Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":May 12, 2026, 6 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
253951 5 警告 IBM - IBM WebSphere Application Server の Web コンテナ におけるサービス運用妨害 (DoS) の脆弱性 CWE-20
不適切な入力確認 		CVE-2010-0776 2010-10-8 17:04 2010-05-8 Show GitHub Exploit DB Packet Storm
253952 5 警告 Drupal
サイバートラスト株式会社		 - Drupal の OpenID モジュールにおける認証を回避される脆弱性 CWE-287
不適切な認証 		CVE-2010-3686 2010-10-7 16:40 2010-08-11 Show GitHub Exploit DB Packet Storm
253953 5 警告 Drupal
サイバートラスト株式会社		 - Drupal の OpenID モジュールにおける認証を回避される脆弱性 CWE-287
不適切な認証 		CVE-2010-3685 2010-10-7 16:39 2010-08-11 Show GitHub Exploit DB Packet Storm
253954 5 警告 Drupal
サイバートラスト株式会社		 - Drupal の OpenID モジュールにおける認証を回避される脆弱性 CWE-287
不適切な認証 		CVE-2010-3091 2010-10-7 16:39 2010-08-11 Show GitHub Exploit DB Packet Storm
253955 2.1 注意 Drupal
サイバートラスト株式会社		 - Drupal におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2010-3094 2010-10-7 16:39 2010-08-11 Show GitHub Exploit DB Packet Storm
253956 3.5 注意 Drupal
サイバートラスト株式会社		 - Drupal の comment モジュールにおけるアクセス制限を回避される脆弱性 CWE-264
認可・権限・アクセス制御 		CVE-2010-3093 2010-10-7 16:38 2010-08-11 Show GitHub Exploit DB Packet Storm
253957 5.5 警告 Drupal
サイバートラスト株式会社		 - Drupal の upload モジュールにおけるファイルのダウンロード制限を回避される脆弱性 CWE-264
認可・権限・アクセス制御 		CVE-2010-3092 2010-10-7 16:37 2010-08-11 Show GitHub Exploit DB Packet Storm
253958 9.3 危険 アップル - Apple QuickTime の IPersistPropertyBag2::Read における任意のコードを実行される脆弱性 CWE-94
コード・インジェクション 		CVE-2010-1818 2010-10-6 16:57 2010-08-31 Show GitHub Exploit DB Packet Storm
253959 9.3 危険 IBM - IBM Lotus Domino サーバの MailCheck821Address 関数におけるスタックベースのバッファオーバーフローの脆弱性 CWE-119
バッファエラー 		CVE-2010-3407 2010-10-6 16:57 2010-09-16 Show GitHub Exploit DB Packet Storm
253960 6.8 警告 マイクロソフト - Microsoft Outlook Web Access におけるクロスサイトリクエストフォージェリの脆弱性 CWE-352
同一生成元ポリシー違反 		CVE-2010-3213 2010-10-6 16:56 2010-09-7 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:May 12, 2026, 5:06 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
195911 5.4 MEDIUM
Network 		rocket.chat rocket.chat The `specializedRendering` function in Rocket.Chat server before 3.9.2 allows a cross-site scripting (XSS) vulnerability by way of the `value` parameter. CWE-79
Cross-site Scripting 		CVE-2020-8288 2024-11-21 14:38 2021-01-27 Show GitHub Exploit DB Packet Storm
195912 6.5 MEDIUM
Network 		nodejs
debian
fedoraproject
oracle
siemens 		node.js
debian_linux
fedora
graalvm
sinec_infrastructure_network_services 		Node.js versions before 10.23.1, 12.20.1, 14.15.4, 15.5.1 allow two copies of a header field in an HTTP request (for example, two Transfer-Encoding header fields). In this case, Node.js identifies th… CWE-444
HTTP Request Smuggling 		CVE-2020-8287 2024-11-21 14:38 2021-01-7 Show GitHub Exploit DB Packet Storm
195913 5.4 MEDIUM
Network 		nextcloud contacts A missing file type check in Nextcloud Contacts 3.3.0 allows a malicious user to upload malicious SVG files to perform cross-site scripting (XSS) attacks. CWE-79
Cross-site Scripting 		CVE-2020-8281 2024-11-21 14:38 2021-01-7 Show GitHub Exploit DB Packet Storm
195914 5.4 MEDIUM
Network 		nextcloud contacts A missing file type check in Nextcloud Contacts 3.4.0 allows a malicious user to upload SVG files as PNG files to perform cross-site scripting (XSS) attacks. CWE-79
Cross-site Scripting 		CVE-2020-8280 2024-11-21 14:38 2021-01-7 Show GitHub Exploit DB Packet Storm
195915 4.3 MEDIUM
Network 		citrix secure_mail Citrix Secure Mail for Android before 20.11.0 suffers from improper access control allowing unauthenticated access to read limited calendar related data stored within Secure Mail. Note that a malicio… CWE-269
 Improper Privilege Management 		CVE-2020-8275 2024-11-21 14:38 2021-01-7 Show GitHub Exploit DB Packet Storm
195916 6.5 MEDIUM
Network 		citrix secure_mail Citrix Secure Mail for Android before 20.11.0 suffers from Improper Control of Generation of Code ('Code Injection') by allowing unauthenticated access to read data stored within Secure Mail. Note th… CWE-94
Code Injection 		CVE-2020-8274 2024-11-21 14:38 2021-01-7 Show GitHub Exploit DB Packet Storm
195917 6.1 MEDIUM
Network 		rubyonrails rails In actionpack gem >= 6.0.0, a possible XSS vulnerability exists when an application is running in development mode allowing an attacker to send or embed (in another page) a specially crafted URL whic… CWE-79
Cross-site Scripting 		CVE-2020-8264 2024-11-21 14:38 2021-01-7 Show GitHub Exploit DB Packet Storm
195918 8.1 HIGH
Network 		nodejs
debian
fedoraproject
oracle
siemens 		node.js
debian_linux
fedora
graalvm
sinec_infrastructure_network_services 		Node.js versions before 10.23.1, 12.20.1, 14.15.4, 15.5.1 are vulnerable to a use-after-free bug in its TLS implementation. When writing to a TLS enabled socket, node::StreamBase::Write calls node::T… CWE-416
 Use After Free 		CVE-2020-8265 2024-11-21 14:38 2021-01-7 Show GitHub Exploit DB Packet Storm
195919 6.1 MEDIUM
Network 		mendix mendixsso MendixSSO <= 2.1.1 contains endpoints that make use of the openid handler, which is suffering from a Cross-Site Scripting vulnerability via the URL path. This is caused by the reflection of user-supp… CWE-79
Cross-site Scripting 		CVE-2020-8160 2024-11-21 14:38 2021-01-7 Show GitHub Exploit DB Packet Storm
195920 7.8 HIGH
Local 		backblaze backblaze Backblaze for Windows and Backblaze for macOS before 7.0.0.439 suffer from improper privilege management in `bztransmit` helper due to lack of permission handling and validation before creation of cl… CWE-269
 Improper Privilege Management 		CVE-2020-8290 2024-11-21 14:38 2020-12-27 Show GitHub Exploit DB Packet Storm