.8 MEDIUM
Physics 		vw polo_firmware The update functionality of the Discover Media infotainment system in Volkswagen Polo 2019 vehicles allows physically proximate attackers to execute arbitrary code because some unsigned parts of a me… CWE-354
 Improper Validation of Integrity Check Value 		CVE-2020-28656 2024-11-21 14:23 2020-11-16 Show GitHub Exploit DB Packet Storm
200476 5.4 MEDIUM
Network 		wpbakery page_builder The WPBakery plugin before 6.4.1 for WordPress allows XSS because it calls kses_remove_filters to disable the standard WordPress XSS protection mechanism for the Author and Contributor roles. CWE-79
Cross-site Scripting 		CVE-2020-28650 2024-11-21 14:23 2020-11-16 Show GitHub Exploit DB Packet Storm
200477 8.8 HIGH
Network 		orbisius child_theme_creator The orbisius-child-theme-creator plugin before 1.5.2 for WordPress allows CSRF via orbisius_ctc_theme_editor_manage_file. CWE-352
 Origin Validation Error 		CVE-2020-28649 2024-11-21 14:23 2020-11-16 Show GitHub Exploit DB Packet Storm
200478 8.8 HIGH
Network 		nagios nagios_xi Improper input validation in the Auto-Discovery component of Nagios XI before 5.7.5 allows an authenticated attacker to execute remote code. CWE-20
 Improper Input Validation  		CVE-2020-28648 2024-11-21 14:23 2020-11-16 Show GitHub Exploit DB Packet Storm
200479 9.8 CRITICAL
Network 		infinitewp infinitewp In InfiniteWP Admin Panel before 3.1.12.3, resetPasswordSendMail generates a weak password-reset code, which makes it easier for remote attackers to conduct admin Account Takeover attacks. CWE-338
 Use of Cryptographically Weak Pseudo-Random Number Generator (PRNG) 		CVE-2020-28642 2024-11-21 14:23 2020-11-16 Show GitHub Exploit DB Packet Storm
200480 9.8 CRITICAL
Network 		dyne tomb ask_password in Tomb 2.0 through 2.7 returns a warning when pinentry-curses is used and $DISPLAY is non-empty, causing affected users' files to be encrypted with "tomb {W] Detected DISPLAY, but only … CWE-287
Improper Authentication 		CVE-2020-28638 2024-11-21 14:23 2020-11-14 Show GitHub Exploit DB Packet Storm