Vulnerability Search Top

Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

Vulnerability Information Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":May 11, 2026, 6:01 p.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
253821	9.3	危険	アドビシステムズレッドハット	-	Windows および Mac OS X 上で稼働する Adobe Reader および Acrobat における任意のコードを実行される脆弱性	CWE-119 バッファエラー	CVE-2010-3619	2010-10-20 14:36	2010-10-5	Show	GitHub Exploit DB Packet Storm

253822	9.3	危険	アドビシステムズレッドハット	-	Windows および Mac OS X 上で稼働する Adobe Reader および Acrobat における任意のコードを実行される脆弱性	CWE-119 バッファエラー	CVE-2010-2890	2010-10-20 14:36	2010-10-5	Show	GitHub Exploit DB Packet Storm

253823	9.3	危険	アドビシステムズレッドハット	-	Windows および Mac OS X 上で稼働する Adobe Reader および Acrobat における任意のコードを実行される脆弱性	CWE-20 不適切な入力確認	CVE-2010-2889	2010-10-20 14:35	2010-10-5	Show	GitHub Exploit DB Packet Storm

253824	9.3	危険	アドビシステムズ	-	Windows 上で稼働する Adobe Reader および Acrobat における任意のコードを実行される脆弱性	CWE-20 不適切な入力確認	CVE-2010-2888	2010-10-20 14:35	2010-10-5	Show	GitHub Exploit DB Packet Storm

253825	9.3	危険	アドビシステムズレッドハット	-	Linux 上で稼働する Adobe Reader および Acrobat における権限を取得される脆弱性	CWE-noinfo 情報不足	CVE-2010-2887	2010-10-20 14:35	2010-10-5	Show	GitHub Exploit DB Packet Storm

253826	6.8	警告	pon software	-	Archive Decoder における実行ファイル読み込みに関する脆弱性	CWE-Other その他	CVE-2010-3160	2010-10-20 14:03	2010-10-20	Show	GitHub Exploit DB Packet Storm

253827	5.1	警告	pon software	-	Explzh における実行ファイル読み込みに関する脆弱性	CWE-Other その他	CVE-2010-3159	2010-10-20 14:02	2010-10-20	Show	GitHub Exploit DB Packet Storm

253828	6.8	警告	サイバートラスト株式会社 FreeType Project ターボリナックスレッドハット	-	FreeType のデモプログラムにおけるバッファオーバーフローの脆弱性	CWE-119 バッファエラー	CVE-2010-2527	2010-10-19 15:22	2010-07-12	Show	GitHub Exploit DB Packet Storm

253829	6.8	警告	サイバートラスト株式会社 FreeType Project ターボリナックスレッドハット	-	FreeType の ftmulti.c におけるバッファオーバーフローの脆弱性	CWE-119 バッファエラー	CVE-2010-2541	2010-10-19 15:20	2010-08-6	Show	GitHub Exploit DB Packet Storm

253830	7.5	危険	The PHP Group アップルターボリナックス	-	PHP の SplObjectStorage における重要な情報を取得される脆弱性	CWE-399 リソース管理の問題	CVE-2010-2225	2010-10-19 15:20	2010-06-24	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:May 11, 2026, 4:09 a.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
209481	8.8	HIGH Network	j2store	j2store	The J2Store plugin before 3.3.13 for Joomla! allows a SQL injection attack by a trusted store manager.	CWE-89 SQL Injection	CVE-2020-13996	2024-11-21 14:02	2020-06-10	Show	GitHub Exploit DB Packet Storm

209482	5.4	MEDIUM Network	your_online_shop_project	your_online_shop	Your Online Shop 1.8.0 allows authenticated users to trigger XSS via a Change Name or Change Surname operation.	CWE-79 Cross-site Scripting	CVE-2020-13911	2024-11-21 14:02	2020-06-10	Show	GitHub Exploit DB Packet Storm

209483	8.8	HIGH Adjacent	royalapps	royal_ts	Royal TS before 5 has a 0.0.0.0 listener, which makes it easier for attackers to bypass tunnel authentication via a brute-force approach.	CWE-307 mproper Restriction of Excessive Authentication Attempts	CVE-2020-13872	2024-11-21 14:02	2020-06-10	Show	GitHub Exploit DB Packet Storm

209484	5.4	MEDIUM Network	themeboy	sportspress	The SportsPress plugin before 2.7.2 for WordPress allows XSS.	CWE-79 Cross-site Scripting	CVE-2020-13892	2024-11-21 14:02	2020-06-10	Show	GitHub Exploit DB Packet Storm

209485	4.8	MEDIUM Network	opencart	opencart	OpenCart 3.0.3.3 allows remote authenticated users to conduct XSS attacks via a crafted filename in the users' image upload section because of a lack of entity encoding. NOTE: this issue exists becau…	CWE-79 Cross-site Scripting	CVE-2020-13980	2024-11-21 14:02	2020-06-9	Show	GitHub Exploit DB Packet Storm

209486	7.2	HIGH Network	monstra	monstra_cms	Monstra CMS 3.0.4 allows an attacker, who already has administrative access to modify .chunk.php files on the Edit Chunk screen, to execute arbitrary OS commands via the Theme Module by visiting the …	CWE-78 OS Command	CVE-2020-13978	2024-11-21 14:02	2020-06-9	Show	GitHub Exploit DB Packet Storm

209487	4.9	MEDIUM Network	nagios fedoraproject	nagios fedora	Nagios 4.4.5 allows an attacker, who already has administrative access to change the "URL for JSON CGIs" configuration setting, to modify the Alert Histogram and Trends code via crafted versions of t…	CWE-829 Inclusion of Functionality from Untrusted Control Sphere	CVE-2020-13977	2024-11-21 14:02	2020-06-9	Show	GitHub Exploit DB Packet Storm

209488	8.8	HIGH Network	dd-wrt	dd-wrt	An issue was discovered in DD-WRT through 16214. The Diagnostic page allows remote attackers to execute arbitrary commands via shell metacharacters in the host field of the ping command. Exploitation…	CWE-78 OS Command	CVE-2020-13976	2024-11-21 14:02	2020-06-9	Show	GitHub Exploit DB Packet Storm

209489	7.8	HIGH Local	linux debian canonical	linux_kernel debian_linux ubuntu_linux	An issue was discovered in the Linux kernel 4.4 through 5.7.1. drivers/tty/vt/keyboard.c has an integer overflow if k_ascii is called several times in a row, aka CID-b86dab054059. NOTE: Members in th…	CWE-190 Integer Overflow or Wraparound	CVE-2020-13974	2024-11-21 14:02	2020-06-9	Show	GitHub Exploit DB Packet Storm

209490	6.1	MEDIUM Network	owasp	json-sanitizer	OWASP json-sanitizer before 1.2.1 allows XSS. An attacker who controls a substring of the input JSON, and controls another substring adjacent to a SCRIPT element in which the output is embedded as Ja…	CWE-79 Cross-site Scripting	CVE-2020-13973	2024-11-21 14:02	2020-06-9	Show	GitHub Exploit DB Packet Storm