Vulnerability Search Top

Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

Vulnerability Information Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":June 11, 2026, 6:13 p.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
253131	7.5	危険	Google	-	Google Chrome の WebGL 実装におけるサービス運用妨害 (メモリ破損) の脆弱性	CWE-119 バッファエラー	CVE-2011-3052	2012-03-27 13:58	2012-03-21	Show	GitHub Exploit DB Packet Storm

253132	7.5	危険	Google	-	Google Chrome の Cascading Style Sheets 実装におけるサービス運用妨害 (DoS) の脆弱性	CWE-399 リソース管理の問題	CVE-2011-3051	2012-03-27 13:57	2012-03-21	Show	GitHub Exploit DB Packet Storm

253133	6.8	警告	Google	-	Google Chrome で使用される libpng の pngrutil.c における整数符号エラーの脆弱性	CWE-189 数値処理の問題	CVE-2011-3045	2012-03-27 13:53	2012-03-21	Show	GitHub Exploit DB Packet Storm

253134	6.4	警告	日本電気 IBM 富士通サイバートラスト株式会社 NTP Project サン・マイクロシステムズヒューレット・パッカードインターネットイニシアティブオラクルレッドハット	-	NTP におけるサービス運用妨害 (DoS) の脆弱性	CWE-DesignError	CVE-2009-3563	2012-03-27 11:37	2009-12-9	Show	GitHub Exploit DB Packet Storm

253135	6.8	警告	アップルサイバートラスト株式会社 NTP Project ヒューレット・パッカードターボリナックスオラクル VMware レッドハット	-	NTP の ntpq における任意のコードを実行される脆弱性	CWE-119 バッファエラー	CVE-2009-0159	2012-03-27 11:35	2009-04-14	Show	GitHub Exploit DB Packet Storm

253136	5	警告	アップルサイバートラスト株式会社レッドハットオラクル NTP Project	-	NTP における証明書チェーンの有効性を回避される脆弱性	CWE-287 不適切な認証	CVE-2009-0021	2012-03-27 11:01	2009-01-7	Show	GitHub Exploit DB Packet Storm

253137	5	警告	アップルサイバートラスト株式会社 PNG Development Group オラクル VMware レッドハット	-	libpng に含まれる pngrutil.c におけるメモリリークの脆弱性	CWE-399 リソース管理の問題	CVE-2010-2249	2012-03-27 10:32	2010-06-26	Show	GitHub Exploit DB Packet Storm

253138	7.5	危険	アップルサイバートラスト株式会社 Mozilla Foundation PNG Development Group オラクル VMware フェンリル株式会社レッドハット	-	libpng に脆弱性	CWE-119 バッファエラー	CVE-2010-1205	2012-03-27 10:29	2010-07-6	Show	GitHub Exploit DB Packet Storm

253139	7.8	危険	アップルサイバートラスト株式会社 PNG Development Group Lunascape オラクル VMware フェンリル株式会社レッドハット	-	libpng における圧縮された補助チャンクの処理に脆弱性	CWE-399 リソース管理の問題	CVE-2010-0205	2012-03-27 10:22	2010-03-4	Show	GitHub Exploit DB Packet Storm

253140	7.5	危険	クアンタムデル IBM	-	複数のテープライブラリ製品におけるアクセス権を取得される脆弱性	CWE-255 証明書・パスワード管理	CVE-2012-1844	2012-03-26 18:12	2012-03-22	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:June 12, 2026, 4:20 a.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
219401	6.1	MEDIUM Network	glpi-project	glpi	In GLPI before version 9.4.6, there is a vulnerability that allows bypassing the open redirect protection based which is based on a regexp. This is fixed in version 9.4.6.	CWE-601 Open Redirect	CVE-2020-11034	2024-11-21 13:56	2020-05-6	Show	GitHub Exploit DB Packet Storm

219402	7.2	HIGH Network	glpi-project	glpi	In GLPI before version 9.4.6, there is a SQL injection vulnerability for all helpdesk instances. Exploiting this vulnerability requires a technician account. This is fixed in version 9.4.6.	CWE-89 SQL Injection	CVE-2020-11032	2024-11-21 13:56	2020-05-6	Show	GitHub Exploit DB Packet Storm

219403	6.5	MEDIUM Network	zohocorp	manageengine_desktop_central	Zoho ManageEngine Desktop Central before 10.0.484 allows authenticated arbitrary file writes during ZIP archive extraction via Directory Traversal in a crafted AppDependency API request.	CWE-22 Path Traversal	CVE-2020-10859	2024-11-21 13:56	2020-05-6	Show	GitHub Exploit DB Packet Storm

219404	7.2	HIGH Network	glpi-project fedoraproject	glpi fedora	In GLPI from version 9.1 and before version 9.4.6, any API user with READ right on User itemtype will have access to full list of users when querying apirest.php/User. The response contains: - All ap…	CWE-200 Information Exposure	CVE-2020-11033	2024-11-21 13:56	2020-05-6	Show	GitHub Exploit DB Packet Storm

219405	4.8	MEDIUM Network	requarks	wiki.js	In Wiki.js before 2.3.81, there is a stored XSS in the Markdown editor. An editor with write access to a page, using the Markdown editor, could inject an XSS payload into the content. If another edit…	CWE-79 Cross-site Scripting	CVE-2020-11051	2024-11-21 13:56	2020-05-6	Show	GitHub Exploit DB Packet Storm

219406	5.3	MEDIUM Network	ruby-lang fedoraproject debian	ruby fedora debian_linux	An issue was discovered in Ruby 2.5.x through 2.5.7, 2.6.x through 2.6.5, and 2.7.0. If a victim calls BasicSocket#read_nonblock(requested_size, buffer, exception: false), the method resizes the buff…	CWE-908 Use of Uninitialized Resource	CVE-2020-10933	2024-11-21 13:56	2020-05-5	Show	GitHub Exploit DB Packet Storm

219407	7.5	HIGH Network	oklok_project	oklok	The OKLOK (3.1.1) mobile companion app for Fingerprint Bluetooth Padlock FB50 (2.3) does not correctly implement its timeout on the four-digit verification code that is required for resetting passwor…	CWE-613 CWE-307 Insufficient Session Expiration mproper Restriction of Excessive Authentication Attempts	CVE-2020-10876	2024-11-21 13:56	2020-05-4	Show	GitHub Exploit DB Packet Storm

219408	4.7	MEDIUM Local	torchbox	wagtail	In Wagtail before versions 2.7.3 and 2.8.2, a potential timing attack exists on pages or documents that have been protected with a shared password through Wagtail's "Privacy" controls. This password …	CWE-362 Race Condition	CVE-2020-11037	2024-11-21 13:56	2020-05-1	Show	GitHub Exploit DB Packet Storm

219409	5.4	MEDIUM Network	wordpress debian	wordpress debian_linux	In affected versions of WordPress, a special payload can be crafted that can lead to scripts getting executed within the search block of the block editor. This requires an authenticated user with the…	CWE-79 Cross-site Scripting	CVE-2020-11030	2024-11-21 13:56	2020-05-1	Show	GitHub Exploit DB Packet Storm

219410	6.1	MEDIUM Network	debian wordpress	debian_linux wordpress	In affected versions of WordPress, a vulnerability in the stats() method of class-wp-object-cache.php can be exploited to execute cross-site scripting (XSS) attacks. This has been patched in version …	CWE-79 Cross-site Scripting	CVE-2020-11029	2024-11-21 13:56	2020-05-1	Show	GitHub Exploit DB Packet Storm