Vulnerability Search Top

Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

Vulnerability Information Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":June 7, 2026, 6 p.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
255021	10	危険	7-Technologies	-	7-Technologies Interactive Graphical SCADA System の IGSSdataServer.exe におけるスタックベースのオーバーフロー脆弱性	CWE-119 バッファエラー	CVE-2011-1567	2011-06-2 09:51	2011-04-5	Show	GitHub Exploit DB Packet Storm

255022	10	危険	7-Technologies	-	7-Technologies Interactive Graphical SCADA System の dc.exe におけるディレクトリトラバーサルの脆弱性	CWE-22 パス・トラバーサル	CVE-2011-1566	2011-06-2 09:50	2011-04-5	Show	GitHub Exploit DB Packet Storm

255023	10	危険	7-Technologies	-	7-Technologies Interactive Graphical SCADA System の IGSSdataServer.exe におけるディレクトリトラバーサルの脆弱性	CWE-22 パス・トラバーサル	CVE-2011-1565	2011-06-2 09:48	2011-04-5	Show	GitHub Exploit DB Packet Storm

255024	10	危険	RealFlex Technologies	-	DATAC RealFlex RealWin の HMI アプリケーションにおける整数オーバーフローの脆弱性	CWE-189 数値処理の問題	CVE-2011-1564	2011-06-2 09:47	2011-04-5	Show	GitHub Exploit DB Packet Storm

255025	10	危険	RealFlex Technologies	-	DATAC RealFlex RealWin の HMI アプリケーションにおけるスタックベースのバッファオーバーフローの脆弱性	CWE-119 バッファエラー	CVE-2011-1563	2011-06-2 09:46	2011-04-5	Show	GitHub Exploit DB Packet Storm

255026	4.7	警告	レッドハット Richard W.M. Jones	-	virt-v2v および virt-inspector などの製品に使用される libguestfs におけるホスト OS 上のファイルを読まれる脆弱性	CWE-200 情報漏えい	CVE-2010-3851	2011-06-1 10:25	2010-11-4	Show	GitHub Exploit DB Packet Storm

255027	4.4	警告	Todd C. Miller レッドハット	-	sudo の check.c における認証要求を回避される脆弱性	CWE-264 認可・権限・アクセス制御	CVE-2011-0010	2011-05-31 11:41	2011-01-18	Show	GitHub Exploit DB Packet Storm

255028	-	-	SmarterTools Inc.	-	SmarterTools 製ウェブサーバに複数の脆弱性	-	-	2011-05-31 11:40	2011-05-19	Show	GitHub Exploit DB Packet Storm

255029	-	-	OpenSSL Project	-	OpenSSL における ECDSA 秘密鍵が漏えいしてしまう問題	-	-	2011-05-31 11:23	2011-05-18	Show	GitHub Exploit DB Packet Storm

255030	4.3	警告	Apache Software Foundation	-	Apache Tomcat におけるアクセス制限を回避される脆弱性	CWE-264 認可・権限・アクセス制御	CVE-2011-1582	2011-05-31 11:19	2011-05-8	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:June 7, 2026, 4:13 a.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
218021	7.5	HIGH Network	wavlink	wl-wn575a3_firmware wl-wn579g3_firmware wn531a6_firmware wn535g3_firmware wn530h4_firmware wn57x93_firmware wn572hg3_firmware wn575a4_firmware wn578a2_firmware wn579g3_firm…	An issue was discovered affecting a backup feature where a crafted POST request returns the current configuration of the device in cleartext, including the administrator password. No authentication i…	CWE-306 Missing Authentication for Critical Function	CVE-2020-10974	2024-11-21 13:56	2020-05-8	Show	GitHub Exploit DB Packet Storm

218022	7.5	HIGH Network	wavlink	wn530hg4_firmware wn531g3_firmware wn533a8_firmware wn551k1_firmware	An issue was discovered in Wavlink WN530HG4, Wavlink WN531G3, Wavlink WN533A8, and Wavlink WN551K1 affecting /cgi-bin/ExportAllSettings.sh where a crafted POST request returns the current configurati…	CWE-306 Missing Authentication for Critical Function	CVE-2020-10973	2024-11-21 13:56	2020-05-8	Show	GitHub Exploit DB Packet Storm

218023	7.5	HIGH Network	wavlink	wn530hg4_firmware wn531g3_firmware wn572hg3_firmware	An issue was discovered where a page is exposed that has the current administrator password in cleartext in the source code of the page. No authentication is required in order to reach the page (a ce…	CWE-306 CWE-522 Missing Authentication for Critical Function Insufficiently Protected Credentials	CVE-2020-10972	2024-11-21 13:56	2020-05-8	Show	GitHub Exploit DB Packet Storm

218024	8.8	HIGH Network	wavlink	wl-wn575a3_firmware wl-wn530hg4_firmware wl-wn579g3_firmware	An issue was discovered on Wavlink Jetstream devices where a crafted POST request can be sent to adm.cgi that will result in the execution of the supplied command if there is an active session at the…	CWE-20 Improper Input Validation	CVE-2020-10971	2024-11-21 13:56	2020-05-8	Show	GitHub Exploit DB Packet Storm

218025	5.4	MEDIUM Network	glpi-project	glpi	In GLPI before version 9.4.6 there are multiple related stored XSS vulnerabilities. The package is vulnerable to Stored XSS in the comments of items in the Knowledge base. Adding a comment with conte…	CWE-79 Cross-site Scripting	CVE-2020-11036	2024-11-21 13:56	2020-05-6	Show	GitHub Exploit DB Packet Storm

218026	9.3	CRITICAL Network	glpi-project fedoraproject	glpi fedora	In GLPI after version 0.83.3 and before version 9.4.6, the CSRF tokens are generated using an insecure algorithm. The implementation uses rand and uniqid and MD5 which does not provide secure values.…	CWE-327 Use of a Broken or Risky Cryptographic Algorithm	CVE-2020-11035	2024-11-21 13:56	2020-05-6	Show	GitHub Exploit DB Packet Storm

218027	6.1	MEDIUM Network	glpi-project	glpi	In GLPI before version 9.4.6, there is a vulnerability that allows bypassing the open redirect protection based which is based on a regexp. This is fixed in version 9.4.6.	CWE-601 Open Redirect	CVE-2020-11034	2024-11-21 13:56	2020-05-6	Show	GitHub Exploit DB Packet Storm

218028	7.2	HIGH Network	glpi-project	glpi	In GLPI before version 9.4.6, there is a SQL injection vulnerability for all helpdesk instances. Exploiting this vulnerability requires a technician account. This is fixed in version 9.4.6.	CWE-89 SQL Injection	CVE-2020-11032	2024-11-21 13:56	2020-05-6	Show	GitHub Exploit DB Packet Storm

218029	6.5	MEDIUM Network	zohocorp	manageengine_desktop_central	Zoho ManageEngine Desktop Central before 10.0.484 allows authenticated arbitrary file writes during ZIP archive extraction via Directory Traversal in a crafted AppDependency API request.	CWE-22 Path Traversal	CVE-2020-10859	2024-11-21 13:56	2020-05-6	Show	GitHub Exploit DB Packet Storm

218030	7.2	HIGH Network	glpi-project fedoraproject	glpi fedora	In GLPI from version 9.1 and before version 9.4.6, any API user with READ right on User itemtype will have access to full list of users when querying apirest.php/User. The response contains: - All ap…	CWE-200 Information Exposure	CVE-2020-11033	2024-11-21 13:56	2020-05-6	Show	GitHub Exploit DB Packet Storm