Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":June 10, 2026, 6 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
256391 9.3 危険 アドビシステムズ - Adobe Shockwave Player の Font Xtra.x32 モジュールにおける任意のコードを実行される脆弱性 CWE-119
バッファエラー 		CVE-2011-0569 2011-03-17 15:37 2011-02-8 Show GitHub Exploit DB Packet Storm
256392 9.3 危険 アドビシステムズ - Adobe Shockwave Player における整数オーバーフローの脆弱性 CWE-189
数値処理の問題 		CVE-2011-0557 2011-03-17 08:38 2011-02-8 Show GitHub Exploit DB Packet Storm
256393 9.3 危険 アドビシステムズ - Adobe Shockwave Player の Font Xtra.x32 モジュールにおける任意のコードを実行される脆弱性 CWE-119
バッファエラー 		CVE-2011-0556 2011-03-17 08:37 2011-02-8 Show GitHub Exploit DB Packet Storm
256394 9.3 危険 アドビシステムズ - Adobe Shockwave Player の TextXtra.x32 モジュールにおける任意のコードを実行される脆弱性 CWE-119
バッファエラー 		CVE-2011-0555 2011-03-17 08:37 2011-02-8 Show GitHub Exploit DB Packet Storm
256395 9.3 危険 アドビシステムズ - Adobe Shockwave Player におけるバッファオーバーフローの脆弱性 CWE-119
バッファエラー 		CVE-2010-4307 2011-03-17 08:36 2011-02-8 Show GitHub Exploit DB Packet Storm
256396 9.3 危険 アドビシステムズ - Adobe Shockwave Player における任意のコードを実行される脆弱性 CWE-119
バッファエラー 		CVE-2010-4306 2011-03-17 08:36 2011-02-8 Show GitHub Exploit DB Packet Storm
256397 9.3 危険 アドビシステムズ - Adobe Shockwave Player の Shockwave 3d Asset モジュールにおける任意のコードを実行される脆弱性 CWE-20
不適切な入力確認 		CVE-2010-4196 2011-03-17 08:36 2011-02-8 Show GitHub Exploit DB Packet Storm
256398 7.5 危険 アップル
VMware
サン・マイクロシステムズ
ヒューレット・パッカード
レッドハット		 - 複数の Oracle 製品の Java 2D コンポーネントにおける脆弱性 CWE-noinfo
情報不足 		CVE-2010-0849 2011-03-17 08:18 2010-03-30 Show GitHub Exploit DB Packet Storm
256399 7.5 危険 アップル
VMware
サン・マイクロシステムズ
ヒューレット・パッカード
レッドハット		 - 複数の Oracle 製品の Java 2D コンポーネントにおける脆弱性 CWE-noinfo
情報不足 		CVE-2010-0848 2011-03-17 08:18 2010-03-30 Show GitHub Exploit DB Packet Storm
256400 7.5 危険 サン・マイクロシステムズ
VMware		 - 複数の Oracle 製品の Java 2D コンポーネントにおける脆弱性 CWE-noinfo
情報不足 		CVE-2010-0850 2011-03-17 08:17 2010-03-30 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:June 11, 2026, 5:13 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
211651 3.8 LOW
Physics 		nuvoton npct75x_firmware An attacker with physical access to Nuvoton Trusted Platform Module (NPCT75x 7.2.x before 7.2.2.0) could extract an Elliptic Curve Cryptography (ECC) private key via a side-channel attack against ECD… CWE-203
 Information Exposure Through Discrepancy 		CVE-2020-25082 2024-11-21 14:17 2021-08-11 Show GitHub Exploit DB Packet Storm
211652 7.2 HIGH
Network 		mimosa b5_firmware
b5c_firmware
c5c_firmware 		The web console for Mimosa B5, B5c, and C5x firmware through 2.8.0.2 allows authenticated command injection in the Throughput, WANStats, PhyStats, and QosStats API classes. An attacker with access to… CWE-78
OS Command  		CVE-2020-25206 2024-11-21 14:17 2021-07-21 Show GitHub Exploit DB Packet Storm
211653 6.1 MEDIUM
Network 		mimosa b5_firmware
b5c_firmware
c5c_firmware 		The web console for Mimosa B5, B5c, and C5x firmware through 2.8.0.2 is vulnerable to stored XSS in the set_banner() function of /var/www/core/controller/index.php. An unauthenticated attacker may se… CWE-79
Cross-site Scripting 		CVE-2020-25205 2024-11-21 14:17 2021-07-21 Show GitHub Exploit DB Packet Storm
211654 7.8 HIGH
Local 		bookingcore booking_core The “Subscribe” feature in Ultimate Booking System Booking Core 1.7.0 is vulnerable to CSV formula injection. The input containing the excel formula is not being sanitized by the application. As a re… CWE-1236
 Improper Neutralization of Formula Elements in a CSV File 		CVE-2020-25445 2024-11-21 14:17 2021-07-15 Show GitHub Exploit DB Packet Storm
211655 5.4 MEDIUM
Network 		bookingcore booking_core Cross Site Scripting (XSS) vulnerability in Booking Core - Ultimate Booking System Booking Core 1.7.0 via the (1) "About Yourself” section under the “My Profile” page, " (2) “Hotel Policy” field unde… CWE-79
Cross-site Scripting 		CVE-2020-25444 2024-11-21 14:17 2021-07-15 Show GitHub Exploit DB Packet Storm
211656 5.4 MEDIUM
Network 		mozilo mozilocms A stored cross site scripting (XSS) vulnerability in moziloCMS 2.0 allows authenticated attackers to execute arbitrary web scripts or HTML via a crafted payload entered into the "Content" parameter. CWE-79
Cross-site Scripting 		CVE-2020-25394 2024-11-21 14:17 2021-07-10 Show GitHub Exploit DB Packet Storm
211657 5.4 MEDIUM
Network 		cszcms csz_cms A cross site scripting (XSS) vulnerability in CSZ CMS 1.2.9 allows attackers to execute arbitrary web scripts or HTML via a crafted payload entered into the 'New Article' field under the 'Article' pl… CWE-79
Cross-site Scripting 		CVE-2020-25392 2024-11-21 14:17 2021-07-10 Show GitHub Exploit DB Packet Storm
211658 5.4 MEDIUM
Network 		cszcms csz_cms A cross site scripting vulnerability in CSZ CMS 1.2.9 allows attackers to execute arbitrary web scripts or HTML via a crafted payload entered into the 'New Pages' field under the 'Pages Content' modu… CWE-79
Cross-site Scripting 		CVE-2020-25391 2024-11-21 14:17 2021-07-10 Show GitHub Exploit DB Packet Storm
211659 9.8 CRITICAL
Network 		monstra monstra A local file inclusion vulnerability was discovered in the captcha function in Monstra 3.0.4 which allows remote attackers to execute arbitrary PHP code. CWE-829
 Inclusion of Functionality from Untrusted Control Sphere 		CVE-2020-25414 2024-11-21 14:17 2021-06-18 Show GitHub Exploit DB Packet Storm
211660 7.5 HIGH
Network 		online_shopping_alphaware_project online_shopping_alphaware The id paramater in Online Shopping Alphaware 1.0 has been discovered to be vulnerable to an Error-Based blind SQL injection in the /alphaware/details.php path. This allows an attacker to retrieve al… CWE-89
SQL Injection 		CVE-2020-25362 2024-11-21 14:17 2021-06-3 Show GitHub Exploit DB Packet Storm