Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":May 27, 2026, 6 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
254791 7.2 危険 マイクロソフト - 複数の Microsoft 製品の win32k.sys における権限昇格の脆弱性 CWE-20
不適切な入力確認 		CVE-2011-0086 2011-03-7 14:52 2011-02-8 Show GitHub Exploit DB Packet Storm
254792 7.2 危険 マイクロソフト - Microsoft Windows XP の Trace Events 機能における権限昇格の脆弱性 CWE-119
バッファエラー 		CVE-2011-0045 2011-03-7 14:49 2011-02-8 Show GitHub Exploit DB Packet Storm
254793 7.2 危険 マイクロソフト - 複数の Microsoft 製品の Local Security Authority Subsystem Service における権限昇格の脆弱性 CWE-287
不適切な認証 		CVE-2011-0039 2011-03-7 14:47 2011-02-8 Show GitHub Exploit DB Packet Storm
254794 6.8 警告 OTRS プロジェクト - OTRS における OS コマンドインジェクションの脆弱性 CWE-78
OSコマンド・インジェクション 		CVE-2011-0456 2011-03-7 12:02 2011-03-7 Show GitHub Exploit DB Packet Storm
254795 7.1 危険 マイクロソフト - 複数の Microsoft 製品の JScript および VBScript スクリプトエンジンにおける重要な情報を取得される脆弱性 CWE-200
情報漏えい 		CVE-2011-0031 2011-03-4 15:12 2011-02-8 Show GitHub Exploit DB Packet Storm
254796 9.3 危険 マイクロソフト - Microsoft Visio の ELEMENTS.DLL における任意のコードを実行される脆弱性 CWE-94
コード・インジェクション 		CVE-2011-0093 2011-03-4 15:09 2011-02-8 Show GitHub Exploit DB Packet Storm
254797 9.3 危険 マイクロソフト - Microsoft Visio の LZW ストリーム圧縮機能における任意のコードを実行される脆弱性 CWE-94
コード・インジェクション 		CVE-2011-0092 2011-03-4 15:06 2011-02-8 Show GitHub Exploit DB Packet Storm
254798 5 警告 マイクロソフト - Windows Server 2003 上で稼働する Microsoft Active Directory におけるサービス運用妨害 (DoS) の脆弱性 CWE-20
不適切な入力確認 		CVE-2011-0040 2011-03-4 15:02 2011-02-8 Show GitHub Exploit DB Packet Storm
254799 9.3 危険 マイクロソフト - 複数の Microsoft 製品の Windows OpenType Compact Font Format ドライバにおける任意のコードを実行される脆弱性 CWE-20
不適切な入力確認 		CVE-2011-0033 2011-03-4 15:00 2011-02-8 Show GitHub Exploit DB Packet Storm
254800 9.3 危険 マイクロソフト - Microsoft Internet Explorer 8 における権限昇格の脆弱性 CWE-Other
その他 		CVE-2011-0038 2011-03-4 14:53 2011-02-8 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:May 28, 2026, 4:16 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
208521 9.8 CRITICAL
Network 		portainer portainer Portainer 1.24.1 and earlier is affected by incorrect access control that may lead to remote arbitrary code execution. The restriction checks for bind mounts are applied only on the client-side and n… CWE-863
 Incorrect Authorization 		CVE-2020-24264 2024-11-21 14:14 2021-03-17 Show GitHub Exploit DB Packet Storm
208522 8.8 HIGH
Network 		portainer portainer Portainer 1.24.1 and earlier is affected by an insecure permissions vulnerability that may lead to remote arbitrary code execution. A non-admin user is allowed to spawn new containers with critical c… CWE-732
 Incorrect Permission Assignment for Critical Resource 		CVE-2020-24263 2024-11-21 14:14 2021-03-17 Show GitHub Exploit DB Packet Storm
208523 8.8 HIGH
Network 		thedaylightstudio fuel_cms An issue was discovered in FUEL CMS 1.4.7. There is a escalation of privilege vulnerability to obtain super admin privilege via the "id" and "fuel_id" parameters. CWE-639
 Authorization Bypass Through User-Controlled Key 		CVE-2020-23722 2024-11-21 14:14 2021-03-10 Show GitHub Exploit DB Packet Storm
208524 5.4 MEDIUM
Network 		thedaylightstudio fuel_cms An issue was discovered in FUEL CMS V1.4.7. An attacker can use a XSS payload and bypass a filter via /fuelCM/fuel/pages/edit/1?lang=english. CWE-79
Cross-site Scripting 		CVE-2020-23721 2024-11-21 14:14 2021-03-10 Show GitHub Exploit DB Packet Storm
208525 7.8 HIGH
Local 		drweb security_space Dr.Web Security Space versions 11 and 12 allow elevation of privilege for local users without administrative privileges to NT AUTHORITY\SYSTEM due to insufficient control during autoupdate. CWE-347
 Improper Verification of Cryptographic Signature 		CVE-2020-23967 2024-11-21 14:14 2021-03-9 Show GitHub Exploit DB Packet Storm
208526 8.8 HIGH
Network 		fork-cms fork_cms PHP object injection in the Ajax endpoint of the backend in ForkCMS below version 5.8.3 allows an authenticated remote user to execute malicious code. CWE-502
 Deserialization of Untrusted Data 		CVE-2020-24036 2024-11-21 14:14 2021-03-4 Show GitHub Exploit DB Packet Storm
208527 6.7 MEDIUM
Local 		tpm2_software_stack_project
fedoraproject 		tpm2_software_stack
fedora 		Missing initialization of a variable in the TPM2 source may allow a privileged user to potentially enable an escalation of privilege via local access. This affects tpm2-tss before 3.0.1 and before 2.… CWE-909
 Missing Initialization of Resource 		CVE-2020-24455 2024-11-21 14:14 2021-02-26 Show GitHub Exploit DB Packet Storm
208528 7.8 HIGH
Local 		yz1 yz1 Buffer overflow in Yz1 0.30 and 0.32, as used in IZArc 4.4, ZipGenius 6.3.2.3116, and Explzh (extension) 8.14, allows attackers to execute arbitrary code via a crafted archive file, related to filena… CWE-787
 Out-of-bounds Write 		CVE-2020-24175 2024-11-21 14:14 2021-02-23 Show GitHub Exploit DB Packet Storm
208529 5.9 MEDIUM
Network 		tweetstream_project tweetstream TweetStream 2.6.1 uses the library eventmachine in an insecure way that does not have TLS hostname validation. This allows an attacker to perform a man-in-the-middle attack. CWE-295
Improper Certificate Validation  		CVE-2020-24393 2024-11-21 14:14 2021-02-20 Show GitHub Exploit DB Packet Storm
208530 5.9 MEDIUM
Network 		twitter-stream_project twitter-stream In voloko twitter-stream 0.1.10, missing TLS hostname validation allows an attacker to perform a man-in-the-middle attack against users of the library (because eventmachine is misused). CWE-295
Improper Certificate Validation  		CVE-2020-24392 2024-11-21 14:14 2021-02-20 Show GitHub Exploit DB Packet Storm