Vulnerability Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":June 22, 2026, 6:01 p.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
257481	10	危険	シスコシステムズ	-	Cisco IOS の PKI 機能における認証を回避される脆弱性	CWE-310 暗号の問題	CVE-2011-0935	2011-05-19 11:10	2011-04-14	Show	GitHub Exploit DB Packet Storm

257482	7.2	危険	IBM	-	IBM Lotus Domino のサーバコンソールにおける重要な情報を取得される脆弱性	CWE-287 不適切な認証	CVE-2011-1520	2011-05-19 11:08	2011-03-25	Show	GitHub Exploit DB Packet Storm

257483	10	危険	IBM	-	IBM Lotus Domino のリモートコンソールにおける認証を回避される脆弱性	CWE-287 不適切な認証	CVE-2011-1519	2011-05-19 11:06	2011-03-25	Show	GitHub Exploit DB Packet Storm

257484	4.3	警告	Apache Software Foundation Steinar H. Gunderson	-	Steinar H. Gunderson mpm-itk Multi-Processing Module における権限を取得される脆弱性	CWE-16 環境設定	CVE-2011-1176	2011-05-19 11:04	2011-03-29	Show	GitHub Exploit DB Packet Storm

257485	4.9	警告	IBM Apache Software Foundation アップルサイバートラスト株式会社ヒューレット・パッカードターボリナックスオラクルレッドハット	-	Apache HTTP Server における AllowOverride ディレクティブの処理に関する権限昇格の脆弱性	CWE-16 環境設定	CVE-2009-1195	2011-05-19 09:46	2009-05-28	Show	GitHub Exploit DB Packet Storm

257486	4.3	警告	KDE project レッドハット	-	KDE SC の Konqueror 内にある KHTMLPart::htmlError 関数におけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2011-1168	2011-05-18 18:30	2011-04-21	Show	GitHub Exploit DB Packet Storm

257487	4.3	警告	KDE project レッドハット	-	kdelibs の kio/kio/tcpslavebase.cpp における任意の SSL サーバになりすまされる脆弱性	CWE-20 不適切な入力確認	CVE-2011-1094	2011-05-18 18:26	2011-04-21	Show	GitHub Exploit DB Packet Storm

257488	5.8	警告	KDE project レッドハット	-	KDE SC の KGet 内にある KGetMetalink::File::isValidNameAttr 関数におけるディレクトリトラバーサルの脆弱性	CWE-22 パス・トラバーサル	CVE-2011-1586	2011-05-18 18:25	2011-04-21	Show	GitHub Exploit DB Packet Storm

257489	9.3	危険	アドビシステムズ	-	複数の Adobe 製品の CoolType ライブラリにおける任意のコードを実行される脆弱性	CWE-119 バッファエラー	CVE-2011-0610	2011-05-18 18:24	2011-04-21	Show	GitHub Exploit DB Packet Storm

257490	5.5	警告	オラクル	-	Oracle PeopleSoft Enterprise HRMS における Global Payroll Core に関する脆弱性	CWE-noinfo 情報不足	CVE-2011-0861	2011-05-18 18:23	2011-04-19	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:June 23, 2026, 4 a.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
214001	5.4	MEDIUM Network	yzmcms	yzmcms	In YzmCMS 5.6, stored XSS exists via the common/static/plugin/ueditor/1.4.3.3/php/controller.php action parameter, which allows remote attackers to upload a swf file. The swf file can be injected wit…	CWE-79 Cross-site Scripting	CVE-2020-23370	2024-11-21 14:13	2021-05-11	Show	GitHub Exploit DB Packet Storm

214002	6.1	MEDIUM Network	yzmcms	yzmcms	In YzmCMS 5.6, XSS was discovered in member/member_content/init.html via the SRC attribute of an IFRAME element because of using UEditor 1.4.3.3.	CWE-79 Cross-site Scripting	CVE-2020-23369	2024-11-21 14:13	2021-05-11	Show	GitHub Exploit DB Packet Storm

214003	7.8	HIGH Local	windscribe	windscribe	In Windscribe v1.83 Build 20, 'WindscribeService' has an Unquoted Service Path that facilitates privilege escalation.	CWE-428 Unquoted Search Path or Element	CVE-2020-22809	2024-11-21 14:13	2021-05-10	Show	GitHub Exploit DB Packet Storm

214004	8.8	HIGH Network	fork-cms	fork_cms	Cross-site request forgery (CSRF) in Fork-CMS before 5.8.2 allow remote attackers to hijack the authentication of logged administrators.	CWE-352 Origin Validation Error	CVE-2020-23264	2024-11-21 14:13	2021-05-7	Show	GitHub Exploit DB Packet Storm

214005	6.1	MEDIUM Network	fork-cms	fork_cms	Persistent Cross-site scripting vulnerability on Fork CMS version 5.8.2 allows remote attackers to inject arbitrary Javascript code via the "navigation_title" parameter and the "title" parameter in /…	CWE-79 Cross-site Scripting	CVE-2020-23263	2024-11-21 14:13	2021-05-7	Show	GitHub Exploit DB Packet Storm

214006	4.9	MEDIUM Network	chamilo	chamilo_lms	Chamilo LMS 1.11.10 does not properly manage privileges which could allow a user with Sessions administrator privilege to create a new user then use the edit user function to change this new user to …	CWE-269 Improper Privilege Management	CVE-2020-23128	2024-11-21 14:13	2021-05-6	Show	GitHub Exploit DB Packet Storm

214007	8.8	HIGH Network	chamilo	chamilo_lms	Chamilo LMS 1.11.10 is affected by Cross Site Request Forgery (CSRF) via the edit_user function by targeting an admin user.	CWE-352 Origin Validation Error	CVE-2020-23127	2024-11-21 14:13	2021-05-6	Show	GitHub Exploit DB Packet Storm

214008	4.8	MEDIUM Network	solarwinds	serv-u_ftp_server serv-u_mft_server	SolarWinds Serv-U before 15.1.6 Hotfix 3 is affected by Cross Site Scripting (XSS) via a directory name (entered by an admin) containing a JavaScript payload.	CWE-79 Cross-site Scripting	CVE-2020-22428	2024-11-21 14:13	2021-05-5	Show	GitHub Exploit DB Packet Storm

214009	9.8	CRITICAL Network	guojusoft	jeecg	Unrestricted File Upload in JEECG v4.0 and earlier allows remote attackers to execute arbitrary code or gain privileges by uploading a crafted file to the component "jeecgFormDemoController.do?common…	CWE-434 Unrestricted Upload of File with Dangerous Type	CVE-2020-23083	2024-11-21 14:13	2021-05-4	Show	GitHub Exploit DB Packet Storm

214010	6.1	MEDIUM Network	opnsense	opnsense	An open redirect issue was discovered in OPNsense through 20.1.5. The redirect parameter "url" in login page was not filtered and can redirect user to any website.	CWE-601 Open Redirect	CVE-2020-23015	2024-11-21 14:13	2021-05-4	Show	GitHub Exploit DB Packet Storm

Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed