Vulnerability Search Top

Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

Vulnerability Information Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":May 11, 2026, 2:01 p.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
255171	10	危険	マイクロソフト	-	Microsoft Windows の License Logging Server (llssrv.exe) における任意のコードを実行される脆弱性	CWE-119 バッファエラー	CVE-2009-2523	2010-01-4 15:24	2009-11-10	Show	GitHub Exploit DB Packet Storm

255172	9.3	危険	マイクロソフト	-	Microsoft Windows の Web Services on Devices API (WSDAPI) における任意のコードを実行される脆弱性	CWE-94 コード・インジェクション	CVE-2009-2512	2010-01-4 15:23	2009-11-10	Show	GitHub Exploit DB Packet Storm

255173	10	危険	アップル VMware サン・マイクロシステムズ	-	Sun Java SE の Provider クラスにおける詳細不明な脆弱性	CWE-noinfo 情報不足	CVE-2009-2722	2010-01-4 14:56	2009-08-10	Show	GitHub Exploit DB Packet Storm

255174	10	危険	アップル VMware サン・マイクロシステムズ	-	Sun Java SE の Provider クラスにおける詳細不明な脆弱性	CWE-noinfo 情報不足	CVE-2009-2723	2010-01-4 14:55	2009-08-10	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:May 11, 2026, 4:09 a.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
209401	9.8	CRITICAL Network	mk-auth	mk-auth	An issue was discovered in MK-AUTH 19.01. There is authentication bypass in the web login functionality because guessable credentials to admin/executar_login.php result in admin access.	CWE-287 Improper Authentication	CVE-2020-14070	2024-11-21 14:02	2020-06-30	Show	GitHub Exploit DB Packet Storm

209402	6.8	MEDIUM Physics	mk-auth	mk-auth	An issue was discovered in MK-AUTH 19.01. There are SQL injection issues in mkt/ PHP scripts, as demonstrated by arp.php, dhcp.php, hotspot.php, ip.php, pgaviso.php, pgcorte.php, pppoe.php, queues.ph…	CWE-89 SQL Injection	CVE-2020-14069	2024-11-21 14:02	2020-06-30	Show	GitHub Exploit DB Packet Storm

209403	9.8	CRITICAL Network	mk-auth	mk-auth	An issue was discovered in MK-AUTH 19.01. The web login functionality allows an attacker to bypass authentication and gain client privileges via SQL injection in central/executar_login.php.	CWE-89 SQL Injection	CVE-2020-14068	2024-11-21 14:02	2020-06-30	Show	GitHub Exploit DB Packet Storm

209404	7.5	HIGH Network	mattermost	mattermost	An issue was discovered in Mattermost Mobile Apps before 1.31.2 on iOS. Unintended third-party servers could sometimes obtain authorization tokens, aka MMSA-2020-0022.	NVD-CWE-noinfo	CVE-2020-13891	2024-11-21 14:02	2020-06-27	Show	GitHub Exploit DB Packet Storm

209405	9.8	CRITICAL Network	mi	xiaomi_r3600_firmware	In Xiaomi router R3600, ROM version<1.0.20, a connect service suffers from an injection vulnerability through the web interface, leading to a stack overflow or remote code execution.	CWE-787 Out-of-bounds Write	CVE-2020-14095	2024-11-21 14:02	2020-06-25	Show	GitHub Exploit DB Packet Storm

209406	9.8	CRITICAL Network	mi	xiaomi_r3600_firmware	In Xiaomi router R3600, ROM version<1.0.20, the connection service can be injected through the web interface, resulting in stack overflow or remote code execution.	CWE-787 Out-of-bounds Write	CVE-2020-14094	2024-11-21 14:02	2020-06-25	Show	GitHub Exploit DB Packet Storm

209407	6.1	MEDIUM Network	naviwebs	navigate_cms	An issue was discovered in Navigate CMS 2.9 r1433. There is a stored XSS vulnerability that is executed on the page to view users, and on the page to edit users. This is present in both the User fiel…	CWE-79 Cross-site Scripting	CVE-2020-14018	2024-11-21 14:02	2020-06-25	Show	GitHub Exploit DB Packet Storm

209408	7.5	HIGH Network	naviwebs	navigate_cms	An issue was discovered in Navigate CMS 2.9 r1433. Sessions, as well as associated information such as CSRF tokens, are stored in cleartext files in the directory /private/sessions. An unauthenticate…	CWE-312 Cleartext Storage of Sensitive Information	CVE-2020-14017	2024-11-21 14:02	2020-06-25	Show	GitHub Exploit DB Packet Storm

209409	5.3	MEDIUM Network	naviwebs	navigate_cms	An issue was discovered in Navigate CMS 2.9 r1433. The forgot-password feature allows users to reset their passwords by using either their username or the email address associated with their account.…	CWE-640 Weak Password Recovery Mechanism for Forgotten Password	CVE-2020-14016	2024-11-21 14:02	2020-06-25	Show	GitHub Exploit DB Packet Storm

209410	7.5	HIGH Network	naviwebs	navigate_cms	An issue was discovered in Navigate CMS 2.9 r1433. When performing a password reset, a user is emailed an activation code that allows them to reset their password. There is, however, a flaw when no a…	CWE-640 Weak Password Recovery Mechanism for Forgotten Password	CVE-2020-14015	2024-11-21 14:02	2020-06-25	Show	GitHub Exploit DB Packet Storm