Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":May 7, 2026, 6 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
254041 10 危険 IntelliCom Innovation AB - IntelliCom NetBiter Config HICP におけるバッファオーバーフローの脆弱性 CWE-119
バッファエラー 		CVE-2009-4462 2010-04-12 12:19 2010-03-29 Show GitHub Exploit DB Packet Storm
254042 7.5 危険 The PHP Group - PHP の セッション拡張子における open_basedir または safe_mode 制限を回避される脆弱性 CWE-264
認可・権限・アクセス制御 		CVE-2010-1130 2010-04-12 12:19 2010-03-26 Show GitHub Exploit DB Packet Storm
254043 4.3 警告 Zope Foundation - Zope におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2010-1104 2010-04-9 16:21 2010-03-25 Show GitHub Exploit DB Packet Storm
254044 4 警告 ヒューレット・パッカード - HP HP-UX の NFS/ONCplus にあるインストールプロセスにおけるファイルシステムのアクセス権を取得される脆弱性 CWE-264
認可・権限・アクセス制御 		CVE-2010-0451 2010-04-9 16:21 2010-03-25 Show GitHub Exploit DB Packet Storm
254045 7.5 危険 GNU Project
サイバートラスト株式会社
レッドハット		 - GnuTLS の gnutls_x509_crt_get_serial 関数におけるスタックベースのバッファオーバーフローの脆弱性 CWE-119
バッファエラー 		CVE-2010-0731 2010-04-9 16:21 2010-03-25 Show GitHub Exploit DB Packet Storm
254046 4.3 警告 シスコシステムズ - Cisco Router and Security Device Manager におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2010-0594 2010-04-8 15:03 2010-04-8 Show GitHub Exploit DB Packet Storm
254047 4.3 警告 MODX - MODx におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2010-1427 2010-04-8 15:02 2010-04-8 Show GitHub Exploit DB Packet Storm
254048 7.5 危険 MODX - MODx における SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2010-1426 2010-04-8 15:02 2010-04-8 Show GitHub Exploit DB Packet Storm
254049 7.8 危険 シスコシステムズ - Cisco IOS および Cisco ルータにおける IKE パケットの処理に関するサービス運用妨害 (DoS) の脆弱性 CWE-310
暗号の問題 		CVE-2010-0578 2010-04-8 10:42 2010-03-24 Show GitHub Exploit DB Packet Storm
254050 7.8 危険 シスコシステムズ - Cisco IOS における SCCP パケットの処理に関するサービス運用妨害 (DoS) の脆弱性 CWE-noinfo
情報不足 		CVE-2010-0584 2010-04-8 10:42 2010-03-24 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:May 7, 2026, 4:22 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
196921 9.1 CRITICAL
Network 		webroot endpoint_agents Webroot endpoint agents prior to version v9.0.28.48 allows remote attackers to trigger a type confusion vulnerability over its listening TCP port, resulting in crashing or reading memory contents of … CWE-843
Type Confusion 		CVE-2020-5754 2024-11-21 14:34 2020-06-16 Show GitHub Exploit DB Packet Storm
196922 8.8 HIGH
Network 		plex media_server Improper Access Control in Plex Media Server prior to June 15, 2020 allows any origin to execute cross-origin application requests. NVD-CWE-noinfo
CVE-2020-5742 2024-11-21 14:34 2020-06-16 Show GitHub Exploit DB Packet Storm
196923 8.1 HIGH
Network 		pivotal_software spring_batch When configured to enable default typing, Jackson contained a deserialization vulnerability that could lead to arbitrary code execution. Jackson fixed this vulnerability by blacklisting known "deseri… CWE-502
 Deserialization of Untrusted Data 		CVE-2020-5411 2024-11-21 14:34 2020-06-12 Show GitHub Exploit DB Packet Storm
196924 8.8 HIGH
Network 		zenphoto zenphoto Zenphoto versions prior to 1.5.7 allows an attacker to conduct PHP code injection attacks by leading a user to upload a specially crafted .zip file. CWE-94
Code Injection 		CVE-2020-5593 2024-11-21 14:34 2020-06-11 Show GitHub Exploit DB Packet Storm
196925 6.1 MEDIUM
Network 		zenphoto zenphoto Cross-site scripting vulnerability in Zenphoto versions prior to 1.5.7 allows remote attackers to inject an arbitrary JavaScript via unspecified vectors. CWE-79
Cross-site Scripting 		CVE-2020-5592 2024-11-21 14:34 2020-06-11 Show GitHub Exploit DB Packet Storm
196926 6.7 MEDIUM
Local 		dell latitude_5300_firmware
latitude_5300_2-in-1_firmware
latitude_5400_firmware
latitude_5401_firmware
latitude_5500_firmware
latitude_5501_firmware
latitude_7200_2_in_1_firmware
lat… 		Select Dell Client Consumer and Commercial platforms include an issue that allows the BIOS Admin password to be changed through Dell's manageability interface without knowledge of the current BIOS Ad… NVD-CWE-Other
CVE-2020-5363 2024-11-21 14:34 2020-06-11 Show GitHub Exploit DB Packet Storm
196927 8.8 HIGH
Adjacent 		sony wf-1000x_firmware
wf-sp700n_firmware
wh-1000xm2_firmware
wh-1000xm3_firmware
wh-ch700n_firmware
wh-h900n_firmware
wh-xb700_firmware
wh-xb900n_firmware
wi-1000x_firmware
wi-… 		SONY Wireless Headphones WF-1000X, WF-SP700N, WH-1000XM2, WH-1000XM3, WH-CH700N, WH-H900N, WH-XB700, WH-XB900N, WI-1000X, WI-C600N and WI-SP600N with firmware versions prior to 4.5.2 have vulnerabili… CWE-306
Missing Authentication for Critical Function 		CVE-2020-5589 2024-11-21 14:34 2020-06-9 Show GitHub Exploit DB Packet Storm
196928 7.5 HIGH
Network 		xack xack_dns XACK DNS 1.11.0 to 1.11.4, 1.10.0 to 1.10.8, 1.8.0 to 1.8.23, 1.7.0 to 1.7.18, and versions before 1.7.0 allow remote attackers to cause a denial of service condition resulting in degradation of the … CWE-674
 Uncontrolled Recursion 		CVE-2020-5591 2024-11-21 14:34 2020-06-6 Show GitHub Exploit DB Packet Storm
196929 7.5 HIGH
Network 		vmware spring_cloud_config Spring Cloud Config, versions 2.2.x prior to 2.2.3, versions 2.1.x prior to 2.1.9, and older unsupported versions allow applications to serve arbitrary configuration files through the spring-cloud-co… CWE-22
Path Traversal 		CVE-2020-5410 2024-11-21 14:34 2020-06-3 Show GitHub Exploit DB Packet Storm
196930 4.6 MEDIUM
Physics 		cybozu kintone Android App 'kintone mobile for Android' 1.0.0 to 2.5 allows an attacker to obtain credential information registered in the product via unspecified vectors. CWE-200
Information Exposure 		CVE-2020-5573 2024-11-21 14:34 2020-05-29 Show GitHub Exploit DB Packet Storm