Vulnerability Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":May 9, 2026, 10 a.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
254071	9.3	危険	アドビシステムズ	-	Adobe Photoshop CS4 におけるバッファオーバーフローの脆弱性	CWE-119 バッファエラー	CVE-2010-1296	2010-06-15 18:25	2010-05-26	Show	GitHub Exploit DB Packet Storm

254072	5	警告	日立	-	Groupmax World Wide Web Desktop におけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	-	2010-06-14 16:24	2010-05-26	Show	GitHub Exploit DB Packet Storm

254073	4.3	警告	日立	-	Hitachi Web Server の SSL クライアント認証における CRL 失効確認不可の脆弱性	CWE-287 不適切な認証	-	2010-06-14 16:24	2010-05-17	Show	GitHub Exploit DB Packet Storm

254074	5	警告	日立	-	TP1/Message Control におけるサービス運用妨害 (DoS) の脆弱性	CWE-20 不適切な入力確認	-	2010-06-14 16:23	2010-05-17	Show	GitHub Exploit DB Packet Storm

254075	10	危険	日立 CA Technologies	-	CA XOsoft におけるバッファオーバーフローの脆弱性	CWE-119 バッファエラー	CVE-2010-1223	2010-06-14 16:23	2010-04-6	Show	GitHub Exploit DB Packet Storm

254076	5	警告	日立 CA Technologies	-	CA XOsoft における重要な情報を取得される脆弱性	CWE-287 不適切な認証	CVE-2010-1222	2010-06-14 16:23	2010-04-6	Show	GitHub Exploit DB Packet Storm

254077	5	警告	日立 CA Technologies	-	CA XOsoft におけるユーザ名を列挙される脆弱性	CWE-287 不適切な認証	CVE-2010-1221	2010-06-14 16:23	2010-04-6	Show	GitHub Exploit DB Packet Storm

254078	6.8	警告	フェンリル株式会社	-	ActiveGeckoBrowser における複数の脆弱性	CWE-Other その他	CVE-2010-2420	2010-06-14 12:01	2010-06-14	Show	GitHub Exploit DB Packet Storm

254079	6.8	警告	サン・マイクロシステムズ GNU Project ターボリナックスサイバートラスト株式会社レッドハット	-	GNU tar および GNU cpio の rmt_read__ 関数におけるヒープベースのバッファオーバーフローの脆弱性	CWE-119 バッファエラー	CVE-2010-0624	2010-06-11 18:45	2010-03-15	Show	GitHub Exploit DB Packet Storm

254080	3.5	注意	PostgreSQL.org サイバートラスト株式会社レッドハット	-	PostgreSQL における整数オーバーフローの脆弱性	CWE-189 数値処理の問題	CVE-2010-0733	2010-06-9 16:54	2010-03-19	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:May 9, 2026, 5:07 a.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
196201	7.8	HIGH Local	hmtalk	daviewindy	DaviewIndy 8.98.4 and earlier version contain Heap-based overflow vulnerability, triggered when the user opens a malformed specific file that is mishandled by Daview.exe. Attackers could exploit this…	CWE-787 Out-of-bounds Write	CVE-2020-7829	2024-11-21 14:37	2020-07-30	Show	GitHub Exploit DB Packet Storm

196202	7.8	HIGH Local	hmtalk	daviewindy	DaviewIndy 8.98.4 and earlier version contain Heap-based overflow vulnerability, triggered when the user opens a malformed specific file that is mishandled by Daview.exe. Attackers could exploit this…	CWE-787 Out-of-bounds Write	CVE-2020-7828	2024-11-21 14:37	2020-07-30	Show	GitHub Exploit DB Packet Storm

196203	7.8	HIGH Local	hmtalk	daviewindy	DaviewIndy 8.98.7 and earlier version contain Use-After-Free vulnerability, triggered when the user opens a malformed specific file that is mishandled by Daview.exe. Attackers could exploit this and …	CWE-416 Use After Free	CVE-2020-7827	2024-11-21 14:37	2020-07-30	Show	GitHub Exploit DB Packet Storm

196204	9.8	CRITICAL Network	express-fileupload_project netapp	express-fileupload max_data	This affects the package express-fileupload before 1.1.8. If the parseNested option is enabled, sending a corrupt HTTP request can lead to denial of service or arbitrary code execution.	CWE-1321 Improperly Controlled Modification of Object Prototype Attributes ('Prototype Pollution')	CVE-2020-7699	2024-11-21 14:37	2020-07-30	Show	GitHub Exploit DB Packet Storm

196205	9.8	CRITICAL Network	gerapy	gerapy	This affects the package Gerapy from 0 and before 0.9.3. The input being passed to Popen, via the project_configure endpoint, isn’t being sanitized.	CWE-78 OS Command	CVE-2020-7698	2024-11-21 14:37	2020-07-29	Show	GitHub Exploit DB Packet Storm

196206	9.8	CRITICAL Network	mock2easy_project	mock2easy	This affects all versions of package mock2easy. a malicious user could inject commands through the _data variable: Affected Area require('../server/getJsonByCurl')(mock2easy, function (error, stdout)…	CWE-77 Command Injection	CVE-2020-7697	2024-11-21 14:37	2020-07-29	Show	GitHub Exploit DB Packet Storm

196207	7.5	HIGH Network	umbraco	umbraco_forms	This affects all versions of package UmbracoForms. When using the default configuration for upload forms, it is possible to upload arbitrary file types. The package offers a way for users to mitigate…	CWE-1188 Insecure Default Initialization of Resource	CVE-2020-7685	2024-11-21 14:37	2020-07-29	Show	GitHub Exploit DB Packet Storm

196208	5.3	MEDIUM Network	encode	uvicorn	Uvicorn before 0.11.7 is vulnerable to HTTP response splitting. CRLF sequences are not escaped in the value of HTTP headers. Attackers can exploit this to add arbitrary headers to HTTP responses, or …	CWE-74 Injection	CVE-2020-7695	2024-11-21 14:37	2020-07-27	Show	GitHub Exploit DB Packet Storm

196209	7.5	HIGH Network	encode	uvicorn	This affects all versions of package uvicorn. The request logger provided by the package is vulnerable to ASNI escape sequence injection. Whenever any HTTP request is received, the default behaviour …	CWE-94 CWE-116 Code Injection Improper Encoding or Escaping of Output	CVE-2020-7694	2024-11-21 14:37	2020-07-27	Show	GitHub Exploit DB Packet Storm

196210	7.5	HIGH Network	fast-http_project	fast-http	This affects all versions of package fast-http. There is no path sanitization in the path provided at fs.readFile in index.js.	CWE-22 Path Traversal	CVE-2020-7687	2024-11-21 14:37	2020-07-25	Show	GitHub Exploit DB Packet Storm

Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed