Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":May 27, 2026, 6 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
256831 9 危険 マイクロソフト - Microsoft Windows の SMB 実装における任意のコードを実行される脆弱性 CWE-20
CWE-94
CVE-2010-0020 2010-03-3 11:53 2010-02-9 Show GitHub Exploit DB Packet Storm
256832 6.9 警告 マイクロソフト - Microsoft Windows の Client/Server Run-time Subsystem における権限昇格の脆弱性 CWE-264
認可・権限・アクセス制御 		CVE-2010-0023 2010-03-3 11:53 2010-02-9 Show GitHub Exploit DB Packet Storm
256833 4 警告 マイクロソフト - Microsoft Windows の Hyper-V サーバ実装におけるサービス運用妨害 (DoS) の脆弱性 CWE-20
不適切な入力確認 		CVE-2010-0026 2010-03-3 11:53 2010-02-9 Show GitHub Exploit DB Packet Storm
256834 9.3 危険 日本電気
アップル
富士通
古河電気工業
ヒューレット・パッカード
インターネットイニシアティブ
アラクサラネットワークス
日立		 - IPv6 NDP 実装における Neighbor Discovery メッセージの送信元検証処理に関する脆弱性 CWE-20
不適切な入力確認 		CVE-2008-2476 2010-03-3 11:43 2008-10-3 Show GitHub Exploit DB Packet Storm
256835 9.3 危険 マイクロソフト - Microsoft Office PowerPoint におけるスタックベースのバッファオーバーフローの脆弱性 CWE-119
バッファエラー 		CVE-2010-0034 2010-03-2 11:29 2010-02-9 Show GitHub Exploit DB Packet Storm
256836 9.3 危険 マイクロソフト - Microsoft Office PowerPoint におけるスタックベースのバッファオーバーフローの脆弱性 CWE-119
バッファエラー 		CVE-2010-0033 2010-03-2 11:28 2010-02-9 Show GitHub Exploit DB Packet Storm
256837 9.3 危険 マイクロソフト - Microsoft Office PowerPoint における任意のコードを実行される脆弱性 CWE-94
CWE-Other
CVE-2010-0032 2010-03-2 11:28 2010-02-9 Show GitHub Exploit DB Packet Storm
256838 9.3 危険 マイクロソフト - Microsoft Office PowerPoint における任意のコードを実行される脆弱性 CWE-94
コード・インジェクション 		CVE-2010-0031 2010-03-2 11:27 2010-02-9 Show GitHub Exploit DB Packet Storm
256839 9.3 危険 マイクロソフト - Microsoft Office PowerPoint におけるヒープベースのバッファオーバーフローの脆弱性 CWE-119
バッファエラー 		CVE-2010-0030 2010-03-2 11:27 2010-02-9 Show GitHub Exploit DB Packet Storm
256840 9.3 危険 マイクロソフト - Microsoft Office PowerPoint におけるバッファオーバーフローの脆弱性 CWE-119
バッファエラー 		CVE-2010-0029 2010-03-2 11:26 2010-02-9 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:May 27, 2026, 4:52 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
213681 8.8 HIGH
Network 		gogogate ismartgate_pro_firmware iSmartgate PRO 1.5.9 is vulnerable to CSRF via the busca parameter in the form used for searching for users, accessible via /index.php. (This can be combined with reflected XSS.) CWE-352
 Origin Validation Error 		CVE-2020-12282 2024-11-21 13:59 2020-09-25 Show GitHub Exploit DB Packet Storm
213682 6.5 MEDIUM
Network 		gogogate ismartgate_pro_firmware iSmartgate PRO 1.5.9 is vulnerable to CSRF that allows remote attackers to create a new user via /index.php. CWE-352
 Origin Validation Error 		CVE-2020-12281 2024-11-21 13:59 2020-09-25 Show GitHub Exploit DB Packet Storm
213683 6.5 MEDIUM
Network 		gogogate ismartgate_pro_firmware iSmartgate PRO 1.5.9 is vulnerable to CSRF that allows remote attackers to open/close a specified garage door/gate via /isg/opendoor.php. CWE-352
 Origin Validation Error 		CVE-2020-12280 2024-11-21 13:59 2020-09-25 Show GitHub Exploit DB Packet Storm
213684 7.2 HIGH
Network 		apache syncope In Apache Syncope 2.1.X releases prior to 2.1.7, when the Flowable extension is enabled, an administrator with workflow entitlements can use Shell Service Tasks to perform malicious operations, inclu… NVD-CWE-noinfo
CVE-2020-11977 2024-11-21 13:59 2020-09-16 Show GitHub Exploit DB Packet Storm
213685 7.5 HIGH
Network 		apache cocoon When using the StreamGenerator, the code parse a user-provided XML. A specially crafted XML, including external system entities, could be used to access any file on the server system. CWE-611
XXE 		CVE-2020-11991 2024-11-21 13:59 2020-09-11 Show GitHub Exploit DB Packet Storm
213686 9.8 CRITICAL
Network 		apache
oracle 		activemq
flexcube_private_banking
enterprise_repository
communications_diameter_signaling_router
communications_element_manager
communications_session_route_manager
communications_s… 		A regression has been introduced in the commit preventing JMX re-bind. By passing an empty environment map to RMIConnectorServer, instead of the map that contains the authentication credentials, it l… NVD-CWE-noinfo
CVE-2020-11998 2024-11-21 13:59 2020-09-11 Show GitHub Exploit DB Packet Storm
213687 9.8 CRITICAL
Network 		apache netbeans To be able to analyze gradle projects, the build scripts need to be executed. Apache NetBeans follows this pattern. This causes the code of the build script to be invoked at load time of the project.… NVD-CWE-noinfo
CVE-2020-11986 2024-11-21 13:59 2020-09-10 Show GitHub Exploit DB Packet Storm
213688 8.8 HIGH
Network 		foxitsoftware phantompdf
reader 		In Foxit Reader and PhantomPDF before 10.0.1, and PhantomPDF before 9.7.3, attackers can execute arbitrary code via a heap-based buffer overflow because dirty image-resource data is mishandled. CWE-787
 Out-of-bounds Write 		CVE-2020-12248 2024-11-21 13:59 2020-09-4 Show GitHub Exploit DB Packet Storm
213689 7.1 HIGH
Local 		foxitsoftware phantompdf
reader 		In Foxit Reader and PhantomPDF before 10.0.1, and PhantomPDF before 9.7.3, attackers can obtain sensitive information from an out-of-bounds read because a text-string index continues to be used after… CWE-125
Out-of-bounds Read 		CVE-2020-12247 2024-11-21 13:59 2020-09-4 Show GitHub Exploit DB Packet Storm
213690 6.1 MEDIUM
Network 		oscommerce ce_phoenix Several XSS vulnerabilities in osCommerce CE Phoenix before 1.0.6.0 allow an attacker to inject and execute arbitrary JavaScript code. The malicious code can be injected as follows: the page paramete… CWE-79
Cross-site Scripting 		CVE-2020-12058 2024-11-21 13:59 2020-09-3 Show GitHub Exploit DB Packet Storm