Vulnerability Search Top

Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

Vulnerability Information Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":May 13, 2026, 6 p.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
254191	9.3	危険	Opera Software ASA	-	Opera における任意のコードを実行される脆弱性	CWE-399 リソース管理の問題	CVE-2008-4197	2010-09-27 16:03	2008-09-27	Show	GitHub Exploit DB Packet Storm

254192	4.3	警告	Opera Software ASA	-	Opera におけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2008-4196	2010-09-27 16:02	2008-09-27	Show	GitHub Exploit DB Packet Storm

254193	5	警告	Opera Software ASA	-	Opera における任意のアドレスの表示を誘発させられる脆弱性	CWE-264 認可・権限・アクセス制御	CVE-2008-4195	2010-09-27 16:02	2008-09-27	Show	GitHub Exploit DB Packet Storm

254194	6.8	警告	Opera Software ASA	-	Opera における HTTP セッションハイジャックの脆弱性	CWE-264 認可・権限・アクセス制御	CVE-2008-3172	2010-09-27 16:01	2008-07-14	Show	GitHub Exploit DB Packet Storm

254195	10	危険	Opera Software ASA	-	Windows 上で稼働する Opera における任意のコードを実行される脆弱性	CWE-noinfo 情報不足	CVE-2008-3079	2010-09-27 16:01	2008-07-9	Show	GitHub Exploit DB Packet Storm

254196	7.8	危険	Opera Software ASA	-	Opera における初期化されていないメモリコンテンツを読まれる脆弱性	CWE-200 情報漏えい	CVE-2008-3078	2010-09-27 16:01	2008-07-9	Show	GitHub Exploit DB Packet Storm

254197	5	警告	Opera Software ASA	-	Opera における信頼されたフレームのコンテンツを偽装される脆弱性	CWE-DesignError	CVE-2008-2716	2010-09-27 16:00	2008-06-16	Show	GitHub Exploit DB Packet Storm

254198	5	警告	Opera Software ASA	-	Opera におけるクロスドメインの脆弱性	CWE-200 情報漏えい	CVE-2008-2715	2010-09-27 16:00	2008-06-16	Show	GitHub Exploit DB Packet Storm

254199	5	警告	Opera Software ASA	-	Opera における Web ページのアドレスを偽装される脆弱性	CWE-DesignError	CVE-2008-2714	2010-09-27 15:59	2008-06-16	Show	GitHub Exploit DB Packet Storm

254200	9.3	危険	Opera Software ASA	-	Opera におけるパスワード入力時のキーボードハンドリングの処理に関する脆弱性	CWE-noinfo 情報不足	CVE-2008-1764	2010-09-27 15:59	2008-04-12	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:May 14, 2026, 4 a.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
201531	7.5	HIGH Network	redislabs	redisgraph	RedisGraph 2.x through 2.2.11 has a NULL Pointer Dereference that leads to a server crash because it mishandles an unquoted string, such as an alias that has not yet been introduced.	CWE-476 NULL Pointer Dereference	CVE-2020-35668	2024-11-21 14:27	2020-12-24	Show	GitHub Exploit DB Packet Storm

201532	8.8	HIGH Network	steedos	steedos	Steedos Platform through 1.21.24 allows NoSQL injection because the /api/collection/findone implementation in server/packages/steedos_base.js mishandles req.body validation, as demonstrated by MongoD…	CWE-89 SQL Injection	CVE-2020-35666	2024-11-21 14:27	2020-12-24	Show	GitHub Exploit DB Packet Storm

201533	9.8	CRITICAL Network	terra-master	terramaster_operating_system	An unauthenticated command-execution vulnerability exists in TerraMaster TOS through 4.2.06 via shell metacharacters in the Event parameter in include/makecvs.php during CSV creation.	CWE-78 OS Command	CVE-2020-35665	2024-11-21 14:27	2020-12-24	Show	GitHub Exploit DB Packet Storm

201534	7.5	HIGH Network	advanced_comment_system_project	advanced_comment_system	ACS Advanced Comment System 1.0 is affected by Directory Traversal via an advanced_component_system/index.php?ACS_path=..%2f URI. NOTE: this might be the same as CVE-2009-4623	CWE-22 Path Traversal	CVE-2020-35598	2024-11-21 14:27	2020-12-24	Show	GitHub Exploit DB Packet Storm

201535	8.8	HIGH Network	raysync	raysync	A RCE vulnerability exists in Raysync below 3.3.3.8. An unauthenticated unauthorized attacker sending a specifically crafted request to override the specific file in server with malicious content can…	CWE-22 Path Traversal	CVE-2020-35370	2024-11-21 14:27	2020-12-24	Show	GitHub Exploit DB Packet Storm

201536	8.8	HIGH Network	nagios	nagios_core	Nagios Core application version 4.2.4 is vulnerable to Site-Wide Cross-Site Request Forgery (CSRF) in many functions, like adding – deleting for hosts or servers.	CWE-352 Origin Validation Error	CVE-2020-35269	2024-11-21 14:27	2020-12-24	Show	GitHub Exploit DB Packet Storm

201537	6.1	MEDIUM Network	egavilanmedia	user_registration_and_login_system_with_admin_panel	Cross Site Scripting (XSS) vulnerability via the 'Full Name' parameter in the User Registration section of User Registration & Login System with Admin Panel 1.0.	CWE-79 Cross-site Scripting	CVE-2020-35252	2024-11-21 14:27	2020-12-24	Show	GitHub Exploit DB Packet Storm

201538	6.1	MEDIUM Network	uncannyowl	uncanny_groups_for_learndash	Multiple cross-site scripting (XSS) vulnerabilities in Uncanny Groups for LearnDash before v3.7 allow authenticated remote attackers to inject arbitrary JavaScript or HTML via the ulgm_code_redeem PO…	CWE-79 Cross-site Scripting	CVE-2020-35650	2024-11-21 14:27	2020-12-24	Show	GitHub Exploit DB Packet Storm

201539	7.5	HIGH Network	mersive	solstice_firmware	In Solstice Pod before 3.0.3, the firmware can easily be decompiled/disassembled. The decompiled/disassembled files contain non-obfuscated code. NOTE: it is unclear whether lack of obfuscation is dir…	NVD-CWE-noinfo	CVE-2020-35587	2024-11-21 14:27	2020-12-24	Show	GitHub Exploit DB Packet Storm

201540	7.5	HIGH Network	mersive	solstice_pod_firmware	In Solstice Pod before 3.3.0 (or Open4.3), the Administrator password can be enumerated using brute-force attacks via the /Config/service/initModel?password= Solstice Open Control API because there i…	CWE-307 mproper Restriction of Excessive Authentication Attempts	CVE-2020-35586	2024-11-21 14:27	2020-12-24	Show	GitHub Exploit DB Packet Storm