Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":May 24, 2026, 10 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
256661 7.8 危険 マイクロソフト - Microsoft Windows の TCP/IP 実装におけるサービス運用妨害 (DoS) の脆弱性 CWE-399
リソース管理の問題 		CVE-2010-0242 2010-03-1 11:36 2010-02-9 Show GitHub Exploit DB Packet Storm
256662 10 危険 マイクロソフト - Microsoft Windows の TCP/IP 実装における任意のコードを実行される脆弱性 CWE-94
コード・インジェクション 		CVE-2010-0241 2010-03-1 11:36 2010-02-9 Show GitHub Exploit DB Packet Storm
256663 10 危険 マイクロソフト - Microsoft Windows の TCP/IP 実装における任意のコードを実行される脆弱性 CWE-94
コード・インジェクション 		CVE-2010-0240 2010-03-1 11:36 2010-02-9 Show GitHub Exploit DB Packet Storm
256664 10 危険 マイクロソフト - Microsoft Windows の TCP/IP 実装における任意のコードを実行される脆弱性 CWE-94
コード・インジェクション 		CVE-2010-0239 2010-03-1 11:36 2010-02-9 Show GitHub Exploit DB Packet Storm
256665 9.3 危険 マイクロソフト - Microsoft Windows の SMB クライアント実装における権限昇格の脆弱性 CWE-362
競合状態 		CVE-2010-0017 2010-03-1 11:35 2010-02-9 Show GitHub Exploit DB Packet Storm
256666 9.3 危険 マイクロソフト - Microsoft Windows の SMB クライアント実装における任意のコードを実行される脆弱性 CWE-20
不適切な入力確認 		CVE-2010-0016 2010-03-1 11:35 2010-02-9 Show GitHub Exploit DB Packet Storm
256667 5 警告 日立 - uCosminexus Portal Framework におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		- 2010-02-26 11:36 2010-01-29 Show GitHub Exploit DB Packet Storm
256668 2.6 注意 tDiary開発プロジェクト - tDiary 付属のプラグイン tb-send.rb におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2010-0726 2010-02-25 15:03 2010-02-25 Show GitHub Exploit DB Packet Storm
256669 4.3 警告 サン・マイクロシステムズ - Sun ONE/iPlanet Web Server における HTTP リクエストを非表示にされる脆弱性 CWE-Other
その他 		CVE-2003-1578 2010-02-25 12:36 2003-11-14 Show GitHub Exploit DB Packet Storm
256670 2.6 注意 サン・マイクロシステムズ - Sun ONE/iPlanet Web Server におけるログファイルに任意のテキストを挿入される脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2003-1577 2010-02-25 12:36 2003-11-14 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:May 24, 2026, 4:05 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
208561 7.5 HIGH
Network 		otrs
opensuse
debian 		otrs
leap
backports_sle
debian_linux 		It's possible to craft Lost Password requests with wildcards in the Token value, which allows attacker to retrieve valid Token(s), generated by users which already requested new passwords. This issue… NVD-CWE-noinfo
CVE-2020-1772 2024-11-21 14:11 2020-03-27 Show GitHub Exploit DB Packet Storm
208562 5.4 MEDIUM
Network 		otrs otrs Attacker is able craft an article with a link to the customer address book with malicious content (JavaScript). When agent opens the link, JavaScript code is executed due to the missing parameter enc… CWE-79
Cross-site Scripting 		CVE-2020-1771 2024-11-21 14:11 2020-03-27 Show GitHub Exploit DB Packet Storm
208563 4.3 MEDIUM
Network 		otrs
opensuse
debian 		otrs
leap
backports_sle
debian_linux 		Support bundle generated files could contain sensitive information that might be unwanted to be disclosed. This issue affects: ((OTRS)) Community Edition: 5.0.41 and prior versions, 6.0.26 and prior … CWE-200
Information Exposure 		CVE-2020-1770 2024-11-21 14:11 2020-03-27 Show GitHub Exploit DB Packet Storm
208564 4.3 MEDIUM
Network 		otrs
opensuse 		otrs
leap
backports_sle 		In the login screens (in agent and customer interface), Username and Password fields use autocomplete, which might be considered as security issue. This issue affects: ((OTRS)) Community Edition: 5.0… NVD-CWE-noinfo
CVE-2020-1769 2024-11-21 14:11 2020-03-27 Show GitHub Exploit DB Packet Storm
208565 7.8 HIGH
Local 		huawei p30_firmware HUAWEI smartphones P30 with versions earlier than 10.0.0.185(C00E85R1P11) have an improper access control vulnerability. The software incorrectly restricts access to a function interface from an unau… NVD-CWE-noinfo
CVE-2020-1800 2024-11-21 14:11 2020-03-27 Show GitHub Exploit DB Packet Storm
208566 8.6 HIGH
Network 		kiali
redhat 		kiali
openshift_service_mesh 		A hard-coded cryptographic key vulnerability in the default configuration file was found in Kiali, all versions prior to 1.15.1. A remote attacker could abuse this flaw by creating their own JWT sign… CWE-798
 Use of Hard-coded Credentials 		CVE-2020-1764 2024-11-21 14:11 2020-03-26 Show GitHub Exploit DB Packet Storm
208567 9.8 CRITICAL
Network 		apache
debian 		shiro
debian_linux 		Apache Shiro before 1.5.2, when using Apache Shiro with Spring dynamic controllers, a specially crafted request may cause an authentication bypass. NVD-CWE-noinfo
CVE-2020-1957 2024-11-21 14:11 2020-03-26 Show GitHub Exploit DB Packet Storm
208568 9.8 CRITICAL
Network 		pyyaml
fedoraproject
opensuse
oracle 		pyyaml
fedora
leap
communications_cloud_native_core_network_function_cloud_native_environment 		A vulnerability was discovered in the PyYAML library in versions before 5.3.1, where it is susceptible to arbitrary code execution when it processes untrusted YAML files through the full_load method … - CVE-2020-1747 2024-11-21 14:11 2020-03-25 Show GitHub Exploit DB Packet Storm
208569 5.6 MEDIUM
Network 		redhat keycloak A flaw was found in keycloak before version 9.0.1. When configuring an Conditional OTP Authentication Flow as a post login flow of an IDP, the failure login events for OTP are not being sent to the b… CWE-755
 Improper Handling of Exceptional Conditions 		CVE-2020-1744 2024-11-21 14:11 2020-03-24 Show GitHub Exploit DB Packet Storm
208570 9.8 CRITICAL
Network 		apache
debian 		traffic_server
debian_linux 		There is a vulnerability in Apache Traffic Server 6.0.0 to 6.2.3, 7.0.0 to 7.1.8, and 8.0.0 to 8.0.5 with a smuggling attack and Transfer-Encoding and Content length headers. Upgrade to versions 7.1.… CWE-444
HTTP Request Smuggling 		CVE-2020-1944 2024-11-21 14:11 2020-03-24 Show GitHub Exploit DB Packet Storm