Vulnerability Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":June 2, 2026, 6 p.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
253831	7.5	危険	MH Products	-	MH Products MHP Downloadshop の view_item.php における SQL インジェクションの脆弱性	CWE-89 SQLインジェクション	CVE-2010-4847	2011-09-30 14:11	2011-09-27	Show	GitHub Exploit DB Packet Storm

253832	7.5	危険	MH Products	-	MH Products Pay Pal Shop Digital の view_item.php における SQL インジェクションの脆弱性	CWE-89 SQLインジェクション	CVE-2010-4846	2011-09-30 14:11	2011-09-27	Show	GitHub Exploit DB Packet Storm

253833	7.5	危険	MH Products	-	MH Products Projekt Shop における SQL インジェクションの脆弱性	CWE-89 SQLインジェクション	CVE-2010-4845	2011-09-30 14:10	2011-09-27	Show	GitHub Exploit DB Packet Storm

253834	7.5	危険	MH Products	-	MH Products Easy Online Shop の content.php における SQL インジェクションの脆弱性	CWE-89 SQLインジェクション	CVE-2010-4844	2011-09-30 14:10	2011-09-27	Show	GitHub Exploit DB Packet Storm

253835	7.5	危険	PHP Web Scripts	-	PHP Web Scripts Ad Manager Pro の website-page.php における SQL インジェクションの脆弱性	CWE-89 SQLインジェクション	CVE-2010-4843	2011-09-30 14:09	2011-09-27	Show	GitHub Exploit DB Packet Storm

253836	7.5	危険	MH Products	-	MHP DownloadScript の admin/login.php における SQL インジェクションの脆弱性	CWE-89 SQLインジェクション	CVE-2010-4842	2011-09-30 14:09	2011-09-27	Show	GitHub Exploit DB Packet Storm

253837	10	危険	Interactive Data Corporation.	-	eSignal の WinSig.exe におけるサービス運用妨害 (クラッシュ) の脆弱性	CWE-119 バッファエラー	CVE-2011-3494	2011-09-30 14:01	2011-09-16	Show	GitHub Exploit DB Packet Storm

253838	5	警告	Cogent Real-Time Systems Inc.	-	Cogent DataHub における整数オーバーフローの脆弱性	CWE-189 数値処理の問題	CVE-2011-3501	2011-09-30 13:35	2011-09-16	Show	GitHub Exploit DB Packet Storm

253839	10	危険	Progea Srl	-	Progea Movicon / PowerHMI におけるサービス運用妨害 (メモリ破損およびクラッシュ) の脆弱性	CWE-119 バッファエラー	CVE-2011-3499	2011-09-30 13:29	2011-09-16	Show	GitHub Exploit DB Packet Storm

253840	10	危険	Progea Srl	-	Progea Movicon / PowerHMI におけるヒープベースのバッファオーバーフローの脆弱性	CWE-119 バッファエラー	CVE-2011-3491	2011-09-30 13:23	2011-09-16	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:June 2, 2026, 4:18 a.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
215801	7.8	HIGH Local	valvesoftware	source	Valve Source allows local users to gain privileges by writing to the /tmp/hl2_relaunch file, which is later executed in the context of a different user account.	CWE-78 OS Command	CVE-2020-12242	2024-11-21 13:59	2020-04-28	Show	GitHub Exploit DB Packet Storm

215802	8.8	HIGH Network	amd	atillk64	AMD ATI atillk64.sys 5.11.9.0 allows low-privileged users to interact directly with physical memory by calling one of several driver routines that map physical memory into the virtual address space o…	CWE-862 Missing Authorization	CVE-2020-12138	2024-11-21 13:59	2020-04-28	Show	GitHub Exploit DB Packet Storm

215803	9.8	CRITICAL Network	farukawa	electric_consciousmap	The Apros Evolution, ConsciusMap, and Furukawa provisioning systems through 2.8.1 allow remote code execution because of javax.faces.ViewState Java deserialization.	CWE-502 Deserialization of Untrusted Data	CVE-2020-12133	2024-11-21 13:59	2020-04-28	Show	GitHub Exploit DB Packet Storm

215804	7.5	HIGH Network	prestashop	correos_express	The Correos Express addon for PrestaShop 1.6 through 1.7 allows remote attackers to obtain sensitive information, such as a service's owner password that can be used to modify orders via SOAP. Attack…	CWE-732 Incorrect Permission Assignment for Critical Resource	CVE-2020-12120	2024-11-21 13:59	2020-04-28	Show	GitHub Exploit DB Packet Storm

215805	5.3	MEDIUM Network	trusteddomain fedoraproject	opendmarc fedora	OpenDMARC through 1.3.2 and 1.4.x allows attacks that inject authentication results to provide false information about the domain that originated an e-mail message. This is caused by incorrect parsin…	CWE-290 Authentication Bypass by Spoofing	CVE-2020-12272	2024-11-21 13:59	2020-04-27	Show	GitHub Exploit DB Packet Storm

215806	9.8	CRITICAL Network	testlink	testlink	In TestLink 1.9.20, the lib/cfields/cfieldsExport.php goback_url parameter causes a security risk because it depends on client input and is not constrained to lib/cfields/cfieldsView.php at the web s…	NVD-CWE-noinfo	CVE-2020-12274	2024-11-21 13:59	2020-04-27	Show	GitHub Exploit DB Packet Storm

215807	7.5	HIGH Network	testlink	testlink	In TestLink 1.9.20, a crafted login.php viewer parameter exposes cleartext credentials.	CWE-311 CWE-522 Missing Encryption of Sensitive Data Insufficiently Protected Credentials	CVE-2020-12273	2024-11-21 13:59	2020-04-27	Show	GitHub Exploit DB Packet Storm

215808	6.1	MEDIUM Network	grafana	grafana	Grafana version < 6.7.3 is vulnerable for annotation popup XSS.	CWE-79 Cross-site Scripting	CVE-2020-12052	2024-11-21 13:59	2020-04-27	Show	GitHub Exploit DB Packet Storm

215809	9.8	CRITICAL Network	sophos	sfos	A SQL injection issue was found in SFOS 17.0, 17.1, 17.5, and 18.0 before 2020-04-25 on Sophos XG Firewall devices, as exploited in the wild in April 2020. This affected devices configured with eithe…	CWE-89 SQL Injection	CVE-2020-12271	2024-11-21 13:59	2020-04-27	Show	GitHub Exploit DB Packet Storm

215810	9.8	CRITICAL Network	artifex debian opensuse	jbig2dec debian_linux leap	jbig2_image_compose in jbig2_image.c in Artifex jbig2dec before 0.18 has a heap-based buffer overflow.	CWE-787 Out-of-bounds Write	CVE-2020-12268	2024-11-21 13:59	2020-04-27	Show	GitHub Exploit DB Packet Storm

Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed