Vulnerability Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":May 11, 2026, 6:01 p.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
253101	4	警告	MySQL AB	-	Oracle MySQL の storage/innobase/dict/dict0crea.c におけるサービス運用妨害 (DoS) の脆弱性	CWE-Other その他	CVE-2010-3676	2011-02-7 14:34	2010-07-9	Show	GitHub Exploit DB Packet Storm

253102	7.5	危険	ヒューレット・パッカードサイバートラスト株式会社レッドハット	-	Hewlett-Packard Linux Imaging and Printing の hpmud_get_pml 関数におけるスタックベースのバッファオーバーフローの脆弱性	CWE-119 バッファエラー	CVE-2010-4267	2011-02-7 14:29	2011-01-17	Show	GitHub Exploit DB Packet Storm

253103	9.3	危険	アップル Google レッドハット	-	Apple Safari の WebKit における任意のコードを実行される脆弱性	CWE-119 バッファエラー	CVE-2010-1782	2011-02-4 14:38	2010-07-30	Show	GitHub Exploit DB Packet Storm

253104	4.3	警告	アップル Google レッドハット	-	Apple Safari および Google Chrome の WebKit における同一生成元ポリシーを回避される脆弱性	CWE-264 認可・権限・アクセス制御	CVE-2010-3259	2011-02-4 14:37	2010-09-7	Show	GitHub Exploit DB Packet Storm

253105	9.3	危険	アップル Google レッドハット	-	Apple Safari および Google Chrome の WebKit における任意のコードを実行される脆弱性	CWE-399 リソース管理の問題	CVE-2010-3257	2011-02-4 14:36	2010-09-7	Show	GitHub Exploit DB Packet Storm

253106	10	危険	アップル Google レッドハット	-	Apple Safari および Google Chrome の WebKit における任意のコードを実行される脆弱性	CWE-399 リソース管理の問題	CVE-2010-3116	2011-02-4 14:34	2010-08-24	Show	GitHub Exploit DB Packet Storm

253107	9.3	危険	アップルレッドハット	-	Apple Safari の WebKit における任意のコードを実行される脆弱性	CWE-20 不適切な入力確認	CVE-2010-1807	2011-02-4 14:33	2010-09-7	Show	GitHub Exploit DB Packet Storm

253108	9.3	危険	アップルレッドハット	-	iPhone および iPod touch 上で稼動する Apple iOS の WebKit における任意のコードを実行される脆弱性	CWE-399 リソース管理の問題	CVE-2010-1815	2011-02-4 14:32	2010-09-8	Show	GitHub Exploit DB Packet Storm

253109	9.3	危険	アップルレッドハット	-	iPhone および iPod touch 上で稼動する Apple iOS の WebKit における任意のコードを実行される脆弱性	CWE-119 バッファエラー	CVE-2010-1814	2011-02-4 14:30	2010-09-8	Show	GitHub Exploit DB Packet Storm

253110	9.3	危険	アップルレッドハット	-	iPhone および iPod touch 上で稼動する Apple iOS の WebKit における任意のコードを実行される脆弱性	CWE-399 リソース管理の問題	CVE-2010-1812	2011-02-4 14:29	2010-09-8	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:May 11, 2026, 4:09 a.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
209481	8.8	HIGH Network	j2store	j2store	The J2Store plugin before 3.3.13 for Joomla! allows a SQL injection attack by a trusted store manager.	CWE-89 SQL Injection	CVE-2020-13996	2024-11-21 14:02	2020-06-10	Show	GitHub Exploit DB Packet Storm

209482	5.4	MEDIUM Network	your_online_shop_project	your_online_shop	Your Online Shop 1.8.0 allows authenticated users to trigger XSS via a Change Name or Change Surname operation.	CWE-79 Cross-site Scripting	CVE-2020-13911	2024-11-21 14:02	2020-06-10	Show	GitHub Exploit DB Packet Storm

209483	8.8	HIGH Adjacent	royalapps	royal_ts	Royal TS before 5 has a 0.0.0.0 listener, which makes it easier for attackers to bypass tunnel authentication via a brute-force approach.	CWE-307 mproper Restriction of Excessive Authentication Attempts	CVE-2020-13872	2024-11-21 14:02	2020-06-10	Show	GitHub Exploit DB Packet Storm

209484	5.4	MEDIUM Network	themeboy	sportspress	The SportsPress plugin before 2.7.2 for WordPress allows XSS.	CWE-79 Cross-site Scripting	CVE-2020-13892	2024-11-21 14:02	2020-06-10	Show	GitHub Exploit DB Packet Storm

209485	4.8	MEDIUM Network	opencart	opencart	OpenCart 3.0.3.3 allows remote authenticated users to conduct XSS attacks via a crafted filename in the users' image upload section because of a lack of entity encoding. NOTE: this issue exists becau…	CWE-79 Cross-site Scripting	CVE-2020-13980	2024-11-21 14:02	2020-06-9	Show	GitHub Exploit DB Packet Storm

209486	7.2	HIGH Network	monstra	monstra_cms	Monstra CMS 3.0.4 allows an attacker, who already has administrative access to modify .chunk.php files on the Edit Chunk screen, to execute arbitrary OS commands via the Theme Module by visiting the …	CWE-78 OS Command	CVE-2020-13978	2024-11-21 14:02	2020-06-9	Show	GitHub Exploit DB Packet Storm

209487	4.9	MEDIUM Network	nagios fedoraproject	nagios fedora	Nagios 4.4.5 allows an attacker, who already has administrative access to change the "URL for JSON CGIs" configuration setting, to modify the Alert Histogram and Trends code via crafted versions of t…	CWE-829 Inclusion of Functionality from Untrusted Control Sphere	CVE-2020-13977	2024-11-21 14:02	2020-06-9	Show	GitHub Exploit DB Packet Storm

209488	8.8	HIGH Network	dd-wrt	dd-wrt	An issue was discovered in DD-WRT through 16214. The Diagnostic page allows remote attackers to execute arbitrary commands via shell metacharacters in the host field of the ping command. Exploitation…	CWE-78 OS Command	CVE-2020-13976	2024-11-21 14:02	2020-06-9	Show	GitHub Exploit DB Packet Storm

209489	7.8	HIGH Local	linux debian canonical	linux_kernel debian_linux ubuntu_linux	An issue was discovered in the Linux kernel 4.4 through 5.7.1. drivers/tty/vt/keyboard.c has an integer overflow if k_ascii is called several times in a row, aka CID-b86dab054059. NOTE: Members in th…	CWE-190 Integer Overflow or Wraparound	CVE-2020-13974	2024-11-21 14:02	2020-06-9	Show	GitHub Exploit DB Packet Storm

209490	6.1	MEDIUM Network	owasp	json-sanitizer	OWASP json-sanitizer before 1.2.1 allows XSS. An attacker who controls a substring of the input JSON, and controls another substring adjacent to a SCRIPT element in which the output is embedded as Ja…	CWE-79 Cross-site Scripting	CVE-2020-13973	2024-11-21 14:02	2020-06-9	Show	GitHub Exploit DB Packet Storm

Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed