Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":May 24, 2026, 6 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
253101 6.8 警告 Django Software Foundation - Django の CSRF 保護メカニズムにおける認証されずに偽造されたリクエストを誘発される脆弱性 CWE-352
同一生成元ポリシー違反 		CVE-2011-4140 2011-10-25 16:54 2011-09-9 Show GitHub Exploit DB Packet Storm
253102 5 警告 Django Software Foundation - Django におけるキャッシュポイズニング攻撃を誘発される脆弱性 CWE-20
不適切な入力確認 		CVE-2011-4139 2011-10-25 16:54 2011-09-9 Show GitHub Exploit DB Packet Storm
253103 5 警告 Django Software Foundation - Django の URLField 実装内にある verify_exists 機能における任意の GET リクエストを誘発される脆弱性 CWE-20
不適切な入力確認 		CVE-2011-4138 2011-10-25 16:53 2011-09-9 Show GitHub Exploit DB Packet Storm
253104 5 警告 Django Software Foundation - Django の URLField 実装内にある verify_exists 機能におけるサービス運用妨害 (リソース消費) の脆弱性 CWE-399
リソース管理の問題 		CVE-2011-4137 2011-10-25 16:53 2011-09-9 Show GitHub Exploit DB Packet Storm
253105 5.8 警告 Django Software Foundation - Django の django.contrib.sessions におけるセッションを変更される脆弱性 CWE-20
不適切な入力確認 		CVE-2011-4136 2011-10-25 16:52 2011-09-9 Show GitHub Exploit DB Packet Storm
253106 4.3 警告 シスコシステムズ - Cisco TelePresence Video Communication Servers の管理インターフェイスにおけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2011-3294 2011-10-25 16:50 2011-10-12 Show GitHub Exploit DB Packet Storm
253107 10 危険 ヒューレット・パッカード - HP Data Protector における任意のコードを実行される脆弱性 CWE-noinfo
情報不足 		CVE-2011-3162 2011-10-25 16:50 2011-10-18 Show GitHub Exploit DB Packet Storm
253108 10 危険 ヒューレット・パッカード - HP Data Protector における任意のコードを実行される脆弱性 CWE-noinfo
情報不足 		CVE-2011-3161 2011-10-25 16:49 2011-10-18 Show GitHub Exploit DB Packet Storm
253109 10 危険 ヒューレット・パッカード - HP Data Protector における任意のコードを実行される脆弱性 CWE-noinfo
情報不足 		CVE-2011-3160 2011-10-25 16:48 2011-10-18 Show GitHub Exploit DB Packet Storm
253110 10 危険 ヒューレット・パッカード - HP Data Protector における任意のコードを実行される脆弱性 CWE-noinfo
情報不足 		CVE-2011-3159 2011-10-25 16:48 2011-10-18 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:May 24, 2026, 4:05 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
208661 5.5 MEDIUM
Local 		huawei honor_v30_firmware Honor V30 smartphones with versions earlier than 10.0.1.135(C00E130R4P1) have an improper authentication vulnerability. Certain applications do not properly validate the identity of another applicati… CWE-287
Improper Authentication 		CVE-2020-1788 2024-11-21 14:11 2020-01-22 Show GitHub Exploit DB Packet Storm
208662 6.0 MEDIUM
Local 		huawei mate_20_firmware HUAWEI Mate 20 smart phones with versions earlier than 10.0.0.175(C00E70R3P8) have an insufficient authentication vulnerability. A local attacker with high privilege can execute a specific command to… CWE-287
Improper Authentication 		CVE-2020-1840 2024-11-21 14:11 2020-01-22 Show GitHub Exploit DB Packet Storm
208663 7.5 HIGH
Network 		apache beam The Apache Beam MongoDB connector in versions 2.10.0 to 2.16.0 has an option to disable SSL trust verification. However this configuration is not respected and the certificate verification disables t… CWE-295
Improper Certificate Validation  		CVE-2020-1929 2024-11-21 14:11 2020-01-16 Show GitHub Exploit DB Packet Storm
208664 4.3 MEDIUM
Network 		otrs
debian 		otrs
debian_linux 		Agent A is able to save a draft (i.e. for customer reply). Then Agent B can open the draft, change the text completely and send it in the name of Agent A. For the customer it will not be visible that… NVD-CWE-Other
CVE-2020-1767 2024-11-21 14:11 2020-01-11 Show GitHub Exploit DB Packet Storm
208665 6.1 MEDIUM
Network 		otrs
debian 		otrs
debian_linux 		Due to improper handling of uploaded images it is possible in very unlikely and rare conditions to force the agents browser to execute malicious javascript from a special crafted SVG file rendered as… CWE-79
Cross-site Scripting 		CVE-2020-1766 2024-11-21 14:11 2020-01-11 Show GitHub Exploit DB Packet Storm
208666 5.3 MEDIUM
Network 		otrs
debian
opensuse 		otrs
debian_linux
leap
backports_sle 		An improper control of parameters allows the spoofing of the from fields of the following screens: AgentTicketCompose, AgentTicketForward, AgentTicketBounce and AgentTicketEmailOutbound. This issue a… NVD-CWE-Other
CVE-2020-1765 2024-11-21 14:11 2020-01-11 Show GitHub Exploit DB Packet Storm
208667 7.5 HIGH
Network 		apache olingo Apache Olingo versions 4.0.0 to 4.7.0 provide the AsyncRequestWrapperImpl class which reads a URL from the Location header, and then sends a GET or DELETE request to this URL. It may allow to impleme… CWE-918
Server-Side Request Forgery (SSRF)  		CVE-2020-1925 2024-11-21 14:11 2020-01-10 Show GitHub Exploit DB Packet Storm
208668 5.3 MEDIUM
Network 		huawei cloudengine_12800_firmware
s5700_firmware
s6700_firmware 		There is a weak algorithm vulnerability in some Huawei products. The affected products use the RSA algorithm in the SSL key exchange algorithm which have been considered as a weak algorithm. Attacker… CWE-327
 Use of a Broken or Risky Cryptographic Algorithm 		CVE-2020-1810 2024-11-21 14:11 2020-01-10 Show GitHub Exploit DB Packet Storm
208669 4.6 MEDIUM
Physics 		huawei mate_20_pro_firmware HUAWEI Mate 20 Pro smartphones versions earlier than 10.0.0.175(C00E69R3P8) have an improper authentication vulnerability. The software does not sufficiently validate the name of apk file in a specia… CWE-287
Improper Authentication 		CVE-2020-1786 2024-11-21 14:11 2020-01-10 Show GitHub Exploit DB Packet Storm
208670 4.4 MEDIUM
Local 		huawei honor_magic2_firmware Huawei Honor Magic2 mobile phones with versions earlier than 10.0.0.175(C00E59R2P11) have an information leak vulnerability. Due to a module using weak encryption tool, an attacker with the root perm… CWE-327
 Use of a Broken or Risky Cryptographic Algorithm 		CVE-2020-1826 2024-11-21 14:11 2020-01-10 Show GitHub Exploit DB Packet Storm