Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":May 24, 2026, 10 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
256881 5 警告 有限会社シースリー - WebCalenderC3 におけるディレクトリトラバーサルの脆弱性 CWE-22
パス・トラバーサル 		CVE-2010-0348 2010-01-12 15:01 2010-01-12 Show GitHub Exploit DB Packet Storm
256882 4.3 警告 有限会社シースリー - WebCalenderC3 におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2010-0349 2010-01-12 15:00 2010-01-12 Show GitHub Exploit DB Packet Storm
256883 10 危険 サイバートラスト株式会社
XEmacs		 - XEmacs の glyphs-eimage.c における整数オーバーフローの脆弱性 CWE-189
数値処理の問題 		CVE-2009-2688 2010-01-12 14:48 2009-08-5 Show GitHub Exploit DB Packet Storm
256884 6.8 警告 IBM - IBM WebSphere Application Server (WAS) におけるクロスサイトリクエストフォージェリの脆弱性 CWE-352
同一生成元ポリシー違反 		CVE-2009-2746 2010-01-12 14:48 2009-11-13 Show GitHub Exploit DB Packet Storm
256885 5 警告 アップル - Apple Safari におけるローカル HTML ファイルを読まれる脆弱性 CWE-Other
その他 		CVE-2009-2842 2010-01-7 12:09 2009-11-11 Show GitHub Exploit DB Packet Storm
256886 5.5 警告 シックス・アパート株式会社 - Movable Type におけるアクセス制限回避の脆弱性 CWE-264
認可・権限・アクセス制御 		- 2010-01-6 15:01 2010-01-6 Show GitHub Exploit DB Packet Storm
256887 9.3 危険 マイクロソフト - Microsoft Office Word および Open XML File Format Converter における、任意のコードを実行される脆弱性 CWE-94
コード・インジェクション 		CVE-2009-3135 2010-01-6 14:44 2009-11-10 Show GitHub Exploit DB Packet Storm
256888 5 警告 トレンドマイクロ
日本電気
Apache Software Foundation
富士通
サイバートラスト株式会社
サン・マイクロシステムズ
ヒューレット・パッカード
レッドハット		 - Apache Tomcat の Apache HTTP Server との組合せによるディレクトリトラバーサルの脆弱性 CWE-22
パス・トラバーサル 		CVE-2007-0450 2010-01-6 14:43 2007-03-16 Show GitHub Exploit DB Packet Storm
256889 9.3 危険 マイクロソフト - Microsoft Office Excel および Open XML File Format Converter におけるオブジェクトを含むスプレッドシートの処理に関する任意のコードを実行される脆弱性 CWE-94
コード・インジェクション 		CVE-2009-3133 2010-01-5 16:18 2009-11-10 Show GitHub Exploit DB Packet Storm
256890 9.3 危険 マイクロソフト - Microsoft Office Excel および Open XML File Format Converter における BIFF レコードの処理に関する任意のコードを実行される脆弱性 CWE-119
バッファエラー 		CVE-2009-3130 2010-01-5 16:18 2009-11-10 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:May 24, 2026, 4:05 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
211061 7.5 HIGH
Network 		openvpn
fedoraproject
canonical
debian 		openvpn
fedora
ubuntu_linux
debian_linux 		OpenVPN 2.5.1 and earlier versions allows a remote attackers to bypass authentication and access control channel data on servers configured with deferred authentication, which can be used to potentia… CWE-306
Missing Authentication for Critical Function 		CVE-2020-15078 2024-11-21 14:04 2021-04-26 Show GitHub Exploit DB Packet Storm
211062 7.1 HIGH
Local 		openvpn connect OpenVPN Connect installer for macOS version 3.2.6 and older may corrupt system critical files it should not have access via symlinks in /tmp. CWE-59
Link Following 		CVE-2020-15075 2024-11-21 14:04 2021-03-30 Show GitHub Exploit DB Packet Storm
211063 6.5 MEDIUM
Network 		bloomreach experience_manager An issue was discovered in Bloomreach Experience Manager (brXM) 4.1.0 through 14.2.2. It allows CSRF if the attacker uses GET where POST was intended. CWE-352
 Origin Validation Error 		CVE-2020-14989 2024-11-21 14:04 2021-03-12 Show GitHub Exploit DB Packet Storm
211064 5.4 MEDIUM
Network 		bloomreach experience_manager An issue was discovered in Bloomreach Experience Manager (brXM) 4.1.0 through 14.2.2. It allows XSS in the login page via the loginmessage parameter, the text editor via the src attribute of HTML ele… CWE-79
Cross-site Scripting 		CVE-2020-14988 2024-11-21 14:04 2021-03-12 Show GitHub Exploit DB Packet Storm
211065 7.2 HIGH
Network 		bloomreach experience_manager An issue was discovered in Bloomreach Experience Manager (brXM) 4.1.0 through 14.2.2. It allows remote attackers to execute arbitrary code because there is a mishandling of the capability for adminis… CWE-74
CWE-862
Injection
 Missing Authorization 		CVE-2020-14987 2024-11-21 14:04 2021-03-12 Show GitHub Exploit DB Packet Storm
211066 9.1 CRITICAL
Network 		loklak_project loklak loklak is an open-source server application which is able to collect messages from various sources, including twitter. The server contains a search index and a peer-to-peer index sharing interface. A… - CVE-2020-15097 2024-11-21 14:04 2021-02-3 Show GitHub Exploit DB Packet Storm
211067 9.8 CRITICAL
Network 		oracle utilities_framework
coherence 		Vulnerability in the Oracle Coherence product of Oracle Fusion Middleware (component: Core Components). Supported versions that are affected are 3.7.1.0, 12.1.3.0.0, 12.2.1.3.0, 12.2.1.4.0 and 14.1.1… NVD-CWE-noinfo
CVE-2020-14756 2024-11-21 14:04 2021-01-21 Show GitHub Exploit DB Packet Storm
211068 4.7 MEDIUM
Network 		oracle cloud_infrastructure_identity_and_access_management Vulnerability in the Oracle Cloud Infrastructure Identity and Access Management product of Oracle Cloud Services. Easily exploitable vulnerability allows high privileged attacker with network access … NVD-CWE-noinfo
CVE-2020-14874 2024-11-21 14:04 2020-12-23 Show GitHub Exploit DB Packet Storm
211069 5.9 MEDIUM
Network 		askey ap5100w_firmware Askey AP5100W devices through AP5100W_Dual_SIG_1.01.097 are affected by WPS PIN offline brute-force cracking. This arises because of issues with the random number selection for the Diffie-Hellman exc… CWE-330
 Use of Insufficiently Random Values 		CVE-2020-15023 2024-11-21 14:04 2020-12-12 Show GitHub Exploit DB Packet Storm
211070 9.8 CRITICAL
Network 		oracle fusion_middleware Vulnerability in the Oracle WebLogic Server product of Oracle Fusion Middleware (component: Console). Supported versions that are affected are 10.3.6.0.0, 12.1.3.0.0, 12.2.1.3.0, 12.2.1.4.0 and 14.1.… NVD-CWE-noinfo
CVE-2020-14750 2024-11-21 14:04 2020-11-3 Show GitHub Exploit DB Packet Storm