Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":April 30, 2026, 6 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
253761 6.8 警告 マイクロソフト - Microsoft Windows の kernel における権限を取得される脆弱性 CWE-20
不適切な入力確認 		CVE-2009-1127 2010-01-4 15:24 2009-11-10 Show GitHub Exploit DB Packet Storm
253762 10 危険 マイクロソフト - Microsoft Windows の License Logging Server (llssrv.exe) における任意のコードを実行される脆弱性 CWE-119
バッファエラー 		CVE-2009-2523 2010-01-4 15:24 2009-11-10 Show GitHub Exploit DB Packet Storm
253763 9.3 危険 マイクロソフト - Microsoft Windows の Web Services on Devices API (WSDAPI) における任意のコードを実行される脆弱性 CWE-94
コード・インジェクション 		CVE-2009-2512 2010-01-4 15:23 2009-11-10 Show GitHub Exploit DB Packet Storm
253764 10 危険 アップル
VMware
サン・マイクロシステムズ		 - Sun Java SE の Provider クラスにおける詳細不明な脆弱性 CWE-noinfo
情報不足 		CVE-2009-2722 2010-01-4 14:56 2009-08-10 Show GitHub Exploit DB Packet Storm
253765 10 危険 アップル
VMware
サン・マイクロシステムズ		 - Sun Java SE の Provider クラスにおける詳細不明な脆弱性 CWE-noinfo
情報不足 		CVE-2009-2723 2010-01-4 14:55 2009-08-10 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:April 30, 2026, 4:58 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
198481 7.5 HIGH
Network 		arc-swap_project arc-swap An issue has been discovered in the arc-swap crate before 0.4.8 (and 1.x before 1.1.0) for Rust. Use of arc_swap::access::Map with the Constant test helper (or with a user-supplied implementation of … NVD-CWE-noinfo
CVE-2020-35711 2024-11-21 14:27 2020-12-26 Show GitHub Exploit DB Packet Storm
198482 5.3 MEDIUM
Network 		parallels remote_application_server Parallels Remote Application Server (RAS) 18 allows remote attackers to discover an intranet IP address because submission of the login form (even with blank credentials) provides this address to the… CWE-200
Information Exposure 		CVE-2020-35710 2024-11-21 14:27 2020-12-26 Show GitHub Exploit DB Packet Storm
198483 4.9 MEDIUM
Network 		bloofox bloofoxcms bloofoxCMS 0.5.2.1 allows admins to upload arbitrary .php files (with "Content-Type: application/octet-stream") to ../media/images/ via the admin/index.php?mode=tools&page=upload URI, aka directory t… CWE-22
Path Traversal 		CVE-2020-35709 2024-11-21 14:27 2020-12-26 Show GitHub Exploit DB Packet Storm
198484 7.2 HIGH
Network 		phplist phplist phpList 3.5.9 allows SQL injection by admins who provide a crafted fourth line of a file to the "Config - Import Administrators" page. CWE-89
SQL Injection 		CVE-2020-35708 2024-11-21 14:27 2020-12-25 Show GitHub Exploit DB Packet Storm
198485 5.4 MEDIUM
Network 		daybydaycrm daybyday Daybyday 2.1.0 allows stored XSS via the Company Name parameter to the New Client screen. CWE-79
Cross-site Scripting 		CVE-2020-35707 2024-11-21 14:27 2020-12-25 Show GitHub Exploit DB Packet Storm
198486 5.4 MEDIUM
Network 		daybydaycrm daybyday Daybyday 2.1.0 allows stored XSS via the Title parameter to the New Project screen. CWE-79
Cross-site Scripting 		CVE-2020-35706 2024-11-21 14:27 2020-12-25 Show GitHub Exploit DB Packet Storm
198487 5.4 MEDIUM
Network 		daybydaycrm daybyday Daybyday 2.1.0 allows stored XSS via the Name parameter to the New User screen. CWE-79
Cross-site Scripting 		CVE-2020-35705 2024-11-21 14:27 2020-12-25 Show GitHub Exploit DB Packet Storm
198488 5.4 MEDIUM
Network 		daybydaycrm daybyday Daybyday 2.1.0 allows stored XSS via the Title parameter to the New Lead screen. CWE-79
Cross-site Scripting 		CVE-2020-35704 2024-11-21 14:27 2020-12-25 Show GitHub Exploit DB Packet Storm
198489 7.8 HIGH
Local 		freedesktop poppler DCTStream::getChars in DCTStream.cc in Poppler 20.12.1 has a heap-based buffer overflow via a crafted PDF document. NOTE: later reports indicate that this only affects builds from Poppler git clones … CWE-787
 Out-of-bounds Write 		CVE-2020-35702 2024-11-21 14:27 2020-12-25 Show GitHub Exploit DB Packet Storm
198490 8.8 HIGH
Adjacent 		google android On some Samsung phones and tablets running Android through 7.1.1, it is possible for an attacker-controlled Bluetooth Low Energy (BLE) device to pair silently with a vulnerable target device, without… NVD-CWE-noinfo
CVE-2020-35693 2024-11-21 14:27 2020-12-25 Show GitHub Exploit DB Packet Storm