Vulnerability Search Top

Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

Vulnerability Information Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":May 22, 2026, 6 p.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
255921	4.3	警告	サイバートラスト株式会社 LibTIFF レッドハット	-	x86_64 プラットフォーム上で稼動する RHEL の LibTIFF におけるサービス運用妨害 (DoS) の脆弱性	CWE-20 不適切な入力確認	CVE-2010-2598	2010-08-24 13:44	2010-07-8	Show	GitHub Exploit DB Packet Storm

255922	6.8	警告	アップルサイバートラスト株式会社 LibTIFF レッドハット	-	LibTIFF の FAX3 デコーダの Fax3SetupState 関数における整数オーバーフローの脆弱性	CWE-189 数値処理の問題	CVE-2010-1411	2010-08-24 13:44	2010-06-10	Show	GitHub Exploit DB Packet Storm

255923	2.6	注意	アップル	-	Apple Safari の AutoFill 機能におけるアドレスブックカードの情報を取得される脆弱性	CWE-200 情報漏えい	CVE-2010-1796	2010-08-20 18:24	2010-07-30	Show	GitHub Exploit DB Packet Storm

255924	4.3	警告	アップル	-	Apple Safari におけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2010-1778	2010-08-20 18:24	2010-07-30	Show	GitHub Exploit DB Packet Storm

255925	7.5	危険	金子勇	-	Winny におけるバッファオーバーフローの脆弱性	CWE-119 バッファエラー	CVE-2010-2360	2010-08-20 12:02	2010-08-20	Show	GitHub Exploit DB Packet Storm

255926	7.5	危険	金子勇	-	Winny におけるバッファオーバーフローの脆弱性	CWE-119 バッファエラー	CVE-2010-2360	2010-08-20 12:02	2010-08-20	Show	GitHub Exploit DB Packet Storm

255927	5	警告	金子勇	-	Winny におけるノード情報の処理に関する脆弱性	CWE-Other その他	CVE-2010-2362	2010-08-20 12:01	2010-08-20	Show	GitHub Exploit DB Packet Storm

255928	5	警告	金子勇	-	Winny における BBS 情報の処理に関する脆弱性	CWE-Other その他	CVE-2010-2361	2010-08-20 12:01	2010-08-20	Show	GitHub Exploit DB Packet Storm

255929	10	危険	シマンテック IBM	-	Autonomy KeyView Filter SDK の kvolefio.dll における整数オーバーフローの脆弱性	CWE-189 数値処理の問題	CVE-2009-3032	2010-08-19 18:22	2010-03-5	Show	GitHub Exploit DB Packet Storm

255930	5	警告	The PHP Group	-	PHP の phar 拡張における重要な情報を取得される脆弱性	CWE-134 書式文字列の問題	CVE-2010-2094	2010-08-18 18:26	2010-05-14	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:May 22, 2026, 4:08 a.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
213201	4.8	MEDIUM Network	gitlab	gitlab	GitLab 9.5.9 through 12.9 is vulnerable to stored XSS in an admin notification feature.	CWE-79 Cross-site Scripting	CVE-2020-12276	2024-11-21 13:59	2020-04-30	Show	GitHub Exploit DB Packet Storm

213202	5.3	MEDIUM Network	gitlab	gitlab	GitLab 12.6 through 12.9 is vulnerable to a privilege escalation that allows an external user to create a personal snippet through the API.	NVD-CWE-noinfo	CVE-2020-12275	2024-11-21 13:59	2020-04-30	Show	GitHub Exploit DB Packet Storm

213203	5.5	MEDIUM Local	grafana fedoraproject	grafana fedora	In certain Red Hat packages for Grafana 6.x through 6.3.6, the configuration files /etc/grafana/grafana.ini and /etc/grafana/ldap.toml (which contain a secret_key and a bind_password) are world reada…	CWE-732 Incorrect Permission Assignment for Critical Resource	CVE-2020-12459	2024-11-21 13:59	2020-04-30	Show	GitHub Exploit DB Packet Storm

213204	5.5	MEDIUM Local	grafana redhat fedoraproject	grafana ceph_storage enterprise_linux fedora	An information-disclosure flaw was found in Grafana through 6.7.3. The database directory /var/lib/grafana and database file /var/lib/grafana/grafana.db are world readable. This can result in exposur…	CWE-732 Incorrect Permission Assignment for Critical Resource	CVE-2020-12458	2024-11-21 13:59	2020-04-30	Show	GitHub Exploit DB Packet Storm

213205	7.8	HIGH Local	gskill	trident_z_lighting_control	The ene.sys driver in G.SKILL Trident Z Lighting Control through 1.00.08 exposes mapping and un-mapping of physical memory, reading and writing to Model Specific Register (MSR) registers, and input f…	NVD-CWE-noinfo	CVE-2020-12446	2024-11-21 13:59	2020-04-29	Show	GitHub Exploit DB Packet Storm

213206	6.2	MEDIUM Network	gigamon	gigavue	An issue was discovered in Gigamon GigaVUE 5.5.01.11. The upload functionality allows an arbitrary file upload for an authenticated user. If an executable file is uploaded into the www-root directory…	CWE-434 Unrestricted Upload of File with Dangerous Type	CVE-2020-12252	2024-11-21 13:59	2020-04-29	Show	GitHub Exploit DB Packet Storm

213207	2.2	LOW Network	gigamon	gigavue	An issue was discovered in Gigamon GigaVUE 5.5.01.11. The upload functionality allows an authenticated user to change the filename value (in the POST method) from the original filename to achieve dir…	CWE-22 Path Traversal	CVE-2020-12251	2024-11-21 13:59	2020-04-29	Show	GitHub Exploit DB Packet Storm

213208	8.8	HIGH Network	beeline	smart_box_firmware	Beeline Smart Box 2.0.38 routers allow "Advanced settings > Other > Diagnostics" OS command injection via the Ping ping_ipaddr parameter, the Nslookup nslookup_ipaddr parameter, or the Traceroute tra…	CWE-78 OS Command	CVE-2020-12246	2024-11-21 13:59	2020-04-29	Show	GitHub Exploit DB Packet Storm

213209	7.5	HIGH Network	onkyo	tx-nr585_firmware	A Local File Inclusion (LFI) issue on Onkyo TX-NR585 1000-0000-000-0008-0000 devices allows remote unauthenticated users on the network to read sensitive files via %2e%2e%2f directory traversal, as d…	CWE-22 Path Traversal	CVE-2020-12447	2024-11-21 13:59	2020-04-29	Show	GitHub Exploit DB Packet Storm

213210	9.8	CRITICAL Network	bigbluebutton	bigbluebutton	BigBlueButton before 2.2.6 allows remote attackers to read arbitrary files because the presfilename (lowercase) value can be a .pdf filename while the presFilename (mixed case) value has a ../ sequen…	CWE-22 Path Traversal	CVE-2020-12443	2024-11-21 13:59	2020-04-29	Show	GitHub Exploit DB Packet Storm