Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":May 28, 2026, 10 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
255781 4.3 警告 Google - Google Chrome における javascript: URI をブロックしない脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2009-2352 2010-10-19 14:50 2009-02-3 Show GitHub Exploit DB Packet Storm
255782 9.3 危険 Google - Google Chrome の browser kernel におけるバッファオーバーフローの脆弱性 CWE-119
バッファエラー 		CVE-2009-2121 2010-10-19 14:50 2009-06-22 Show GitHub Exploit DB Packet Storm
255783 6.8 警告 Google - Google Chrome における任意の https サイトになりすまされる脆弱性 CWE-287
不適切な認証 		CVE-2009-2071 2010-10-19 14:49 2009-03-23 Show GitHub Exploit DB Packet Storm
255784 6.4 警告 The PHP Group - PHP の zend_ini.c 内にある zend_restore_ini_entry_cb 関数における重要な情報を取得される脆弱性 CWE-Other
その他 		CVE-2009-2626 2010-10-18 15:22 2009-12-1 Show GitHub Exploit DB Packet Storm
255785 4 警告 オラクル - Oracle iPlanet Web Server におけるクロスサイトリクエストフォージェリの脆弱性 CWE-352
同一生成元ポリシー違反 		CVE-2010-3544 2010-10-18 12:03 2010-10-18 Show GitHub Exploit DB Packet Storm
255786 5 警告 ISC, Inc. - BIND の ACL の処理に問題 CWE-264
認可・権限・アクセス制御 		CVE-2010-0218 2010-10-15 13:24 2010-10-1 Show GitHub Exploit DB Packet Storm
255787 5.1 警告 K2 Software - K2Editor における実行ファイル読み込みに関する脆弱性 CWE-Other
その他 		CVE-2010-3156 2010-10-15 11:22 2010-10-15 Show GitHub Exploit DB Packet Storm
255788 6.8 警告 kMonos.NET - XacRett における実行ファイル読み込みに関する脆弱性 CWE-Other
その他 		CVE-2010-3157 2010-10-15 11:22 2010-10-15 Show GitHub Exploit DB Packet Storm
255789 5 警告 The PHP Group - PHP における重要な情報を取得される脆弱性 CWE-200
情報漏えい 		CVE-2010-2101 2010-10-14 16:20 2010-05-26 Show GitHub Exploit DB Packet Storm
255790 9.3 危険 レッドハット - Winamp および libmikmod の IN_MOD.DLL におけるヒープベースのバッファオーバーフローの脆弱性 CWE-119
バッファエラー 		CVE-2009-3996 2010-10-14 16:19 2009-12-18 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:May 28, 2026, 4:16 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
208441 9.6 CRITICAL
Network 		zibbs_project zibbs Cross site scripting (XSS) vulnerability in application/controllers/AdminController.php in xujinliang zibbs 1.0, allows attackers to execute arbitrary code via the bbsmeta parameter. CWE-79
Cross-site Scripting 		CVE-2020-23719 2024-11-21 14:14 2021-11-3 Show GitHub Exploit DB Packet Storm
208442 9.6 CRITICAL
Network 		zibbs_project zibbs Cross site scripting (XSS) vulnerability in xujinliang zibbs 1.0, allows attackers to execute arbitrary code via the route parameter to index.php. CWE-79
Cross-site Scripting 		CVE-2020-23718 2024-11-21 14:14 2021-11-3 Show GitHub Exploit DB Packet Storm
208443 8.8 HIGH
Network 		ayacms_project ayacms Cross site request forgery (CSRF) vulnerability in AyaCMS 3.1.2 allows attackers to change an administrators password or other unspecified impacts. CWE-352
 Origin Validation Error 		CVE-2020-23686 2024-11-21 14:14 2021-11-3 Show GitHub Exploit DB Packet Storm
208444 9.8 CRITICAL
Network 		vtimecn 188jianzhan SQL Injection vulnerability in 188Jianzhan v2.1.0, allows attackers to execute arbitrary code and gain escalated privileges, via the username parameter to login.php. CWE-89
SQL Injection 		CVE-2020-23685 2024-11-21 14:14 2021-11-3 Show GitHub Exploit DB Packet Storm
208445 5.3 MEDIUM
Network 		discourse discourse Server Side Request Forgery (SSRF) vulnerability exists in Discourse 2.3.2 and 2.6 via the email function. When writing an email in an editor, you can upload pictures of remote websites. CWE-918
Server-Side Request Forgery (SSRF)  		CVE-2020-24327 2024-11-21 14:14 2021-09-24 Show GitHub Exploit DB Packet Storm
208446 8.1 HIGH
Network 		ponzu-cms ponzu A cross site request forgery (CSRF) vulnerability in the configure.html component of Ponzu 0.11.0 allows attackers to change user and administrator credentials, and add or delete administrator accoun… CWE-352
 Origin Validation Error 		CVE-2020-24130 2024-11-21 14:14 2021-08-21 Show GitHub Exploit DB Packet Storm
208447 6.5 MEDIUM
Network 		ok-file-formats_project ok-file-formats A heap-based buffer overflow vulnerability in the function ok_jpg_decode_block_progressive() at ok_jpg.c:1054 of ok-file-formats through 2020-06-26 allows attackers to cause a Denial of Service (DOS)… CWE-787
 Out-of-bounds Write 		CVE-2020-23707 2024-11-21 14:14 2021-07-16 Show GitHub Exploit DB Packet Storm
208448 6.5 MEDIUM
Network 		ok-file-formats_project ok-file-formats A heap-based buffer overflow vulnerability in the function ok_jpg_decode_block_subsequent_scan() ok_jpg.c:1102 of ok-file-formats through 2020-06-26 allows attackers to cause a Denial of Service (DOS… CWE-787
 Out-of-bounds Write 		CVE-2020-23706 2024-11-21 14:14 2021-07-16 Show GitHub Exploit DB Packet Storm
208449 6.5 MEDIUM
Network 		rockcarry ffjpeg A global buffer overflow vulnerability in jfif_encode at jfif.c:701 of ffjpeg through 2020-06-22 allows attackers to cause a Denial of Service (DOS) via a crafted jpeg file. CWE-120
Classic Buffer Overflow 		CVE-2020-23705 2024-11-21 14:14 2021-07-16 Show GitHub Exploit DB Packet Storm
208450 9.8 CRITICAL
Network 		radare radare2-extras A heap buffer overflow vulnerability in the r_asm_swf_disass function of Radare2-extras before commit e74a93c allows attackers to execute arbitrary code or carry out denial of service (DOS) attacks. CWE-787
 Out-of-bounds Write 		CVE-2020-24133 2024-11-21 14:14 2021-07-15 Show GitHub Exploit DB Packet Storm