Vulnerability Search Top

Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

Vulnerability Information Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":May 9, 2026, 6 p.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
253431	7.5	危険	アップルサイバートラスト株式会社ターボリナックスサン・マイクロシステムズレッドハット	-	FreeType2 における一つずれエラーの脆弱性	CWE-189 数値処理の問題	CVE-2008-1808	2010-10-19 15:15	2008-06-17	Show	GitHub Exploit DB Packet Storm

253432	7.5	危険	アップルサイバートラスト株式会社ターボリナックスサン・マイクロシステムズレッドハット	-	FreeType2 におけるメモリ破壊の脆弱性	CWE-189 数値処理の問題	CVE-2008-1807	2010-10-19 15:15	2008-06-17	Show	GitHub Exploit DB Packet Storm

253433	7.5	危険	アップルサイバートラスト株式会社ターボリナックスサン・マイクロシステムズレッドハット	-	FreeType2 におけるヒープベースのバッファオーバーフローの脆弱性	CWE-189 数値処理の問題	CVE-2008-1806	2010-10-19 15:15	2008-06-17	Show	GitHub Exploit DB Packet Storm

253434	2.6	注意	The PHP Group サイバートラスト株式会社ターボリナックスレッドハット	-	PHP におけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2008-5814	2010-10-19 15:14	2008-12-19	Show	GitHub Exploit DB Packet Storm

253435	9.3	危険	Google	-	Google Chrome の Gears プラグインにおける任意のコードを実行される脆弱性	CWE-Other その他	CVE-2009-3932	2010-10-19 15:02	2009-11-5	Show	GitHub Exploit DB Packet Storm

253436	4.3	警告	Google	-	Google Chrome の src/webkit/glue/webframeloaderclient_impl.cc におけるサービス運用妨害 (DoS) の脆弱性	CWE-Other その他	CVE-2009-3934	2010-10-19 15:02	2009-11-5	Show	GitHub Exploit DB Packet Storm

253437	9.3	危険	Google	-	Google Chrome のブラックリストにおける危険なファイルのダウンロードを強制される脆弱性	CWE-20 不適切な入力確認	CVE-2009-3931	2010-10-19 15:01	2009-11-5	Show	GitHub Exploit DB Packet Storm

253438	7.5	危険	Google	-	Google Chrome における X.509 証明書の処理に関する任意の SSL サーバになりすまされる脆弱性	CWE-310 暗号の問題	CVE-2009-3456	2010-10-19 15:01	2009-09-29	Show	GitHub Exploit DB Packet Storm

253439	5	警告	Google	-	Google Chrome におけるサービス運用妨害 (DoS) の脆弱性	CWE-399 リソース管理の問題	CVE-2008-7246	2010-10-19 15:01	2008-09-8	Show	GitHub Exploit DB Packet Storm

253440	5	警告	Google	-	Google Chrome におけるサービス運用妨害 (DoS) の脆弱性	CWE-399 リソース管理の問題	CVE-2009-3268	2010-10-19 15:00	2009-02-3	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:May 10, 2026, 4:58 a.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
209611	4.6	MEDIUM Physics	apexmic	apm32f103_firmware	The flash memory readout protection in Apex Microelectronics APM32F103 devices allows physical attackers to extract firmware via the debug interface and exception handling.	CWE-755 Improper Handling of Exceptional Conditions	CVE-2020-13463	2024-11-21 14:01	2020-09-1	Show	GitHub Exploit DB Packet Storm

209612	6.1	MEDIUM Network	o-dyn	collabtive	An issue was discovered in Collabtive 3.0 and later. managefile.php is vulnerable to XSS: when the action parameter is set to movefile and the id parameter corresponds to a project the current user h…	CWE-79 Cross-site Scripting	CVE-2020-13655	2024-11-21 14:01	2020-09-1	Show	GitHub Exploit DB Packet Storm

209613	6.5	MEDIUM Adjacent	espressif	esp-idf	The Bluetooth Low Energy (BLE) controller implementation in Espressif ESP-IDF 4.0 through 4.2 (for ESP32 devices) returns the wrong number of completed BLE packets and triggers a reachable assertion …	CWE-617 Reachable Assertion	CVE-2020-13595	2024-11-21 14:01	2020-09-1	Show	GitHub Exploit DB Packet Storm

209614	6.5	MEDIUM Adjacent	espressif	esp-idf	The Bluetooth Low Energy (BLE) controller implementation in Espressif ESP-IDF 4.2 and earlier (for ESP32 devices) does not properly restrict the channel map field of the connection request packet on …	CWE-20 Improper Input Validation	CVE-2020-13594	2024-11-21 14:01	2020-09-1	Show	GitHub Exploit DB Packet Storm

209615	8.8	HIGH Adjacent	ti	simplelink-cc2640r2_software_development_kit	The Bluetooth Low Energy Secure Manager Protocol (SMP) implementation in Texas Instruments SimpleLink SIMPLELINK-CC2640R2-SDK through 2.2.3 allows the Diffie-Hellman check during the Secure Connectio…	CWE-347 Improper Verification of Cryptographic Signature	CVE-2020-13593	2024-11-21 14:01	2020-09-1	Show	GitHub Exploit DB Packet Storm

209616	5.9	MEDIUM Network	mitel	micollab	The Mitel MiCollab application before 9.1.332 for iOS could allow an unauthorized user to access restricted files and folders due to insufficient access control. An exploit requires a rooted iOS devi…	NVD-CWE-noinfo	CVE-2020-13767	2024-11-21 14:01	2020-08-27	Show	GitHub Exploit DB Packet Storm

209617	7.5	HIGH Network	mitel	6863_firmware 6865_firmware 6867_firmware 6869_firmware 6873_firmware 6940_firmware 6970_firmware 6930_firmware 6920_firmware 6905_firmware 6910_firmware	The Web UI component of Mitel MiVoice 6800 and 6900 series SIP Phones with firmware before 5.1.0.SP5 could allow an unauthenticated attacker to expose sensitive information due to improper memory han…	CWE-307 mproper Restriction of Excessive Authentication Attempts	CVE-2020-13617	2024-11-21 14:01	2020-08-27	Show	GitHub Exploit DB Packet Storm

209618	5.4	MEDIUM Network	hivemq	broker_control_center	An issue was discovered in HiveMQ Broker Control Center 4.3.2. A crafted clientid parameter in an MQTT packet (sent to the Broker) is reflected in the client section of the management console. The at…	CWE-79 Cross-site Scripting	CVE-2020-13821	2024-11-21 14:01	2020-08-27	Show	GitHub Exploit DB Packet Storm

209619	7.5	HIGH Network	aedes_project	aedes	An issue was discovered in MoscaJS Aedes 0.42.0. lib/write.js does not properly consider exceptions during the writing of an invalid packet to a stream.	CWE-755 Improper Handling of Exceptional Conditions	CVE-2020-13410	2024-11-21 14:01	2020-08-27	Show	GitHub Exploit DB Packet Storm

209620	8.8	HIGH Network	i-doit	i-doit	A CSV injection (aka Excel Macro Injection or Formula Injection) issue in i-doit 1.14.2 allows an attacker to execute arbitrary commands via a Title parameter that is mishandled in a CSV export.	CWE-1236 Improper Neutralization of Formula Elements in a CSV File	CVE-2020-13826	2024-11-21 14:01	2020-08-20	Show	GitHub Exploit DB Packet Storm