Vulnerability Search Top

Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

Vulnerability Information Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":June 20, 2026, 2 p.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
257111	9.3	危険	サン・マイクロシステムズサイバートラスト株式会社 Mozilla Foundation レッドハットオラクル	-	Mozilla NSS の正規表現の解析における任意のコードを実行される脆弱性	CWE-119 バッファエラー	CVE-2009-2404	2011-05-9 11:11	2009-08-1	Show	GitHub Exploit DB Packet Storm

257112	7.5	危険	アップルサイバートラスト株式会社 xmlsoft.org レッドハットオラクル	-	libxslt の pattern.c におけるバッファオーバーフローの脆弱性	CWE-119 バッファエラー	CVE-2008-1767	2011-05-9 11:07	2008-05-21	Show	GitHub Exploit DB Packet Storm

257113	9.3	危険	レッドハット GNOME Project オラクル	-	Evolution の iCalendar 添付ファイルの処理に関するヒープベースのバッファオーバーフローの脆弱性	CWE-119 バッファエラー	CVE-2008-1109	2011-05-9 11:04	2008-06-4	Show	GitHub Exploit DB Packet Storm

257114	7.6	危険	レッドハット GNOME Project オラクル	-	Evolution のタイムゾーン処理に関するバッファーオーバーフローの脆弱性	CWE-119 バッファエラー	CVE-2008-1108	2011-05-9 10:51	2008-06-4	Show	GitHub Exploit DB Packet Storm

257115	2.6	注意	レッドハットオラクル	-	gedit の不正なファイル名の処理によるフォーマットストリングの脆弱性	-	CVE-2005-1686	2011-05-9 10:49	2005-05-24	Show	GitHub Exploit DB Packet Storm

257116	7.8	危険	シスコシステムズ	-	Cisco IOS におけるサービス運用妨害 (DoS) の脆弱性	CWE-399 リソース管理の問題	CVE-2010-4683	2011-05-9 10:22	2011-01-7	Show	GitHub Exploit DB Packet Storm

257117	7.2	危険	マイクロソフト	-	Microsoft Windows の win32k.sys における権限昇格の脆弱性	CWE-399 リソース管理の問題	CVE-2011-1234	2011-05-6 11:28	2011-04-12	Show	GitHub Exploit DB Packet Storm

257118	7.2	危険	マイクロソフト	-	Microsoft Windows の win32k.sys における権限昇格の脆弱性	CWE-399 リソース管理の問題	CVE-2011-0675	2011-05-6 11:27	2011-04-12	Show	GitHub Exploit DB Packet Storm

257119	7.2	危険	マイクロソフト	-	Microsoft Windows の win32k.sys における権限昇格の脆弱性	CWE-399 リソース管理の問題	CVE-2011-0674	2011-05-6 11:27	2011-04-12	Show	GitHub Exploit DB Packet Storm

257120	7.2	危険	マイクロソフト	-	Microsoft Windows の win32k.sys における権限昇格の脆弱性	CWE-399 リソース管理の問題	CVE-2011-0672	2011-05-6 11:26	2011-04-12	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:June 20, 2026, 4:01 a.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
219131	6.5	MEDIUM Network	maxum	rumpus	An issue was discovered in Maxum Rumpus before 8.2.12 on macOS. Authenticated users can perform a path traversal using double escaped characters, enabling read access to arbitrary files on the server.	CWE-22 Path Traversal	CVE-2020-12737	2024-11-21 14:00	2020-05-9	Show	GitHub Exploit DB Packet Storm

219132	5.5	MEDIUM Local	avira	free_antivirus	Avira Free Antivirus through 15.0.2005.1866 allows local users to discover user credentials. The functions of the executable file Avira.PWM.NativeMessaging.exe are aimed at collecting credentials sto…	NVD-CWE-noinfo	CVE-2020-12680	2024-11-21 14:00	2020-05-8	Show	GitHub Exploit DB Packet Storm

219133	9.8	CRITICAL Network	domainmod	domainmod	reset.php in DomainMOD 4.13.0 uses insufficient entropy for password reset requests, leading to account takeover.	CWE-331 Insufficient Entropy	CVE-2020-12735	2024-11-21 14:00	2020-05-8	Show	GitHub Exploit DB Packet Storm

219134	9.8	CRITICAL Network	vbulletin	vbulletin	vBulletin before 5.5.6pl1, 5.6.0 before 5.6.0pl1, and 5.6.1 before 5.6.1pl1 has incorrect access control.	CWE-89 CWE-306 SQL Injection Missing Authentication for Critical Function	CVE-2020-12720	2024-11-21 14:00	2020-05-8	Show	GitHub Exploit DB Packet Storm

219135	7.2	HIGH Network	wso2	identity_server_analytics identity_server identity_server_as_key_manager enterprise_integrator api_microgateway api_manager_analytics api_manager	XXE during an EventPublisher update can occur in Management Console in WSO2 API Manager 3.0.0 and earlier, API Manager Analytics 2.5.0 and earlier, API Microgateway 2.2.0, Enterprise Integrator 6.4.0…	CWE-611 XXE	CVE-2020-12719	2024-11-21 14:00	2020-05-8	Show	GitHub Exploit DB Packet Storm

219136	5.4	MEDIUM Network	php-fusion	php-fusion	In administration/comments.php in PHP-Fusion 9.03.50, an authenticated attacker can take advantage of a stored XSS vulnerability in the Preview Comment feature. The protection mechanism can be bypass…	CWE-79 Cross-site Scripting	CVE-2020-12718	2024-11-21 14:00	2020-05-8	Show	GitHub Exploit DB Packet Storm

219137	6.1	MEDIUM Network	php-fusion	php-fusion	Multiple cross-site scripting vulnerabilities in PHP-Fusion 9.03.50 allow remote attackers to inject arbitrary web script or HTML via the cat_id parameter to downloads/downloads.php or article.php. N…	CWE-79 Cross-site Scripting	CVE-2020-12708	2024-11-21 14:00	2020-05-8	Show	GitHub Exploit DB Packet Storm

219138	6.1	MEDIUM Network	lepton-cms	lepton_cms	An XSS vulnerability exists in modules/wysiwyg/save.php of LeptonCMS 4.5.0. This can be exploited because the only security measure used against XSS is the stripping of SCRIPT elements. A malicious a…	CWE-79 Cross-site Scripting	CVE-2020-12707	2024-11-21 14:00	2020-05-8	Show	GitHub Exploit DB Packet Storm

219139	5.4	MEDIUM Network	php-fusion	php-fusion	Multiple Cross-site scripting vulnerabilities in PHP-Fusion 9.03.50 allow remote attackers to inject arbitrary web script or HTML via the go parameter to faq/faq_admin.php or shoutbox_panel/shoutbox_…	CWE-79 Cross-site Scripting	CVE-2020-12706	2024-11-21 14:00	2020-05-8	Show	GitHub Exploit DB Packet Storm

219140	6.1	MEDIUM Network	lepton-cms	leptoncms	Multiple cross-site scripting (XSS) vulnerabilities exist in LeptonCMS before 4.6.0.	CWE-79 Cross-site Scripting	CVE-2020-12705	2024-11-21 14:00	2020-05-8	Show	GitHub Exploit DB Packet Storm