Vulnerability Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":May 17, 2026, 2 p.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
255651	6.6	警告	マイクロソフト	-	Microsoft Windows の kernel における権限昇格の脆弱性	CWE-20 不適切な入力確認	CVE-2010-0232	2010-02-22 12:12	2010-01-20	Show	GitHub Exploit DB Packet Storm

255652	10	危険	Rockwell Automation	-	Rockwell Automation Allen-Bradley MicroLogix PLC に複数の脆弱性	CWE-noinfo 情報不足	CVE-2009-3739	2010-02-19 14:22	2010-01-21	Show	GitHub Exploit DB Packet Storm

255653	9.3	危険	マイクロソフト	-	Microsoft Internet Explorer において任意のコードが実行される脆弱性	CWE-399 リソース管理の問題	CVE-2010-0249	2010-02-19 14:21	2010-01-15	Show	GitHub Exploit DB Packet Storm

255654	7.5	危険	アップル MySQL AB	-	MySQL で使用される yaSSL におけるサービス運用妨害 (DoS) の脆弱性	CWE-119 バッファエラー	CVE-2008-0227	2010-02-19 11:37	2008-01-10	Show	GitHub Exploit DB Packet Storm

255655	7.5	危険	アップル MySQL AB	-	MySQL で使用される yaSSL における複数のバッファオーバーフローの脆弱性	CWE-119 バッファエラー	CVE-2008-0226	2010-02-19 11:32	2008-01-10	Show	GitHub Exploit DB Packet Storm

255656	7.5	危険	Linux レッドハット	-	Linux kernel の do_coredump 関数における任意のファイルを改ざんされる脆弱性	-	CVE-2006-6304	2010-02-18 14:28	2006-12-14	Show	GitHub Exploit DB Packet Storm

255657	7.8	危険	Linux レッドハット	-	Linux kernel の net/ipv4/route.c 用の特定のレッドハットパッチにおけるサービス運用妨害 (DoS) の脆弱性	CWE-20 不適切な入力確認	CVE-2009-4272	2010-02-18 14:28	2010-01-19	Show	GitHub Exploit DB Packet Storm

255658	9.3	危険	レッドハットリアルネットワークス	-	Realnetworks RealPlayer におけるバッファオーバーフローの脆弱性	CWE-119 バッファエラー	CVE-2009-4248	2010-02-17 11:48	2010-01-19	Show	GitHub Exploit DB Packet Storm

255659	9.3	危険	リアルネットワークス	-	Realnetworks RealPlayer における任意のコードを実行される脆弱性	CWE-119 バッファエラー	CVE-2009-4246	2010-02-17 11:48	2010-01-19	Show	GitHub Exploit DB Packet Storm

255660	9.3	危険	レッドハットリアルネットワークス	-	Realnetworks RealPlayer の smlrender.dll における任意のコードを実行される脆弱性	CWE-119 バッファエラー	CVE-2009-4257	2010-02-17 11:48	2010-01-19	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:May 17, 2026, 4:15 a.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
198261	9.8	CRITICAL Network	mock2easy_project	mock2easy	This affects all versions of package mock2easy. a malicious user could inject commands through the _data variable: Affected Area require('../server/getJsonByCurl')(mock2easy, function (error, stdout)…	CWE-77 Command Injection	CVE-2020-7697	2024-11-21 14:37	2020-07-29	Show	GitHub Exploit DB Packet Storm

198262	7.5	HIGH Network	umbraco	umbraco_forms	This affects all versions of package UmbracoForms. When using the default configuration for upload forms, it is possible to upload arbitrary file types. The package offers a way for users to mitigate…	CWE-1188 Insecure Default Initialization of Resource	CVE-2020-7685	2024-11-21 14:37	2020-07-29	Show	GitHub Exploit DB Packet Storm

198263	5.3	MEDIUM Network	encode	uvicorn	Uvicorn before 0.11.7 is vulnerable to HTTP response splitting. CRLF sequences are not escaped in the value of HTTP headers. Attackers can exploit this to add arbitrary headers to HTTP responses, or …	CWE-74 Injection	CVE-2020-7695	2024-11-21 14:37	2020-07-27	Show	GitHub Exploit DB Packet Storm

198264	7.5	HIGH Network	encode	uvicorn	This affects all versions of package uvicorn. The request logger provided by the package is vulnerable to ASNI escape sequence injection. Whenever any HTTP request is received, the default behaviour …	CWE-94 CWE-116 Code Injection Improper Encoding or Escaping of Output	CVE-2020-7694	2024-11-21 14:37	2020-07-27	Show	GitHub Exploit DB Packet Storm

198265	7.5	HIGH Network	fast-http_project	fast-http	This affects all versions of package fast-http. There is no path sanitization in the path provided at fs.readFile in index.js.	CWE-22 Path Traversal	CVE-2020-7687	2024-11-21 14:37	2020-07-25	Show	GitHub Exploit DB Packet Storm

198266	7.5	HIGH Network	rollup-plugin-dev-server_project	rollup-plugin-dev-server	This affects all versions of package rollup-plugin-dev-server. There is no path sanitization in readFile operation inside the readFileFromContentBase function.	CWE-22 Path Traversal	CVE-2020-7686	2024-11-21 14:37	2020-07-25	Show	GitHub Exploit DB Packet Storm

198267	7.5	HIGH Network	rollup-plugin-server_project	rollup-plugin-server	This affects all versions of package rollup-plugin-server. There is no path sanitization in readFile operation performed inside the readFileFromContentBase function.	CWE-22 Path Traversal	CVE-2020-7683	2024-11-21 14:37	2020-07-25	Show	GitHub Exploit DB Packet Storm

198268	7.5	HIGH Network	marked-tree_project	marked-tree	This affects all versions of package marked-tree. There is no path sanitization in the path provided at fs.readFile in index.js.	CWE-22 Path Traversal	CVE-2020-7682	2024-11-21 14:37	2020-07-25	Show	GitHub Exploit DB Packet Storm

198269	7.5	HIGH Network	indo-mars	marscode	This affects all versions of package marscode. There is no path sanitization in the path provided at fs.readFile in index.js.	CWE-22 Path Traversal	CVE-2020-7681	2024-11-21 14:37	2020-07-25	Show	GitHub Exploit DB Packet Storm

198270	4.7	MEDIUM Network	schneider-electric	software_update_utility	A CWE-601: URL Redirection to Untrusted Site ('Open Redirect') vulnerability exists in Schneider Electric Software Update (SESU), V2.4.0 and prior, which could cause execution of malicious code on th…	CWE-601 Open Redirect	CVE-2020-7520	2024-11-21 14:37	2020-07-24	Show	GitHub Exploit DB Packet Storm

Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed