Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":April 28, 2026, 6 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
252961 9.3 危険 マイクロソフト - Microsoft Internet Explorer において任意のコードが実行される脆弱性 CWE-399
リソース管理の問題 		CVE-2010-0249 2010-02-19 14:21 2010-01-15 Show GitHub Exploit DB Packet Storm
252962 7.5 危険 アップル
MySQL AB		 - MySQL で使用される yaSSL におけるサービス運用妨害 (DoS) の脆弱性 CWE-119
バッファエラー 		CVE-2008-0227 2010-02-19 11:37 2008-01-10 Show GitHub Exploit DB Packet Storm
252963 7.5 危険 アップル
MySQL AB		 - MySQL で使用される yaSSL における複数のバッファオーバーフローの脆弱性 CWE-119
バッファエラー 		CVE-2008-0226 2010-02-19 11:32 2008-01-10 Show GitHub Exploit DB Packet Storm
252964 7.5 危険 Linux
レッドハット		 - Linux kernel の do_coredump 関数における任意のファイルを改ざんされる脆弱性 - CVE-2006-6304 2010-02-18 14:28 2006-12-14 Show GitHub Exploit DB Packet Storm
252965 7.8 危険 Linux
レッドハット		 - Linux kernel の net/ipv4/route.c 用の特定のレッドハットパッチにおけるサービス運用妨害 (DoS) の脆弱性 CWE-20
不適切な入力確認 		CVE-2009-4272 2010-02-18 14:28 2010-01-19 Show GitHub Exploit DB Packet Storm
252966 9.3 危険 レッドハット
リアルネットワークス		 - Realnetworks RealPlayer におけるバッファオーバーフローの脆弱性 CWE-119
バッファエラー 		CVE-2009-4248 2010-02-17 11:48 2010-01-19 Show GitHub Exploit DB Packet Storm
252967 9.3 危険 リアルネットワークス - Realnetworks RealPlayer における任意のコードを実行される脆弱性 CWE-119
バッファエラー 		CVE-2009-4246 2010-02-17 11:48 2010-01-19 Show GitHub Exploit DB Packet Storm
252968 9.3 危険 レッドハット
リアルネットワークス		 - Realnetworks RealPlayer の smlrender.dll における任意のコードを実行される脆弱性 CWE-119
バッファエラー 		CVE-2009-4257 2010-02-17 11:48 2010-01-19 Show GitHub Exploit DB Packet Storm
252969 9.3 危険 レッドハット
リアルネットワークス		 - Realnetworks RealPlayer におけるヒープベースのバッファオーバーフローの脆弱性 CWE-119
バッファエラー 		CVE-2009-4245 2010-02-17 11:48 2010-01-19 Show GitHub Exploit DB Packet Storm
252970 9.3 危険 リアルネットワークス - Realnetworks RealPlayer における任意のコードを実行される脆弱性 CWE-119
バッファエラー 		CVE-2009-4244 2010-02-17 11:48 2010-01-19 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:April 29, 2026, 4:51 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
199471 5.3 MEDIUM
Network 		secomea gatemanager_4250_firmware
gatemanager_4260_firmware
gatemanager_9250_firmware
gatemanager_8250_firmware 		Failure to Sanitize host header value on output in the GateManager Web server could allow an attacker to conduct web cache poisoning attacks. This issue affects Secomea GateManager all versions prior… NVD-CWE-noinfo
CVE-2020-29022 2024-11-21 14:23 2021-02-17 Show GitHub Exploit DB Packet Storm
199472 7.2 HIGH
Network 		open-emr openemr A SQL injection vulnerability in interface/reports/non_reported.php in OpenEMR before 5.0.2.5 allows a remote authenticated attacker to execute arbitrary SQL commands via the form_code parameter. CWE-89
SQL Injection 		CVE-2020-29143 2024-11-21 14:23 2021-02-16 Show GitHub Exploit DB Packet Storm
199473 7.2 HIGH
Network 		open-emr openemr A SQL injection vulnerability in interface/reports/immunization_report.php in OpenEMR before 5.0.2.5 allows a remote authenticated attacker to execute arbitrary SQL commands via the form_code paramet… CWE-89
SQL Injection 		CVE-2020-29140 2024-11-21 14:23 2021-02-16 Show GitHub Exploit DB Packet Storm
199474 7.2 HIGH
Network 		open-emr openemr A SQL injection vulnerability in interface/main/finder/patient_select.php from library/patient.inc in OpenEMR before 5.0.2.5 allows a remote authenticated attacker to execute arbitrary SQL commands v… CWE-89
SQL Injection 		CVE-2020-29139 2024-11-21 14:23 2021-02-16 Show GitHub Exploit DB Packet Storm
199475 7.2 HIGH
Network 		open-emr openemr A SQL injection vulnerability in interface/usergroup/usergroup_admin.php in OpenEMR before 5.0.2.5 allows a remote authenticated attacker to execute arbitrary SQL commands via the schedule_facility p… CWE-89
SQL Injection 		CVE-2020-29142 2024-11-21 14:23 2021-02-16 Show GitHub Exploit DB Packet Storm
199476 8.1 HIGH
Network 		secomea gatemanager_8250_firmware
gatemanager_4250_firmware
gatemanager_4260_firmware
gatemanager_9250_firmware 		An Insecure Direct Object Reference vulnerability exists in the web UI of the GateManager which allows an authenticated attacker to reset the password of any user in its domain or any sub-domain, via… CWE-269
 Improper Privilege Management 		CVE-2020-29031 2024-11-21 14:23 2021-02-16 Show GitHub Exploit DB Packet Storm
199477 6.5 MEDIUM
Network 		secomea gatemanager_8250_firmware
gatemanager_4250_firmware
gatemanager_4260_firmware
gatemanager_9250_firmware 		A directory traversal vulnerability exists in the file upload function of the GateManager that allows an authenticated attacker with administrative permissions to read and write arbitrary files in th… CWE-22
Path Traversal 		CVE-2020-29026 2024-11-21 14:23 2021-02-16 Show GitHub Exploit DB Packet Storm
199478 6.1 MEDIUM
Network 		tipsandtricks-hq wp_security_\&_firewall Cross-site scripting (XSS) vulnerability in admin/wp-security-blacklist-menu.php in the Tips and Tricks HQ All In One WP Security & Firewall (all-in-one-wp-security-and-firewall) plugin before 4.4.6 … CWE-79
Cross-site Scripting 		CVE-2020-29171 2024-11-21 14:23 2021-02-11 Show GitHub Exploit DB Packet Storm
199479 9.8 CRITICAL
Network 		monitorr monitorr Remote code execution in Monitorr v1.7.6m in upload.php allows an unauthorized person to execute arbitrary code on the server-side via an insecure file upload. CWE-434
 Unrestricted Upload of File with Dangerous Type  		CVE-2020-28871 2024-11-21 14:23 2021-02-10 Show GitHub Exploit DB Packet Storm
199480 9.8 CRITICAL
Network 		inoideas inoerp In InoERP 0.7.2, an unauthorized attacker can execute arbitrary code on the server side due to lack of validations in /modules/sys/form_personalization/json_fp.php. CWE-94
CWE-20
Code Injection
 Improper Input Validation  		CVE-2020-28870 2024-11-21 14:23 2021-02-10 Show GitHub Exploit DB Packet Storm