Vulnerability Search Top

Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

Vulnerability Information Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":May 18, 2026, 6 p.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
253781	1.9	注意	Linux レッドハット	-	Linux kernel の Direct Rendering Manager サブシステムの drm_ioctl 関数における重要な情報を取得される脆弱性	CWE-200 情報漏えい	CVE-2010-2803	2011-04-7 13:43	2010-08-26	Show	GitHub Exploit DB Packet Storm

253782	2.6	注意	アップル	-	Apple Safari のウインドウの機能における任意のローカルファイルが送信される脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2011-0169	2011-04-6 18:38	2011-03-11	Show	GitHub Exploit DB Packet Storm

253783	7.8	危険	アップル	-	複数の Apple 製品の Wi-Fi におけるサービス運用妨害 (DoS) の脆弱性	CWE-20 不適切な入力確認	CVE-2011-0162	2011-04-6 18:36	2011-03-11	Show	GitHub Exploit DB Packet Storm

253784	4.3	警告	アップル	-	Apple Safari のウインドウの機能における任意のローカルファイルが送信される脆弱性	CWE-264 認可・権限・アクセス制御	CVE-2011-0167	2011-04-6 18:01	2011-03-11	Show	GitHub Exploit DB Packet Storm

253785	5.8	警告	アップル	-	Apple Safari の HTML5 ドラッグ＆ドロップの機能における重要な情報を取得される脆弱性	CWE-264 認可・権限・アクセス制御	CVE-2011-0166	2011-04-6 17:38	2011-03-11	Show	GitHub Exploit DB Packet Storm

253786	5	警告	アップル	-	Apple iOS の Safari にある Safari 設定機能におけるユーザを追跡可能な脆弱性	CWE-20 不適切な入力確認	CVE-2011-0159	2011-04-6 17:34	2011-03-11	Show	GitHub Exploit DB Packet Storm

253787	7.5	危険	アップル	-	Apple iOS の WebKit における任意のコードを実行される脆弱性	CWE-119 バッファエラー	CVE-2011-0157	2011-04-6 17:29	2011-03-11	Show	GitHub Exploit DB Packet Storm

253788	5	警告	OpenSLP	-	OpenSLP にサービス運用妨害 (DoS) の脆弱性	CWE-noinfo 情報不足	CVE-2010-3609	2011-04-6 17:27	2011-03-22	Show	GitHub Exploit DB Packet Storm

253789	5.8	警告	Apache Software Foundation	-	Apache Tomcat におけるアクセス制限を回避される脆弱性	CWE-DesignError	CVE-2011-1088	2011-04-6 17:23	2011-03-11	Show	GitHub Exploit DB Packet Storm

253790	9.3	危険	マイクロソフト	-	Microsoft Groove 2007 における権限昇格の脆弱性	CWE-Other その他	CVE-2010-3146	2011-04-6 17:09	2011-03-8	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:May 19, 2026, 4:16 a.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
209031	6.1	MEDIUM Network	jeesns	jeesns	Cross Site Scripting (XSS) in Jeesns v1.4.2 allows remote attackers to execute arbitrary code by injecting commands into the "CKEditorFuncNum" parameter in the component "CkeditorUploadController.jav…	CWE-79 Cross-site Scripting	CVE-2020-18035	2024-11-21 14:08	2021-04-30	Show	GitHub Exploit DB Packet Storm

209032	7.8	HIGH Local	graphviz debian fedoraproject	graphviz debian_linux fedora	Buffer Overflow in Graphviz Graph Visualization Tools from commit ID f8b9e035 and earlier allows remote attackers to execute arbitrary code or cause a denial of service (application crash) by loading…	CWE-120 Classic Buffer Overflow	CVE-2020-18032	2024-11-21 14:08	2021-04-30	Show	GitHub Exploit DB Packet Storm

209033	6.1	MEDIUM Network	qibosoft	qibocms	Cross Site Scripting (XSS) in Qibosoft QiboCMS v7 and earlier allows remote attackers to execute arbitrary code or obtain sensitive information by injecting arbitrary commands in a HTTP request to th…	CWE-79 Cross-site Scripting	CVE-2020-18022	2024-11-21 14:08	2021-04-29	Show	GitHub Exploit DB Packet Storm

209034	6.1	MEDIUM Network	1234n	minicms	Cross Site Scripting (XSS) in MiniCMS v1.10 allows remote attackers to execute arbitrary code by injecting commands via a crafted HTTP request to the component "/mc-admin/post-edit.php".	CWE-79 Cross-site Scripting	CVE-2020-17999	2024-11-21 14:08	2021-04-29	Show	GitHub Exploit DB Packet Storm

209035	9.8	CRITICAL Network	phpshe	mall_system	SQL Injection in PHPSHE Mall System v1.7 allows remote attackers to execute arbitrary code by injecting SQL commands into the "user_phone" parameter of a crafted HTTP request to the "admin.php" compo…	CWE-89 SQL Injection	CVE-2020-18020	2024-11-21 14:08	2021-04-28	Show	GitHub Exploit DB Packet Storm

209036	7.5	HIGH Network	xinfu	oa_system	SQL Injection in Xinhu OA System v1.8.3 allows remote attackers to obtain sensitive information by injecting arbitrary commands into the "typeid" variable of the "createfolderAjax" function in the "m…	CWE-89 SQL Injection	CVE-2020-18019	2024-11-21 14:08	2021-04-28	Show	GitHub Exploit DB Packet Storm

209037	7.5	HIGH Network	apache	ozone	The S3 buckets and keys in a secure Apache Ozone Cluster must be inaccessible to anonymous access by default. The current security vulnerability allows access to keys and buckets through a curl comma…	CWE-306 Missing Authentication for Critical Function	CVE-2020-17517	2024-11-21 14:08	2021-04-27	Show	GitHub Exploit DB Packet Storm

209038	5.4	MEDIUM Network	dotcms	dotcms	Cross Site Scripting (XSS) in dotCMS v5.1.5 allows remote attackers to execute arbitrary code by injecting a malicious payload into the "Task Detail" comment window of the "/dotAdmin/#/c/workflow" co…	CWE-79 Cross-site Scripting	CVE-2020-17542	2024-11-21 14:08	2021-04-24	Show	GitHub Exploit DB Packet Storm

209039	9.1	CRITICAL Network	feifeicms	feifeicms	Path Traversal in FeiFeiCMS v4.0 allows remote attackers to delete arbitrary files by sending a crafted HTTP request to the " Admin/DataAction.class.php" component.	CWE-22 Path Traversal	CVE-2020-17564	2024-11-21 14:08	2021-04-23	Show	GitHub Exploit DB Packet Storm

209040	9.1	CRITICAL Network	feifeicms	feifeicms	Path Traversal in FeiFeiCMS v4.0 allows remote attackers to delete arbitrary files by sending a crafted HTTP request to " /index.php?s=/admin-tpl-del&id=".	CWE-22 Path Traversal	CVE-2020-17563	2024-11-21 14:08	2021-04-23	Show	GitHub Exploit DB Packet Storm