Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":May 13, 2026, 12:06 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
254011 9.3 危険 アドビシステムズ
レッドハット		 - Windows および Mac OS X 上で稼働する Adobe Reader および Acrobat における任意のコードを実行される脆弱性 CWE-20
不適切な入力確認 		CVE-2010-2889 2010-10-20 14:35 2010-10-5 Show GitHub Exploit DB Packet Storm
254012 9.3 危険 アドビシステムズ - Windows 上で稼働する Adobe Reader および Acrobat における任意のコードを実行される脆弱性 CWE-20
不適切な入力確認 		CVE-2010-2888 2010-10-20 14:35 2010-10-5 Show GitHub Exploit DB Packet Storm
254013 9.3 危険 アドビシステムズ
レッドハット		 - Linux 上で稼働する Adobe Reader および Acrobat における権限を取得される脆弱性 CWE-noinfo
情報不足 		CVE-2010-2887 2010-10-20 14:35 2010-10-5 Show GitHub Exploit DB Packet Storm
254014 6.8 警告 pon software - Archive Decoder における実行ファイル読み込みに関する脆弱性 CWE-Other
その他 		CVE-2010-3160 2010-10-20 14:03 2010-10-20 Show GitHub Exploit DB Packet Storm
254015 5.1 警告 pon software - Explzh における実行ファイル読み込みに関する脆弱性 CWE-Other
その他 		CVE-2010-3159 2010-10-20 14:02 2010-10-20 Show GitHub Exploit DB Packet Storm
254016 6.8 警告 サイバートラスト株式会社
FreeType Project
ターボリナックス
レッドハット		 - FreeType のデモプログラムにおけるバッファオーバーフローの脆弱性 CWE-119
バッファエラー 		CVE-2010-2527 2010-10-19 15:22 2010-07-12 Show GitHub Exploit DB Packet Storm
254017 6.8 警告 サイバートラスト株式会社
FreeType Project
ターボリナックス
レッドハット		 - FreeType の ftmulti.c におけるバッファオーバーフローの脆弱性 CWE-119
バッファエラー 		CVE-2010-2541 2010-10-19 15:20 2010-08-6 Show GitHub Exploit DB Packet Storm
254018 7.5 危険 The PHP Group
アップル
ターボリナックス		 - PHP の SplObjectStorage における重要な情報を取得される脆弱性 CWE-399
リソース管理の問題 		CVE-2010-2225 2010-10-19 15:20 2010-06-24 Show GitHub Exploit DB Packet Storm
254019 2.1 注意 The PHP Group
サイバートラスト株式会社
ターボリナックス
レッドハット		 - PHP における同じ Web サーバ上でホストされた別サイトの振る舞いを変更される脆弱性 CWE-134
書式文字列の問題 		CVE-2009-0754 2010-10-19 15:17 2009-03-3 Show GitHub Exploit DB Packet Storm
254020 5 警告 The PHP Group
アップル
ターボリナックス
レッドハット		 - PHP の JSON_parser 関数におけるサービス運用妨害 (DoS) の脆弱性 CWE-Other
その他 		CVE-2009-1271 2010-10-19 15:16 2009-04-8 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:May 13, 2026, 5:05 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
195861 8.8 HIGH
Network 		microfocus enterprise_developer
enterprise_server 		Insufficiently protected credentials vulnerability on Micro Focus enterprise developer and enterprise server, affecting all version prior to 4.0 Patch Update 16, and version 5.0 Patch Update 6. The v… CWE-522
 Insufficiently Protected Credentials 		CVE-2020-9523 2024-11-21 14:40 2020-04-18 Show GitHub Exploit DB Packet Storm
195862 7.5 HIGH
Network 		silverstripe silverstripe In SilverStripe through 4.5, files uploaded via Forms to folders migrated from Silverstripe CMS 3.x may be put to the default "/Uploads" folder instead. This affects installations which allowed uploa… CWE-434
 Unrestricted Upload of File with Dangerous Type  		CVE-2020-9280 2024-11-21 14:40 2020-04-16 Show GitHub Exploit DB Packet Storm
195863 8.8 HIGH
Network 		subex roc_partner_settlement An Insecure Direct Object Reference (IDOR) vulnerability in the Change Password feature of Subex ROC Partner Settlement 10.5 allows remote authenticated users to achieve account takeover via manipula… CWE-639
 Authorization Bypass Through User-Controlled Key 		CVE-2020-9384 2024-11-21 14:40 2020-04-15 Show GitHub Exploit DB Packet Storm
195864 5.4 MEDIUM
Network 		octech oempro Octech Oempro 4.7 through 4.11 allow stored XSS by an authenticated user. The FolderName parameter of the Media.CreateFolder command is vulnerable. CWE-79
Cross-site Scripting 		CVE-2020-9461 2024-11-21 14:40 2020-04-15 Show GitHub Exploit DB Packet Storm
195865 5.4 MEDIUM
Network 		octech oempro Octech Oempro 4.7 through 4.11 allow XSS by an authenticated user. The parameter CampaignName in Campaign.Create is vulnerable. CWE-79
Cross-site Scripting 		CVE-2020-9460 2024-11-21 14:40 2020-04-15 Show GitHub Exploit DB Packet Storm
195866 8.8 HIGH
Network 		rubrik cdm An issue was discovered in Rubrik 5.0.3-2296. An OS command injection vulnerability allows an authenticated attacker to remotely execute arbitrary code on Rubrik-managed systems. CWE-78
OS Command  		CVE-2020-9478 2024-11-21 14:40 2020-04-14 Show GitHub Exploit DB Packet Storm
195867 4.9 MEDIUM
Network 		dahuasecurity sd6al_firmware
sd5a_firmware
sd1a_firmware
ptz1a_firmware
sd50_firmware
sd52c_firmware
ipc-hx5842h_firmware
ipc-hx7842h_firmware
ipc-hx2xxx_firmware
ipc-hxxx5x4x_firmware 		Some products of Dahua have Denial of Service vulnerabilities. After the successful login of the legal account, the attacker sends a specific log query command, which may cause the device to go down. NVD-CWE-noinfo
CVE-2020-9500 2024-11-21 14:40 2020-04-9 Show GitHub Exploit DB Packet Storm
195868 7.2 HIGH
Network 		dahuasecurity sd6al_firmware
sd5a_firmware
sd1a_firmware
ptz1a_firmware
sd50_firmware
sd52c_firmware
ipc-hx5842h_firmware
ipc-hx7842h_firmware
ipc-hx2xxx_firmware
ipc-hxxx5x4x_firmware 		Some Dahua products have buffer overflow vulnerabilities. After the successful login of the legal account, the attacker sends a specific DDNS test command, which may cause the device to go down. CWE-120
Classic Buffer Overflow 		CVE-2020-9499 2024-11-21 14:40 2020-04-9 Show GitHub Exploit DB Packet Storm
195869 6.5 MEDIUM
Network 		fortinet fortiadc_firmware An improper authorization vulnerability in FortiADC may allow a remote authenticated user with low privileges to perform certain actions such as rebooting the system. NVD-CWE-noinfo
CVE-2020-9286 2024-11-21 14:40 2020-04-8 Show GitHub Exploit DB Packet Storm
195870 6.5 MEDIUM
Network 		idxbroker impress_for_idx_broker An issue was discovered in the IMPress for IDX Broker plugin before 2.6.2 for WordPress. wrappers.php allows a logged-in user (with the Subscriber role) to permanently delete arbitrary posts and page… CWE-862
 Missing Authorization 		CVE-2020-9514 2024-11-21 14:40 2020-04-8 Show GitHub Exploit DB Packet Storm