Vulnerability Search Top

Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

Vulnerability Information Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":May 12, 2026, 6 p.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
254931	4.3	警告	シュナイダーエレクトリック株式会社 (旧社名株式会社エーピーシー・ジャパン)	-	APC Network Management Card におけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2009-1798	2010-03-12 15:13	2009-12-28	Show	GitHub Exploit DB Packet Storm

254932	6.8	警告	シュナイダーエレクトリック株式会社 (旧社名株式会社エーピーシー・ジャパン)	-	APC Network Management Card におけるクロスサイトリクエストフォージェリの脆弱性	CWE-352 同一生成元ポリシー違反	CVE-2009-1797	2010-03-12 15:12	2009-12-28	Show	GitHub Exploit DB Packet Storm

254933	6.6	警告	日立	-	JP1/Cm2/Network Node Manager のリモートコンソールにおけるファイルパーミッションの脆弱性	CWE-264 認可・権限・アクセス制御	-	2010-03-12 15:12	2010-02-26	Show	GitHub Exploit DB Packet Storm

254934	9.3	危険	Panda Security	-	Panda Security ActiveScan におけるコンポーネントのデジタル署名を検証しない問題	CWE-94 コード・インジェクション	CVE-2009-3735	2010-03-12 15:12	2010-02-12	Show	GitHub Exploit DB Packet Storm

254935	5	警告	サイバートラスト株式会社 OpenSSL Project IBM レッドハット	-	OpenSSL の dtls1_retrieve_buffered_fragment 関数におけるサービス運用妨害 (DoS) の脆弱性	CWE-399 リソース管理の問題	CVE-2009-1379	2010-03-12 14:44	2009-05-19	Show	GitHub Exploit DB Packet Storm

254936	5	警告	サイバートラスト株式会社 OpenSSL Project IBM レッドハット	-	OpenSSL の dtls1_process_out_of_seq_message 関数におけるサービス運用妨害 (DoS) の脆弱性	CWE-399 リソース管理の問題	CVE-2009-1378	2010-03-12 14:44	2009-05-19	Show	GitHub Exploit DB Packet Storm

254937	5	警告	サイバートラスト株式会社 OpenSSL Project IBM レッドハット	-	OpenSSL の dtls1_buffer_record 関数におけるサービス運用妨害 (DoS) の脆弱性	CWE-119 バッファエラー	CVE-2009-1377	2010-03-12 14:43	2009-05-19	Show	GitHub Exploit DB Packet Storm

254938	5	警告	アップルサイバートラスト株式会社 OpenSSL Project Apache Software Foundation レッドハット	-	OpenSSL の zlib_stateful_init 関数におけるサービス運用妨害 (DoS) の脆弱性	CWE-399 リソース管理の問題	CVE-2008-1678	2010-03-12 14:43	2008-07-10	Show	GitHub Exploit DB Packet Storm

254939	5.8	警告	OpenPNEプロジェクト	-	OpenPNE におけるアクセス制限回避の脆弱性	CWE-264 認可・権限・アクセス制御	CVE-2010-1040	2010-03-11 12:39	2010-03-5	Show	GitHub Exploit DB Packet Storm

254940	10	危険	アドビシステムズ	-	Adobe Download Manager における任意のプログラムをダウンロードおよびインストールされる脆弱性	CWE-noinfo 情報不足	CVE-2010-0189	2010-03-11 12:07	2010-02-23	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:May 12, 2026, 5:06 a.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
196961	4.9	MEDIUM Network	arubanetworks	analytics_and_location_engine	A vulnerability exists in the Aruba Analytics and Location Engine (ALE) web management interface 2.1.0.2 and earlier firmware that allows an already authenticated administrative user to arbitrarily m…	NVD-CWE-noinfo	CVE-2020-7119	2024-11-21 14:36	2020-09-4	Show	GitHub Exploit DB Packet Storm

196962	9.1	CRITICAL Network	zte	zxiptv_firmware	A ZTE product is impacted by the cryptographic issues vulnerability. The encryption algorithm is not properly used, so remote attackers could use this vulnerability for account credential enumeration…	CWE-327 CWE-522 Use of a Broken or Risky Cryptographic Algorithm Insufficiently Protected Credentials	CVE-2020-6874	2024-11-21 14:36	2020-09-2	Show	GitHub Exploit DB Packet Storm

196963	5.3	MEDIUM Network	zte	zxr10_2800-4_almpufb\(low\)_firmware	A ZTE product has a DoS vulnerability. Because the equipment couldn’t distinguish the attack packets and normal packets with valid http links, the remote attackers could use this vulnerability to cau…	NVD-CWE-noinfo	CVE-2020-6873	2024-11-21 14:36	2020-09-2	Show	GitHub Exploit DB Packet Storm

196964	9.8	CRITICAL Network	os4ed	opensis	openSIS Community Edition version 7.3 is vulnerable to SQL injection via the USERNAME parameter of index.php.	CWE-89 SQL Injection	CVE-2020-6637	2024-11-21 14:36	2020-08-25	Show	GitHub Exploit DB Packet Storm

196965	6.5	MEDIUM Network	elastic	elasticsearch	In Elasticsearch before 7.9.0 and 6.8.12 a field disclosure flaw was found when running a scrolling search with Field Level Security. If a user runs the same query another more privileged user recent…	CWE-269 Improper Privilege Management	CVE-2020-7019	2024-11-21 14:36	2020-08-19	Show	GitHub Exploit DB Packet Storm

196966	8.8	HIGH Network	elastic	enterprise_search	Elastic Enterprise Search before 7.9.0 contain a credential exposure flaw in the App Search interface. If a user is given the ï¿½developerï¿½ role, they will be able to view the administrator API cre…	CWE-269 Improper Privilege Management	CVE-2020-7018	2024-11-21 14:36	2020-08-19	Show	GitHub Exploit DB Packet Storm

196967	3.9	LOW Physics	eaton	secureconnect	Eaton's Secure connect mobile app v1.7.3 & prior stores the user login credentials in logcat file when user create or register the account on the Mobile app. A malicious app or unauthorized user can …	CWE-200 CWE-532 Information Exposure Inclusion of Sensitive Information in Log Files	CVE-2020-6653	2024-11-21 14:36	2020-08-13	Show	GitHub Exploit DB Packet Storm

196968	9.8	CRITICAL Network	blackberry	qnx_software_development_platform	An information disclosure and remote code execution vulnerability in the slinger web server of the BlackBerry QNX Software Development Platform versions 6.4.0 to 6.6.0 could allow an attacker to pote…	NVD-CWE-noinfo	CVE-2020-6932	2024-11-21 14:36	2020-08-12	Show	GitHub Exploit DB Packet Storm

196969	8.8	HIGH Network	avaya	aura_messaging aura_communication_manager	A Cross-Site Request Forgery (CSRF) vulnerability was discovered in the System Management Interface Web component of Avaya Aura Communication Manager and Avaya Aura Messaging. This vulnerability coul…	CWE-352 Origin Validation Error	CVE-2020-7029	2024-11-21 14:36	2020-08-12	Show	GitHub Exploit DB Packet Storm

196970	6.7	MEDIUM Local	hpe	intelligent_provisioning service_pack_for_proliant smartstart_scripting_toolkit	A potential security vulnerability has been identified in HPE Intelligent Provisioning, Service Pack for ProLiant, and HPE Scripting ToolKit. The vulnerability could be locally exploited to allow arb…	NVD-CWE-noinfo	CVE-2020-7205	2024-11-21 14:36	2020-07-31	Show	GitHub Exploit DB Packet Storm