Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":June 20, 2026, 6 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
253441 4.3 警告 レッドハット - Red Hat JBoss Enterprise Application Platform の JMX Console におけるクロスサイトリクエストフォージェリの脆弱性 CWE-352
同一生成元ポリシー違反 		CVE-2010-3878 2012-03-27 18:42 2010-12-1 Show GitHub Exploit DB Packet Storm
253442 4.3 警告 Mahara - Mahara の blocktype/groupviews/theme/raw/groupviews.tpl におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2010-3871 2012-03-27 18:42 2010-11-9 Show GitHub Exploit DB Packet Storm
253443 4 警告 レッドハット - RHCS および Dogtag Certificate System における任意の認証番号を生成される脆弱性 CWE-310
暗号の問題 		CVE-2010-3869 2012-03-27 18:42 2010-11-8 Show GitHub Exploit DB Packet Storm
253444 5.8 警告 レッドハット - RHCS および Dogtag Certificate System における PIN を取得される脆弱性 CWE-287
不適切な認証 		CVE-2010-3868 2012-03-27 18:42 2010-11-8 Show GitHub Exploit DB Packet Storm
253445 2.6 注意 レッドハット - Red Hat JBoss Enterprise Application Platform および JBoss Enterprise Web Platform の Boss Remoting におけるサービス運用妨害 (DoS) の脆弱性 CWE-20
不適切な入力確認 		CVE-2010-3862 2012-03-27 18:42 2010-12-8 Show GitHub Exploit DB Packet Storm
253446 6.4 警告 レッドハット - Red Hat Conga の Luciにおける repoze.who 認証をバイパスすることが容易になる脆弱性 CWE-287
不適切な認証 		CVE-2010-3852 2012-03-27 18:42 2010-11-2 Show GitHub Exploit DB Packet Storm
253447 4.9 警告 Linux - Linux kernel の ec_dev_ioctl 関数におけるアクセス制限を回避される脆弱性 CWE-264
認可・権限・アクセス制御 		CVE-2010-3850 2012-03-27 18:42 2010-12-30 Show GitHub Exploit DB Packet Storm
253448 4.7 警告 Linux - Linux kernel の econet_sendmsg におけるサービス運用妨害 (DoS) の脆弱性 CWE-20
CWE-399
CVE-2010-3849 2012-03-27 18:42 2010-12-30 Show GitHub Exploit DB Packet Storm
253449 6.9 警告 Linux - Linux kernel の econet_sendmsg 関数におけるスタックベースのバッファーオーバーフローの脆弱性 CWE-119
バッファエラー 		CVE-2010-3848 2012-03-27 18:42 2010-12-30 Show GitHub Exploit DB Packet Storm
253450 5.8 警告 Haxx - curl における絶対パストラバーサルの脆弱性 CWE-22
パス・トラバーサル 		CVE-2010-3842 2012-03-27 18:42 2010-10-13 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:June 21, 2026, 4:01 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
207431 7.8 HIGH
Local 		nethack nethack In NetHack before 3.6.5, an invalid argument to the -w command line option can cause a buffer overflow resulting in a crash or remote code execution/privilege escalation. This vulnerability affects s… CWE-120
Classic Buffer Overflow 		CVE-2020-5210 2024-11-21 14:33 2020-01-29 Show GitHub Exploit DB Packet Storm
207432 7.8 HIGH
Local 		nethack nethack In NetHack before 3.6.5, unknown options starting with -de and -i can cause a buffer overflow resulting in a crash or remote code execution/privilege escalation. This vulnerability affects systems th… CWE-120
Classic Buffer Overflow 		CVE-2020-5209 2024-11-21 14:33 2020-01-29 Show GitHub Exploit DB Packet Storm
207433 7.5 HIGH
Network 		jetbrains ktor In Ktor before 1.3.0, request smuggling is possible when running behind a proxy that doesn't handle Content-Length and Transfer-Encoding properly or doesn't handle \n as a headers separator. CWE-444
HTTP Request Smuggling 		CVE-2020-5207 2024-11-21 14:33 2020-01-28 Show GitHub Exploit DB Packet Storm
207434 5.3 MEDIUM
Network 		sylius syliusresourcebundle Sylius ResourceBundle accepts and uses any serialisation groups to be passed via a HTTP header. This might lead to data exposure by using an unintended serialisation group - for example it could make… CWE-200
Information Exposure 		CVE-2020-5220 2024-11-21 14:33 2020-01-28 Show GitHub Exploit DB Packet Storm
207435 4.3 MEDIUM
Network 		sylius sylius Affected versions of Sylius give attackers the ability to switch channels via the _channel_code GET parameter in production environments. This was meant to be enabled only when kernel.debug is set to… CWE-444
HTTP Request Smuggling 		CVE-2020-5218 2024-11-21 14:33 2020-01-28 Show GitHub Exploit DB Packet Storm
207436 5.4 MEDIUM
Network 		simplesamlphp simplesamlphp Cross-site scripting in SimpleSAMLphp before version 1.18.4. The www/erroreport.php script allows error reports to be submitted and sent to the system administrator. Starting with SimpleSAMLphp 1.18.… CWE-79
Cross-site Scripting 		CVE-2020-5226 2024-11-21 14:33 2020-01-25 Show GitHub Exploit DB Packet Storm
207437 5.4 MEDIUM
Network 		simplesamlphp simplesamlphp Log injection in SimpleSAMLphp before version 1.18.4. The www/erroreport.php script, which receives error reports and sends them via email to the system administrator, did not properly sanitize the r… CWE-532
 Inclusion of Sensitive Information in Log Files 		CVE-2020-5225 2024-11-21 14:33 2020-01-25 Show GitHub Exploit DB Packet Storm
207438 8.8 HIGH
Network 		django-user-sessions_project django-user-sessions In Django User Sessions (django-user-sessions) before 1.7.1, the views provided allow users to terminate specific sessions. The session key is used to identify sessions, and thus included in the rend… CWE-326
Inadequate Encryption Strength 		CVE-2020-5224 2024-11-21 14:33 2020-01-25 Show GitHub Exploit DB Packet Storm
207439 8.8 HIGH
Network 		peerigon angular-expressions Angular Expressions before version 1.0.1 has a remote code execution vulnerability if you call expressions.compile(userControlledInput) where userControlledInput is text that comes from user input. I… CWE-74
Injection 		CVE-2020-5219 2024-11-21 14:33 2020-01-25 Show GitHub Exploit DB Packet Storm
207440 5.8 MEDIUM
Network 		twitter secure_headers In Secure Headers (RubyGem secure_headers), a directive injection vulnerability is present in versions before 3.8.0, 5.1.0, and 6.2.0. If user-supplied input was passed into append/override_content_s… CWE-74
Injection 		CVE-2020-5217 2024-11-21 14:33 2020-01-23 Show GitHub Exploit DB Packet Storm