Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":May 21, 2026, 6:01 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
256541 9.3 危険 マイクロソフト - Microsoft Internet Explorer において任意のコードが実行される脆弱性 CWE-399
リソース管理の問題 		CVE-2010-0249 2010-02-19 14:21 2010-01-15 Show GitHub Exploit DB Packet Storm
256542 7.5 危険 アップル
MySQL AB		 - MySQL で使用される yaSSL におけるサービス運用妨害 (DoS) の脆弱性 CWE-119
バッファエラー 		CVE-2008-0227 2010-02-19 11:37 2008-01-10 Show GitHub Exploit DB Packet Storm
256543 7.5 危険 アップル
MySQL AB		 - MySQL で使用される yaSSL における複数のバッファオーバーフローの脆弱性 CWE-119
バッファエラー 		CVE-2008-0226 2010-02-19 11:32 2008-01-10 Show GitHub Exploit DB Packet Storm
256544 7.5 危険 Linux
レッドハット		 - Linux kernel の do_coredump 関数における任意のファイルを改ざんされる脆弱性 - CVE-2006-6304 2010-02-18 14:28 2006-12-14 Show GitHub Exploit DB Packet Storm
256545 7.8 危険 Linux
レッドハット		 - Linux kernel の net/ipv4/route.c 用の特定のレッドハットパッチにおけるサービス運用妨害 (DoS) の脆弱性 CWE-20
不適切な入力確認 		CVE-2009-4272 2010-02-18 14:28 2010-01-19 Show GitHub Exploit DB Packet Storm
256546 9.3 危険 レッドハット
リアルネットワークス		 - Realnetworks RealPlayer におけるバッファオーバーフローの脆弱性 CWE-119
バッファエラー 		CVE-2009-4248 2010-02-17 11:48 2010-01-19 Show GitHub Exploit DB Packet Storm
256547 9.3 危険 リアルネットワークス - Realnetworks RealPlayer における任意のコードを実行される脆弱性 CWE-119
バッファエラー 		CVE-2009-4246 2010-02-17 11:48 2010-01-19 Show GitHub Exploit DB Packet Storm
256548 9.3 危険 レッドハット
リアルネットワークス		 - Realnetworks RealPlayer の smlrender.dll における任意のコードを実行される脆弱性 CWE-119
バッファエラー 		CVE-2009-4257 2010-02-17 11:48 2010-01-19 Show GitHub Exploit DB Packet Storm
256549 9.3 危険 レッドハット
リアルネットワークス		 - Realnetworks RealPlayer におけるヒープベースのバッファオーバーフローの脆弱性 CWE-119
バッファエラー 		CVE-2009-4245 2010-02-17 11:48 2010-01-19 Show GitHub Exploit DB Packet Storm
256550 9.3 危険 リアルネットワークス - Realnetworks RealPlayer における任意のコードを実行される脆弱性 CWE-119
バッファエラー 		CVE-2009-4244 2010-02-17 11:48 2010-01-19 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:May 22, 2026, 4:08 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
212711 7.8 HIGH
Local 		microweber microweber Microweber 1.1.18 allows Unrestricted File Upload because admin/view:modules/load_module:users#edit-user=1 does not verify that the file extension (used with the Add Image option on the Edit User scr… CWE-434
 Unrestricted Upload of File with Dangerous Type  		CVE-2020-13241 2024-11-21 14:00 2020-05-21 Show GitHub Exploit DB Packet Storm
212712 7.5 HIGH
Network 		gitea gitea An issue was discovered in Gitea through 1.11.5. An attacker can trigger a deadlock by initiating a transfer of a repository's ownership from one organization to another. CWE-667
 Improper Locking 		CVE-2020-13246 2024-11-21 14:00 2020-05-21 Show GitHub Exploit DB Packet Storm
212713 5.4 MEDIUM
Network 		dolibarr dolibarr_erp\/crm The DMS/ECM module in Dolibarr 11.0.4 allows users with the 'Setup documents directories' permission to rename uploaded files to have insecure file extensions. This bypasses the .noexe protection mec… CWE-668
CWE-276
 Exposure of Resource to Wrong Sphere
Incorrect Default Permissions  		CVE-2020-13240 2024-11-21 14:00 2020-05-21 Show GitHub Exploit DB Packet Storm
212714 5.4 MEDIUM
Network 		dolibarr dolibarr_erp\/crm The DMS/ECM module in Dolibarr 11.0.4 renders user-uploaded .html files in the browser when the attachment parameter is removed from the direct download link. This causes XSS. CWE-79
Cross-site Scripting 		CVE-2020-13239 2024-11-21 14:00 2020-05-21 Show GitHub Exploit DB Packet Storm
212715 6.5 MEDIUM
Network 		cacti
fedoraproject 		cacti
fedora 		In Cacti before 1.2.11, auth_profile.php?action=edit allows CSRF for an admin email change. CWE-352
 Origin Validation Error 		CVE-2020-13231 2024-11-21 14:00 2020-05-20 Show GitHub Exploit DB Packet Storm
212716 4.3 MEDIUM
Network 		cacti
debian
fedoraproject 		cacti
debian_linux
fedora 		In Cacti before 1.2.11, disabling a user account does not immediately invalidate any permissions granted to that account (e.g., permission to view logs). CWE-281
 Improper Preservation of Permissions 		CVE-2020-13230 2024-11-21 14:00 2020-05-20 Show GitHub Exploit DB Packet Storm
212717 5.5 MEDIUM
Local 		kde amarok A remote user can create a specially crafted M3U file, media playlist file that when loaded by the target user, will trigger a memory leak, whereby Amarok 2.8.0 continue to waste resources over time,… CWE-401
 Missing Release of Memory after Effective Lifetime 		CVE-2020-13152 2024-11-21 14:00 2020-05-20 Show GitHub Exploit DB Packet Storm
212718 9.8 CRITICAL
Network 		smartbear readyapi An issue was discovered in SmartBear ReadyAPI SoapUI Pro 3.2.5. Due to unsafe use of an Java RMI based protocol in an unsafe configuration, an attacker can inject malicious serialized objects into th… CWE-502
 Deserialization of Untrusted Data 		CVE-2020-12835 2024-11-21 14:00 2020-05-20 Show GitHub Exploit DB Packet Storm
212719 9.8 CRITICAL
Network 		wso2 api_manager WSO2 API Manager 3.0.0 does not properly restrict outbound network access from a Publisher node, opening up the possibility of SSRF to this node's entire intranet. CWE-918
Server-Side Request Forgery (SSRF)  		CVE-2020-13226 2024-11-21 14:00 2020-05-20 Show GitHub Exploit DB Packet Storm
212720 4.8 MEDIUM
Network 		phpipam phpipam phpIPAM 1.4 contains a stored cross site scripting (XSS) vulnerability within the Edit User Instructions field of the User Instructions widget. CWE-79
Cross-site Scripting 		CVE-2020-13225 2024-11-21 14:00 2020-05-20 Show GitHub Exploit DB Packet Storm