Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":May 12, 2026, 6 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
253761 9.3 危険 リアルネットワークス - RealNetworks RealPlayer の ActiveX コントロールにおける任意のコードを実行される脆弱性 CWE-119
バッファエラー 		CVE-2010-3747 2010-11-9 14:50 2010-10-15 Show GitHub Exploit DB Packet Storm
253762 9.3 危険 リアルネットワークス - RealNetworks RealPlayer における任意のコードを実行される脆弱性 CWE-20
不適切な入力確認 		CVE-2010-2998 2010-11-9 14:50 2010-10-15 Show GitHub Exploit DB Packet Storm
253763 - - Artifex Software - Ghostscript にサービス運用妨害 (DoS) の脆弱性 - - 2010-11-9 14:46 2010-10-13 Show GitHub Exploit DB Packet Storm
253764 4 警告 IBM - IBM DB2 におけるアクセス制限を回避される脆弱性 CWE-264
認可・権限・アクセス制御 		CVE-2010-3475 2010-11-8 16:09 2010-08-5 Show GitHub Exploit DB Packet Storm
253765 5 警告 IBM - IBM DB2 におけるアクセス制限を回避される脆弱性 CWE-264
認可・権限・アクセス制御 		CVE-2010-3474 2010-11-8 16:08 2010-04-19 Show GitHub Exploit DB Packet Storm
253766 9.3 危険 ジャストシステム - 一太郎シリーズにおける任意のコードが実行される脆弱性 CWE-noinfo
情報不足 		CVE-2010-3916 2010-11-5 15:02 2010-11-4 Show GitHub Exploit DB Packet Storm
253767 9.3 危険 ジャストシステム - 一太郎シリーズにおける任意のコードが実行される脆弱性 CWE-noinfo
情報不足 		CVE-2010-3915 2010-11-5 15:01 2010-11-4 Show GitHub Exploit DB Packet Storm
253768 4.3 警告 IBM
Apache Software Foundation
アップル
サイバートラスト株式会社
富士通
サン・マイクロシステムズ
ターボリナックス
ヒューレット・パッカード
レッドハット		 - Apache の mod_proxy_ftp モジュールにおけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2008-2939 2010-11-4 15:35 2008-08-6 Show GitHub Exploit DB Packet Storm
253769 1.9 注意 オラクル - Oracle Solaris および OpenSolaris における USB の処理に関する脆弱性 CWE-noinfo
情報不足 		CVE-2010-3542 2010-11-4 15:31 2010-10-12 Show GitHub Exploit DB Packet Storm
253770 2.4 注意 オラクル - Oracle Solaris および OpenSolaris における Device Drivers の処理に関する脆弱性 CWE-noinfo
情報不足 		CVE-2010-3513 2010-11-4 15:31 2010-10-12 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:May 13, 2026, 5:05 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
201351 7.5 HIGH
Network 		searchblox searchblox A local file inclusion vulnerability in the FileServlet in all SearchBlox before 9.2.2 allows remote, unauthenticated users to read arbitrary files from the operating system via a /searchblox/servlet… CWE-22
Path Traversal 		CVE-2020-35580 2024-11-21 14:27 2021-05-21 Show GitHub Exploit DB Packet Storm
201352 6.1 MEDIUM
Network 		kamalkhan kk_star_ratings Cross Site Scripting (XSS) vulnerability in the kk Star Ratings plugin before 4.1.5. CWE-79
Cross-site Scripting 		CVE-2020-35438 2024-11-21 14:27 2021-05-11 Show GitHub Exploit DB Packet Storm
201353 7.8 HIGH
Local 		linux
netapp 		linux_kernel
cloud_backup
solidfire_baseboard_management_controller_firmware
h300s_firmware
h500s_firmware
h700s_firmware
h300e_firmware
h500e_firmware
h700e_firmware
h410s… 		An out-of-bounds (OOB) memory access flaw was found in x25_bind in net/x25/af_x25.c in the Linux kernel version v5.12-rc5. A bounds check failure allows a local attacker with a user account on the sy… - CVE-2020-35519 2024-11-21 14:27 2021-05-7 Show GitHub Exploit DB Packet Storm
201354 9.8 CRITICAL
Network 		inxedu inxedu SQL Injection in com/inxedu/OS/edu/controller/letter/AdminMsgSystemController in Inxedu v2.0.6 via the ids parameter to admin/letter/delsystem. CWE-89
SQL Injection 		CVE-2020-35430 2024-11-21 14:27 2021-04-30 Show GitHub Exploit DB Packet Storm
201355 5.4 MEDIUM
Network 		unisys data_exchange_management_studio Unisys Data Exchange Management Studio through 5.0.34 doesn't sanitize the input to a HTML document field. This could be used for an XSS attack. CWE-79
Cross-site Scripting 		CVE-2020-35542 2024-11-21 14:27 2021-04-27 Show GitHub Exploit DB Packet Storm
201356 9.8 CRITICAL
Network 		wondercms wondercms A remote code execution vulnerability in the installUpdateThemePluginAction function in index.php in WonderCMS 3.1.3, allows remote attackers to upload a custom plugin which can contain arbitrary cod… CWE-78
OS Command  		CVE-2020-35314 2024-11-21 14:27 2021-04-21 Show GitHub Exploit DB Packet Storm
201357 9.8 CRITICAL
Network 		wondercms wondercms A server-side request forgery (SSRF) vulnerability in the addCustomThemePluginRepository function in index.php in WonderCMS 3.1.3 allows remote attackers to execute arbitrary code via a crafted URL t… CWE-918
Server-Side Request Forgery (SSRF)  		CVE-2020-35313 2024-11-21 14:27 2021-04-21 Show GitHub Exploit DB Packet Storm
201358 5.4 MEDIUM
Network 		monicahq monica Cross Site Scripting (XSS) in Monica before 2.19.1 via the journal page. CWE-79
Cross-site Scripting 		CVE-2020-35660 2024-11-21 14:27 2021-04-15 Show GitHub Exploit DB Packet Storm
201359 6.1 MEDIUM
Network 		group-office group_office Cross Site Scripting (XSS) in Group Office CRM 6.4.196 via the SET_LANGUAGE parameter. CWE-79
Cross-site Scripting 		CVE-2020-35419 2024-11-21 14:27 2021-04-15 Show GitHub Exploit DB Packet Storm
201360 5.4 MEDIUM
Network 		group-office group_office Cross Site Scripting (XSS) in the contact page of Group Office CRM 6.4.196 by uploading a crafted svg file. CWE-79
Cross-site Scripting 		CVE-2020-35418 2024-11-21 14:27 2021-04-15 Show GitHub Exploit DB Packet Storm