Vulnerability Search Top

Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

Vulnerability Information Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":June 4, 2026, 2 p.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
257131	5.8	警告	サン・マイクロシステムズ GNOME Project レッドハット	-	Evolution Data Server (別名 evolution-data-server) の ntlm_challenge 関数におけるプロセスメモリ情報の漏洩またはサービス運用妨害 (DoS) の脆弱性	CWE-20 不適切な入力確認	CVE-2009-0582	2010-05-14 18:37	2009-03-14	Show	GitHub Exploit DB Packet Storm

257132	1.2	注意	日本電気サイバートラスト株式会社サン・マイクロシステムズターボリナックス OpenSSL Project レッドハット	-	RSA key reconstruction vulnerability	-	CVE-2007-3108	2010-05-14 18:37	2007-08-16	Show	GitHub Exploit DB Packet Storm

257133	5	警告	ヒューレット・パッカードサイバートラスト株式会社 OpenSSL Project ターボリナックスレッドハット	-	OpenSSL の zlib_stateful_finish 関数におけるサービス運用妨害 (DoS) の脆弱性	CWE-399 リソース管理の問題	CVE-2009-4355	2010-05-13 17:21	2010-01-13	Show	GitHub Exploit DB Packet Storm

257134	9.3	危険	日立	-	XMAP3 における任意のコードが実行される脆弱性	CWE-noinfo 情報不足	-	2010-05-13 15:14	2010-04-12	Show	GitHub Exploit DB Packet Storm

257135	4.3	警告	オラクル	-	Oracle Industry Product Suite の Retail - Oracle Retail Plan In-Season コンポーネントにおける脆弱性	CWE-noinfo 情報不足	CVE-2010-0863	2010-05-13 15:13	2010-04-13	Show	GitHub Exploit DB Packet Storm

257136	4.3	警告	オラクル	-	Oracle Industry Product Suite の Retail - Oracle Retail Place In-Season コンポーネントにおける脆弱性	CWE-noinfo 情報不足	CVE-2010-0864	2010-05-13 15:13	2010-04-13	Show	GitHub Exploit DB Packet Storm

257137	4.3	警告	オラクル	-	Oracle Industry Product Suite の Retail - Oracle Retail Markdown Optimization コンポーネントにおける脆弱性	CWE-noinfo 情報不足	CVE-2010-0862	2010-05-13 15:13	2010-04-13	Show	GitHub Exploit DB Packet Storm

257138	4.3	警告	オラクル	-	Oracle Industry Product Suite の Life Sciences - Oracle Thesaurus Management System コンポーネントにおける脆弱性	CWE-noinfo 情報不足	CVE-2010-0875	2010-05-13 15:12	2010-04-13	Show	GitHub Exploit DB Packet Storm

257139	4.3	警告	オラクル	-	Oracle Industry Product Suite の Life Sciences - Oracle Clinical Remote Data Capture Option コンポーネントにおける脆弱性	CWE-noinfo 情報不足	CVE-2010-0876	2010-05-13 15:12	2010-04-13	Show	GitHub Exploit DB Packet Storm

257140	4.3	警告	オラクル	-	Oracle Industry Product Suite の Communications - Oracle Communications Unified Inventory Management コンポーネントにおける脆弱性	CWE-noinfo 情報不足	CVE-2010-0874	2010-05-13 15:12	2010-04-13	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:June 4, 2026, 4:17 a.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
211271	7.7	HIGH Network	halo	halo	There is an Arbitrary file deletion vulnerability in halo v1.1.3. A backup function in the background allows a user, when deleting their backup files, to delete any files on the system through direct…	CWE-22 Path Traversal	CVE-2020-21527	2024-11-21 14:12	2020-10-1	Show	GitHub Exploit DB Packet Storm

211272	9.8	CRITICAL Network	halo	halo	An Arbitrary file writing vulnerability in halo v1.1.3. In an interface to write files in the background, a directory traversal check is performed on the input path parameter, but the startsWith func…	CWE-22 Path Traversal	CVE-2020-21526	2024-11-21 14:12	2020-10-1	Show	GitHub Exploit DB Packet Storm

211273	7.5	HIGH Network	halo	halo	Halo V1.1.3 is affected by: Arbitrary File reading. In an interface that reads files in halo v1.1.3, a directory traversal check is performed on the input path parameter, but the startsWith function …	CWE-22 Path Traversal	CVE-2020-21525	2024-11-21 14:12	2020-10-1	Show	GitHub Exploit DB Packet Storm

211274	9.1	CRITICAL Network	halo	halo	There is a XML external entity (XXE) vulnerability in halo v1.1.3, The function of importing other blogs in the background(/api/admin/migrations/wordpress) needs to parse the xml file, but it is not …	CWE-611 XXE	CVE-2020-21524	2024-11-21 14:12	2020-10-1	Show	GitHub Exploit DB Packet Storm

211275	9.8	CRITICAL Network	halo	halo	A Server-Side Freemarker template injection vulnerability in halo CMS v1.1.3 In the Edit Theme File function. The ftl file can be edited. This is the Freemarker template file. This file can cause arb…	CWE-74 Injection	CVE-2020-21523	2024-11-21 14:12	2020-10-1	Show	GitHub Exploit DB Packet Storm

211276	9.8	CRITICAL Network	halo	halo	An issue was discovered in halo V1.1.3. A Zip Slip Directory Traversal Vulnerability in the backend,the attacker can overwrite some files, such as ftl files, .bashrc files in the user directory, and …	CWE-22 Path Traversal	CVE-2020-21522	2024-11-21 14:12	2020-10-1	Show	GitHub Exploit DB Packet Storm

211277	4.9	MEDIUM Network	frontaccounting	frontaccounting	An issue was discovered in FrontAccounting 2.4.7. There is a Directory Traversal vulnerability that can empty folder via admin/inst_lang.php.	CWE-22 Path Traversal	CVE-2020-21244	2024-11-21 14:12	2020-10-1	Show	GitHub Exploit DB Packet Storm

211278	9.8	CRITICAL Network	metinfo	metinfo	An issue was discovered in MetInfo v7.0.0 beta. There is SQL Injection via the install/index.php?action=adminsetup&cndata=yes&endata=yes&showdata=yes URI.	CWE-89 SQL Injection	CVE-2020-20800	2024-11-21 14:12	2020-10-1	Show	GitHub Exploit DB Packet Storm

211279	5.4	MEDIUM Network	elementor	elementor_page_builder	A stored XSS vulnerability exists in the Custom Link Attributes control Affect function in Elementor Page Builder 2.9.2 and earlier versions. It is caused by inadequate filtering on the link custom a…	CWE-79 Cross-site Scripting	CVE-2020-20406	2024-11-21 14:12	2020-09-17	Show	GitHub Exploit DB Packet Storm

211280	6.1	MEDIUM Network	codoforum	codoforum	Codoforum 4.8.3 allows HTML Injection in the 'admin dashboard Manage users Section.'	CWE-79 Cross-site Scripting	CVE-2020-21845	2024-11-21 14:12	2020-09-15	Show	GitHub Exploit DB Packet Storm