Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":May 24, 2026, 6 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
255921 4.3 警告 サイバートラスト株式会社
LibTIFF
レッドハット		 - x86_64 プラットフォーム上で稼動する RHEL の LibTIFF におけるサービス運用妨害 (DoS) の脆弱性 CWE-20
不適切な入力確認 		CVE-2010-2598 2010-08-24 13:44 2010-07-8 Show GitHub Exploit DB Packet Storm
255922 6.8 警告 アップル
サイバートラスト株式会社
LibTIFF
レッドハット		 - LibTIFF の FAX3 デコーダの Fax3SetupState 関数における整数オーバーフローの脆弱性 CWE-189
数値処理の問題 		CVE-2010-1411 2010-08-24 13:44 2010-06-10 Show GitHub Exploit DB Packet Storm
255923 2.6 注意 アップル - Apple Safari の AutoFill 機能におけるアドレスブックカードの情報を取得される脆弱性 CWE-200
情報漏えい 		CVE-2010-1796 2010-08-20 18:24 2010-07-30 Show GitHub Exploit DB Packet Storm
255924 4.3 警告 アップル - Apple Safari におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2010-1778 2010-08-20 18:24 2010-07-30 Show GitHub Exploit DB Packet Storm
255925 7.5 危険 金子 勇 - Winny におけるバッファオーバーフローの脆弱性 CWE-119
バッファエラー 		CVE-2010-2360 2010-08-20 12:02 2010-08-20 Show GitHub Exploit DB Packet Storm
255926 7.5 危険 金子 勇 - Winny におけるバッファオーバーフローの脆弱性 CWE-119
バッファエラー 		CVE-2010-2360 2010-08-20 12:02 2010-08-20 Show GitHub Exploit DB Packet Storm
255927 5 警告 金子 勇 - Winny におけるノード情報の処理に関する脆弱性 CWE-Other
その他 		CVE-2010-2362 2010-08-20 12:01 2010-08-20 Show GitHub Exploit DB Packet Storm
255928 5 警告 金子 勇 - Winny における BBS 情報の処理に関する脆弱性 CWE-Other
その他 		CVE-2010-2361 2010-08-20 12:01 2010-08-20 Show GitHub Exploit DB Packet Storm
255929 10 危険 シマンテック
IBM		 - Autonomy KeyView Filter SDK の kvolefio.dll における整数オーバーフローの脆弱性 CWE-189
数値処理の問題 		CVE-2009-3032 2010-08-19 18:22 2010-03-5 Show GitHub Exploit DB Packet Storm
255930 5 警告 The PHP Group - PHP の phar 拡張における重要な情報を取得される脆弱性 CWE-134
書式文字列の問題 		CVE-2010-2094 2010-08-18 18:26 2010-05-14 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:May 25, 2026, 4:01 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
198191 7.4 HIGH
Network 		avast avg_antitrack
antitrack 		Avast AntiTrack before 1.5.1.172 and AVG Antitrack before 2.0.0.178 proxies traffic to HTTPS sites but does not validate certificates, and thus a man-in-the-middle can host a malicious website using … CWE-295
Improper Certificate Validation  		CVE-2020-8987 2024-11-21 14:39 2020-03-10 Show GitHub Exploit DB Packet Storm
198192 7.8 HIGH
Local 		wftpserver wing_ftp_server Wing FTP Server v6.2.3 for Linux, macOS, and Solaris sets insecure permissions on installation directories and configuration files. This allows local users to arbitrarily create FTP users with full p… CWE-732
 Incorrect Permission Assignment for Critical Resource 		CVE-2020-8635 2024-11-21 14:39 2020-03-7 Show GitHub Exploit DB Packet Storm
198193 7.8 HIGH
Local 		wftpserver wing_ftp_server Wing FTP Server v6.2.3 for Linux, macOS, and Solaris sets insecure permissions on files modified within the HTTP file management interface, resulting in files being saved with world-readable and worl… CWE-281
 Improper Preservation of Permissions 		CVE-2020-8634 2024-11-21 14:39 2020-03-7 Show GitHub Exploit DB Packet Storm
198194 6.8 MEDIUM
Physics 		mi mdz-25-dt_firmware An issue was discovered on XIAOMI AI speaker MDZ-25-DT 1.34.36, and 1.40.14. Attackers can get root shell by accessing the UART interface and then they can read Wi-Fi SSID or password, read the dialo… CWE-287
Improper Authentication 		CVE-2020-8994 2024-11-21 14:39 2020-03-6 Show GitHub Exploit DB Packet Storm
198195 5.3 MEDIUM
Network 		envoyproxy envoy CNCF Envoy through 1.13.0 TLS inspector bypass. TLS inspector could have been bypassed (not recognized as a TLS client) by a client using only TLS 1.3. Because TLS extensions (SNI, ALPN) were not ins… CWE-345
 Insufficient Verification of Data Authenticity 		CVE-2020-8660 2024-11-21 14:39 2020-03-5 Show GitHub Exploit DB Packet Storm
198196 5.3 MEDIUM
Network 		cncf envoy CNCF Envoy through 1.13.0 has incorrect Access Control when using SDS with Combined Validation Context. Using the same secret (e.g. trusted CA) across many resources together with the combined valida… CWE-287
Improper Authentication 		CVE-2020-8664 2024-11-21 14:39 2020-03-5 Show GitHub Exploit DB Packet Storm
198197 7.5 HIGH
Network 		cncf
redhat 		envoy
openshift_service_mesh 		CNCF Envoy through 1.13.0 may consume excessive amounts of memory when responding internally to pipelined requests. CWE-400
 Uncontrolled Resource Consumption 		CVE-2020-8661 2024-11-21 14:39 2020-03-5 Show GitHub Exploit DB Packet Storm
198198 7.5 HIGH
Network 		cncf
redhat
debian 		envoy
openshift_service_mesh
debian_linux 		CNCF Envoy through 1.13.0 may consume excessive amounts of memory when proxying HTTP/1.1 requests or responses with many small (i.e. 1 byte) chunks. CWE-770
 Allocation of Resources Without Limits or Throttling 		CVE-2020-8659 2024-11-21 14:39 2020-03-5 Show GitHub Exploit DB Packet Storm
198199 9.8 CRITICAL
Network 		zyxel nas326_firmware
nas520_firmware
nas540_firmware
nas542_firmware
atp100_firmware
atp200_firmware
atp500_firmware
atp800_firmware
usg20-vpn_firmware
usg20w-vpn_firmware
us… 		Multiple ZyXEL network-attached storage (NAS) devices running firmware version 5.21 contain a pre-authentication command injection vulnerability, which may allow a remote, unauthenticated attacker to… CWE-78
OS Command  		CVE-2020-9054 2024-11-21 14:39 2020-03-5 Show GitHub Exploit DB Packet Storm
198200 5.4 MEDIUM
Network 		alfresco alfresco Alfresco Enterprise before 5.2.7 and Alfresco Community before 6.2.0 (rb65251d6-b368) has XSS via an uploaded document, when the attacker has write access to a project. CWE-79
Cross-site Scripting 		CVE-2020-8778 2024-11-21 14:39 2020-03-3 Show GitHub Exploit DB Packet Storm