Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":May 31, 2026, 6 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
256321 9.3 危険 アドビシステムズ - Adobe Shockwave Player の DIRAPIX.dll における任意のコードを実行される脆弱性 CWE-20
不適切な入力確認 		CVE-2010-2878 2010-09-13 15:45 2010-08-24 Show GitHub Exploit DB Packet Storm
256322 9.3 危険 アドビシステムズ - Adobe Shockwave Player における任意のコードを実行される脆弱性 CWE-20
不適切な入力確認 		CVE-2010-2877 2010-09-13 15:45 2010-08-24 Show GitHub Exploit DB Packet Storm
256323 9.3 危険 アドビシステムズ - Adobe Shockwave Player における任意のコードを実行される脆弱性 CWE-20
不適切な入力確認 		CVE-2010-2876 2010-09-13 15:44 2010-08-24 Show GitHub Exploit DB Packet Storm
256324 9.3 危険 アドビシステムズ - Adobe Shockwave Player における整数符号エラーの脆弱性 CWE-189
数値処理の問題 		CVE-2010-2875 2010-09-13 15:44 2010-08-24 Show GitHub Exploit DB Packet Storm
256325 9.3 危険 アドビシステムズ - Adobe Shockwave Player における任意のコードを実行される脆弱性 CWE-399
リソース管理の問題 		CVE-2010-2874 2010-09-13 15:44 2010-08-24 Show GitHub Exploit DB Packet Storm
256326 9.3 危険 アドビシステムズ - Adobe Shockwave Player における任意のコードを実行される脆弱性 CWE-20
不適切な入力確認 		CVE-2010-2873 2010-09-13 15:43 2010-08-24 Show GitHub Exploit DB Packet Storm
256327 9.3 危険 アドビシステムズ - Adobe Shockwave Player における任意のコードを実行される脆弱性 CWE-20
不適切な入力確認 		CVE-2010-2872 2010-09-10 15:17 2010-08-24 Show GitHub Exploit DB Packet Storm
256328 9.3 危険 アドビシステムズ - Adobe Shockwave Player の 3D オブジェクト関数における整数オーバーフローの脆弱性 CWE-189
数値処理の問題 		CVE-2010-2871 2010-09-10 15:17 2010-08-24 Show GitHub Exploit DB Packet Storm
256329 9.3 危険 アドビシステムズ - Adobe Shockwave Player の DIRAPIX.dll における任意のコードを実行される脆弱性 CWE-119
バッファエラー 		CVE-2010-2870 2010-09-10 15:17 2010-08-24 Show GitHub Exploit DB Packet Storm
256330 9.3 危険 アドビシステムズ - Adobe Shockwave Player の IML32.dll における任意のコードを実行される脆弱性 CWE-119
バッファエラー 		CVE-2010-2869 2010-09-10 15:16 2010-08-24 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:May 31, 2026, 4:16 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
208101 5.3 MEDIUM
Network 		lightning_network_daemon_project lightning_network_daemon Prior to 0.10.0-beta, LND (Lightning Network Daemon) would have accepted a counterparty high-S signature and broadcast tx-relay invalid local commitment/HTLC transactions. This can be exploited by an… CWE-354
 Improper Validation of Integrity Check Value 		CVE-2020-26895 2024-11-21 14:20 2020-10-21 Show GitHub Exploit DB Packet Storm
208102 6.1 MEDIUM
Network 		matrix synapse AuthRestServlet in Matrix Synapse before 1.21.0 is vulnerable to XSS due to unsafe interpolation of the session GET parameter. This allows a remote attacker to execute an XSS attack on the domain Syn… CWE-79
Cross-site Scripting 		CVE-2020-26891 2024-11-21 14:20 2020-10-20 Show GitHub Exploit DB Packet Storm
208103 9.8 CRITICAL
Network 		libtaxii_project
eclecticiq 		libtaxii
opentaxii 		TAXII libtaxii through 1.1.117, as used in EclecticIQ OpenTAXII through 0.2.0 and other products, allows SSRF via an initial http:// substring to the parse method, even when the no_network setting is… CWE-918
Server-Side Request Forgery (SSRF)  		CVE-2020-27197 2024-11-21 14:20 2020-10-18 Show GitHub Exploit DB Packet Storm
208104 8.2 HIGH
Network 		lightning_network_daemon_project lightning_network_daemon Prior to 0.11.0-beta, LND (Lightning Network Daemon) had a vulnerability in its invoice database. While claiming on-chain a received HTLC output, it didn't verify that the corresponding outgoing off-… CWE-354
 Improper Validation of Integrity Check Value 		CVE-2020-26896 2024-11-21 14:20 2020-10-21 Show GitHub Exploit DB Packet Storm
208105 5.5 MEDIUM
Local 		linux linux_kernel An issue was discovered in the Linux kernel before 5.8.15. scalar32_min_max_or in kernel/bpf/verifier.c mishandles bounds tracking during use of 64-bit values, aka CID-5b9fbeb75b6a. CWE-681
 Incorrect Conversion between Numeric Types 		CVE-2020-27194 2024-11-21 14:20 2020-10-17 Show GitHub Exploit DB Packet Storm
208106 7.5 HIGH
Network 		apereo central_authentication_service Apereo CAS 5.3.x before 5.3.16, 6.x before 6.1.7.2, 6.2.x before 6.2.4, and 6.3.x before 6.3.0-RC4 mishandles secret keys with Google Authenticator for multifactor authentication. NVD-CWE-noinfo
CVE-2020-27178 2024-11-21 14:20 2020-10-17 Show GitHub Exploit DB Packet Storm
208107 5.4 MEDIUM
Network 		testimonial_rotator_project testimonial_rotator Testimonial Rotator Wordpress Plugin 3.0.2 is affected by Cross Site Scripting (XSS) in /wp-admin/post.php. If a user intercepts a request and inserts a payload in "cite" parameter, the payload will … CWE-79
Cross-site Scripting 		CVE-2020-26672 2024-11-21 14:20 2020-10-17 Show GitHub Exploit DB Packet Storm
208108 9.8 CRITICAL
Network 		aptean product_configurator An issue was discovered in Aptean Product Configurator 4.61.0000 on Windows. A Time based SQL injection affects the nameTxt parameter on the main login page (aka cse?cmd=LOGIN). This can be exploited… CWE-89
SQL Injection 		CVE-2020-26944 2024-11-21 14:20 2020-10-16 Show GitHub Exploit DB Packet Storm
208109 8.8 HIGH
Network 		libass_project libass In libass 0.14.0, the `ass_outline_construct`'s call to `outline_stroke` causes a signed integer overflow. CWE-190
 Integer Overflow or Wraparound 		CVE-2020-26682 2024-11-21 14:20 2020-10-16 Show GitHub Exploit DB Packet Storm
208110 7.8 HIGH
Local 		clamxav clamxav An issue was discovered in ClamXAV 3 before 3.1.1. A malicious actor could use a properly signed copy of ClamXAV 2 (running with an injected malicious dylib) to communicate with ClamXAV 3's helper to… CWE-345
 Insufficient Verification of Data Authenticity 		CVE-2020-26893 2024-11-21 14:20 2020-10-16 Show GitHub Exploit DB Packet Storm