Vulnerability Search Top

Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

Vulnerability Information Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":May 12, 2026, 6 p.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
255101	10	危険	アドビシステムズレッドハット	-	Adobe Reader および Acrobat における任意のコードを実行される脆弱性	CWE-399 リソース管理の問題	CVE-2009-3955	2010-02-10 13:38	2010-01-12	Show	GitHub Exploit DB Packet Storm

255102	10	危険	アドビシステムズレッドハット	-	Adobe Reader および Acrobat の 3D 実装における任意のコードを実行される脆弱性	CWE-94 コード・インジェクション	CVE-2009-3954	2010-02-10 13:38	2010-01-12	Show	GitHub Exploit DB Packet Storm

255103	6.8	警告	サン・マイクロシステムズ	-	Sun Solaris の Trusted Extensions における権限昇格の脆弱性	CWE-264 認可・権限・アクセス制御	CVE-2010-0310	2010-02-10 13:38	2010-01-11	Show	GitHub Exploit DB Packet Storm

255104	7.1	危険	アップルアドビシステムズ	-	Windows 上で稼動する Adobe Flash Player および Adobe AIR の Flash Player の ActiveX コントロールにおけるローカルファイルのファイル名を取得される脆弱性	CWE-200 情報漏えい	CVE-2009-3951	2010-02-10 13:36	2009-12-8	Show	GitHub Exploit DB Packet Storm

255105	9.3	危険	アップルアドビシステムズサン・マイクロシステムズレッドハット	-	Adobe Flash Player および Adobe AIR における任意のコードを実行される脆弱性	CWE-noinfo 情報不足	CVE-2009-3800	2010-02-10 13:36	2009-12-8	Show	GitHub Exploit DB Packet Storm

255106	9.3	危険	アップルアドビシステムズサン・マイクロシステムズレッドハット	-	Adobe Flash Player および Adobe AIR の Verifier::parseExceptionHandlers 関数における整数オーバーフローの脆弱性	CWE-189 数値処理の問題	CVE-2009-3799	2010-02-10 13:36	2009-12-8	Show	GitHub Exploit DB Packet Storm

255107	9.3	危険	アップルアドビシステムズサン・マイクロシステムズレッドハット	-	Adobe Flash Player および Adobe AIR における任意のコードを実行される脆弱性	CWE-399 リソース管理の問題	CVE-2009-3798	2010-02-10 13:35	2009-12-8	Show	GitHub Exploit DB Packet Storm

255108	9.3	危険	マイクロソフト	-	Microsoft Windows XP で提供される Adobe Flash Player 6 における任意のコードを実行される脆弱性	CWE-Other その他	CVE-2010-0378	2010-02-9 13:56	2010-01-12	Show	GitHub Exploit DB Packet Storm

255109	9.3	危険	マイクロソフト	-	Microsoft Windows の Embedded OpenType フォントエンジンにおける任意のコードを実行される脆弱性	CWE-189 数値処理の問題	CVE-2010-0018	2010-02-9 13:55	2010-01-12	Show	GitHub Exploit DB Packet Storm

255110	9.3	危険	サン・マイクロシステムズアドビシステムズ	-	Adobe Acrobat におけるファイル拡張子の制限を回避される脆弱性	CWE-264 認可・権限・アクセス制御	CVE-2009-3461	2010-02-9 13:55	2009-10-13	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:May 13, 2026, 5:05 a.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
198741	9.8	CRITICAL Network	f5	big-iq_centralized_management	In BIG-IQ 6.0.0-7.0.0, a remote access vulnerability has been discovered that may allow a remote user to execute shell commands on affected systems using HTTP requests to the BIG-IQ user interface.	CWE-78 OS Command	CVE-2020-5868	2024-11-21 14:34	2020-04-24	Show	GitHub Exploit DB Packet Storm

198742	8.1	HIGH Network	f5 netapp	nginx_controller cloud_backup	In versions prior to 3.3.0, the NGINX Controller Agent installer script 'install.sh' uses HTTP instead of HTTPS to check and install packages	CWE-319 CWE-494 Cleartext Transmission of Sensitive Information Download of Code Without Integrity Check	CVE-2020-5867	2024-11-21 14:34	2020-04-24	Show	GitHub Exploit DB Packet Storm

198743	5.5	MEDIUM Local	f5	nginx_controller	In versions of NGINX Controller prior to 3.3.0, the helper.sh script, which is used optionally in NGINX Controller to change settings, uses sensitive items as command-line arguments.	CWE-200 Information Exposure	CVE-2020-5866	2024-11-21 14:34	2020-04-24	Show	GitHub Exploit DB Packet Storm

198744	4.8	MEDIUM Network	f5 netapp	nginx_controller cloud_backup	In versions prior to 3.3.0, the NGINX Controller is configured to communicate with its Postgres database server over unencrypted channels, making the communicated data vulnerable to interception via …	CWE-319 Cleartext Transmission of Sensitive Information	CVE-2020-5865	2024-11-21 14:34	2020-04-24	Show	GitHub Exploit DB Packet Storm

198745	7.4	HIGH Network	f5	nginx_controller	In versions of NGINX Controller prior to 3.2.0, communication between NGINX Controller and NGINX Plus instances skip TLS verification by default.	CWE-295 Improper Certificate Validation	CVE-2020-5864	2024-11-21 14:34	2020-04-24	Show	GitHub Exploit DB Packet Storm

198746	7.5	HIGH Network	sharp	aquos_sh-m02_firmware aquos_sh-rm02_firmware aquos_mini_sh-m03_firmware aquos_l2_firmware aquos_sense_lite_sh-m05_firmware aquos_sense_firmware aquos_compact_sh-m06_firmware aquo…	SHARP AQUOS series (AQUOS SH-M02 build number 01.00.05 and earlier, AQUOS SH-RM02 build number 01.00.04 and earlier, AQUOS mini SH-M03 build number 01.00.04 and earlier, AQUOS Keitai SH-N01 build num…	CWE-200 Information Exposure	CVE-2020-5571	2024-11-21 14:34	2020-04-23	Show	GitHub Exploit DB Packet Storm

198747	7.8	HIGH Local	plex	media_server	Improper Input Validation in Plex Media Server on Windows allows a local, unauthenticated attacker to execute arbitrary Python code with SYSTEM privileges.	CWE-427 Uncontrolled Search Path Element	CVE-2020-5740	2024-11-21 14:34	2020-04-23	Show	GitHub Exploit DB Packet Storm

198748	8.4	HIGH Local	toshiba	password_tool_for_windows	An unquoted search path vulnerability exists in HDD Password tool (for Windows) version 1.20.6620 and earlier which is stored in CANVIO PREMIUM 3TB(HD-MB30TY, HD-MA30TY, HD-MB30TS, HD-MA30TS), CANVIO…	CWE-428 Unquoted Search Path or Element	CVE-2020-5569	2024-11-21 14:34	2020-04-20	Show	GitHub Exploit DB Packet Storm

198749	5.4	MEDIUM Network	tenable	tenable.sc	Stored XSS in Tenable.Sc before 5.14.0 could allow an authenticated remote attacker to craft a request to execute arbitrary script code in a user's browser session. Updated input validation technique…	CWE-79 Cross-site Scripting	CVE-2020-5737	2024-11-21 14:34	2020-04-18	Show	GitHub Exploit DB Packet Storm

198750	6.1	MEDIUM Network	openmrs	openmrs	In OpenMRS 2.9 and prior, the export functionality of the Data Exchange Module does not properly redirect to a login page when an unauthenticated user attempts to access it. This allows the export of…	CWE-601 Open Redirect	CVE-2020-5733	2024-11-21 14:34	2020-04-18	Show	GitHub Exploit DB Packet Storm