Vulnerability Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":May 18, 2026, 2:16 p.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
255601	6.8	警告	pon software	-	Explzh におけるバッファオーバーフローの脆弱性	CWE-119 バッファエラー	CVE-2010-2434	2010-06-22 14:01	2010-06-22	Show	GitHub Exploit DB Packet Storm

255602	4.3	警告	アップル	-	Apple Safari の WebKit における任意のファイルを読まれる脆弱性	CWE-200 情報漏えい	CVE-2010-1388	2010-06-21 16:56	2010-06-10	Show	GitHub Exploit DB Packet Storm

255603	9.3	危険	アップル	-	Apple Safari における任意のコードを実行される脆弱性	CWE-399 リソース管理の問題	CVE-2010-1750	2010-06-18 18:21	2010-06-10	Show	GitHub Exploit DB Packet Storm

255604	9.3	危険	アップル	-	Apple Safari における任意のコードを実行される脆弱性	CWE-399 リソース管理の問題	CVE-2010-1385	2010-06-18 18:20	2010-06-10	Show	GitHub Exploit DB Packet Storm

255605	9.3	危険	OpenOffice.org Project レッドハット	-	OpenOffice.org における任意の Python コードを実行される脆弱性	CWE-264 認可・権限・アクセス制御	CVE-2010-0395	2010-06-17 18:34	2010-06-10	Show	GitHub Exploit DB Packet Storm

255606	-	-	Accoria Networks	-	Accoria Rock Web Server に複数の脆弱性	-	-	2010-06-17 18:33	2010-06-3	Show	GitHub Exploit DB Packet Storm

255607	5	警告	富士通	-	Interstage Portalworks および Interstage Interaction Manager のポータル機能におけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	-	2010-06-17 18:33	2010-05-28	Show	GitHub Exploit DB Packet Storm

255608	10	危険	シスコシステムズ	-	Cisco Mediator Framework におけるパスワードおよびアカウントの詳細を読まれる脆弱性	CWE-264 認可・権限・アクセス制御	CVE-2010-0600	2010-06-16 18:32	2010-05-26	Show	GitHub Exploit DB Packet Storm

255609	9.3	危険	シスコシステムズ	-	Cisco Mediator Framework における Administrator の認証情報を見破られる脆弱性	CWE-255 証明書・パスワード管理	CVE-2010-0599	2010-06-16 18:32	2010-05-26	Show	GitHub Exploit DB Packet Storm

255610	9.3	危険	シスコシステムズ	-	Cisco Mediator Framework における Administrator の認証情報を見破られる脆弱性	CWE-255 証明書・パスワード管理	CVE-2010-0598	2010-06-16 18:31	2010-05-26	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:May 18, 2026, 4:12 a.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
198911	8.8	HIGH Network	hutchhouse	marketo_forms_and_tracking	The marketo-forms-and-tracking plugin through 1.0.2 for WordPress allows wp-admin/admin.php?page=marketo_fat CSRF with resultant XSS.	CWE-352 Origin Validation Error	CVE-2020-6849	2024-11-21 14:36	2020-01-22	Show	GitHub Exploit DB Packet Storm

198912	9.8	CRITICAL Network	simplejobscript	simplejobscript	An issue was discovered in Simplejobscript.com SJS before 1.65. There is unauthenticated SQL injection via the search engine. The parameter is landing_location. The function is countSearchedJobs(). T…	CWE-89 SQL Injection	CVE-2020-7229	2024-11-21 14:36	2020-01-22	Show	GitHub Exploit DB Packet Storm

198913	7.5	HIGH Network	parallels	parallels	Parallels 13 uses cleartext HTTP as part of the update process, allowing man-in-the-middle attacks. Users of out-of-date versions are presented with a pop-up window for a parallels_updates.xml file o…	CWE-312 Cleartext Storage of Sensitive Information	CVE-2020-7213	2024-11-21 14:36	2020-01-22	Show	GitHub Exploit DB Packet Storm

198914	7.5	HIGH Network	libslirp_project qemu	libslirp qemu	tftp.c in libslirp 4.1.0, as used in QEMU 4.2.0, does not prevent ..\ directory traversal on Windows.	CWE-22 Path Traversal	CVE-2020-7211	2024-11-21 14:36	2020-01-22	Show	GitHub Exploit DB Packet Storm

198915	5.5	MEDIUM Local	taskautomation	carbonftp	CarbonFTP v1.4 uses insecure proprietary password encryption with a hard-coded weak encryption key. The key for local FTP server passwords is hard-coded in the binary.	CWE-798 CWE-327 Use of Hard-coded Credentials Use of a Broken or Risky Cryptographic Algorithm	CVE-2020-6857	2024-11-21 14:36	2020-01-22	Show	GitHub Exploit DB Packet Storm

198916	8.8	HIGH Network	qdpm	qdpm	A remote code execution (RCE) vulnerability exists in qdPM 9.1 and earlier. An attacker can upload a malicious PHP code file via the profile photo functionality, by leveraging a path traversal vulner…	CWE-22 CWE-434 Path Traversal Unrestricted Upload of File with Dangerous Type	CVE-2020-7246	2024-11-21 14:36	2020-01-21	Show	GitHub Exploit DB Packet Storm

198917	6.1	MEDIUM Network	ibm	chatbot_with_ibm_watson	The conversation-watson plugin before 0.8.21 for WordPress has a DOM-based XSS vulnerability that is executed when a chat message containing JavaScript is sent.	CWE-79 Cross-site Scripting	CVE-2020-7239	2024-11-21 14:36	2020-01-21	Show	GitHub Exploit DB Packet Storm

198918	4.8	MEDIUM Network	smc	d3g0804_firmware	SMC D3G0804W 3.5.2.5-LAT_GA devices allow XSS via the SSID field on the WiFi Network Configuration page (after a successful login to the admin account).	CWE-79 Cross-site Scripting	CVE-2020-7249	2024-11-21 14:36	2020-01-21	Show	GitHub Exploit DB Packet Storm

198919	7.2	HIGH Network	comtechtel	stampede_fx-1010_firmware	Comtech Stampede FX-1010 7.4.3 devices allow remote authenticated administrators to achieve remote code execution by navigating to the Poll Routes page and entering shell metacharacters in the Router…	CWE-78 OS Command	CVE-2020-7244	2024-11-21 14:36	2020-01-21	Show	GitHub Exploit DB Packet Storm

198920	7.2	HIGH Network	comtechtel	stampede_fx-1010_firmware	Comtech Stampede FX-1010 7.4.3 devices allow remote authenticated administrators to achieve remote code execution by navigating to the Fetch URL page and entering shell metacharacters in the URL fiel…	CWE-78 OS Command	CVE-2020-7243	2024-11-21 14:36	2020-01-21	Show	GitHub Exploit DB Packet Storm

Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed