Vulnerability Search Top

Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

Vulnerability Information Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":June 14, 2026, 6 p.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
258341	4.7	警告	オラクル	-	Oracle Solaris における TCP/IP の処理に関する脆弱性	CWE-noinfo 情報不足	CVE-2010-2394	2010-08-3 19:20	2010-07-13	Show	GitHub Exploit DB Packet Storm

258342	4.9	警告	オラクル	-	Oracle Solaris における GigaSwift Ethernet ドライバの処理に関する脆弱性	CWE-noinfo 情報不足	CVE-2010-2386	2010-08-3 19:20	2010-07-13	Show	GitHub Exploit DB Packet Storm

258343	5.6	警告	オラクル	-	Oracle Solaris における ZFS の処理に関する脆弱性	CWE-noinfo 情報不足	CVE-2010-2392	2010-08-3 19:20	2010-07-13	Show	GitHub Exploit DB Packet Storm

258344	6.2	警告	オラクル	-	Oracle Solaris における rdist の処理に関する脆弱性	CWE-noinfo 情報不足	CVE-2010-0916	2010-08-3 19:20	2010-07-13	Show	GitHub Exploit DB Packet Storm

258345	7.5	危険	OpenBSD FreeBSD オラクル NetBSD	-	複数の製品の ftpd におけるクロスサイトリクエストフォージェリの脆弱性	CWE-352 同一生成元ポリシー違反	CVE-2008-4247	2010-08-3 19:19	2008-09-25	Show	GitHub Exploit DB Packet Storm

258346	7.5	危険	ターボリナックス MySQL AB	-	MySQL で使用される yaSSL における複数のスタックベースのバッファオーバーフローの脆弱性	CWE-119 バッファエラー	CVE-2009-4484	2010-08-3 18:59	2009-12-30	Show	GitHub Exploit DB Packet Storm

258347	2.1	注意	オラクル	-	Oracle Database Server の Export コンポーネントにおける脆弱性	CWE-noinfo 情報不足	CVE-2010-0901	2010-08-2 19:32	2010-07-13	Show	GitHub Exploit DB Packet Storm

258348	2.6	注意	オラクル	-	Windows 上で稼働する Oracle Database Server の Network Layer コンポーネントにおける脆弱性	CWE-noinfo 情報不足	CVE-2010-0900	2010-08-2 19:32	2010-07-13	Show	GitHub Exploit DB Packet Storm

258349	4.3	警告	オラクル	-	Oracle Database Server の Application Express コンポーネントにおける脆弱性	CWE-noinfo 情報不足	CVE-2010-0892	2010-08-2 19:32	2010-07-13	Show	GitHub Exploit DB Packet Storm

258350	6	警告	オラクル	-	Oracle Database Server の Oracle OLAP コンポーネントにおける脆弱性	CWE-noinfo 情報不足	CVE-2010-0902	2010-08-2 19:31	2010-07-13	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:June 14, 2026, 4:12 a.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
219821	7.5	HIGH Network	oklok_project	oklok	The OKLOK (3.1.1) mobile companion app for Fingerprint Bluetooth Padlock FB50 (2.3) does not correctly implement its timeout on the four-digit verification code that is required for resetting passwor…	CWE-613 CWE-307 Insufficient Session Expiration mproper Restriction of Excessive Authentication Attempts	CVE-2020-10876	2024-11-21 13:56	2020-05-4	Show	GitHub Exploit DB Packet Storm

219822	4.7	MEDIUM Local	torchbox	wagtail	In Wagtail before versions 2.7.3 and 2.8.2, a potential timing attack exists on pages or documents that have been protected with a shared password through Wagtail's "Privacy" controls. This password …	CWE-362 Race Condition	CVE-2020-11037	2024-11-21 13:56	2020-05-1	Show	GitHub Exploit DB Packet Storm

219823	5.4	MEDIUM Network	wordpress debian	wordpress debian_linux	In affected versions of WordPress, a special payload can be crafted that can lead to scripts getting executed within the search block of the block editor. This requires an authenticated user with the…	CWE-79 Cross-site Scripting	CVE-2020-11030	2024-11-21 13:56	2020-05-1	Show	GitHub Exploit DB Packet Storm

219824	6.1	MEDIUM Network	debian wordpress	debian_linux wordpress	In affected versions of WordPress, a vulnerability in the stats() method of class-wp-object-cache.php can be exploited to execute cross-site scripting (XSS) attacks. This has been patched in version …	CWE-79 Cross-site Scripting	CVE-2020-11029	2024-11-21 13:56	2020-05-1	Show	GitHub Exploit DB Packet Storm

219825	7.5	HIGH Network	wordpress debian	wordpress debian_linux	In affected versions of WordPress, some private posts, which were previously public, can result in unauthenticated disclosure under a specific set of conditions. This has been patched in version 5.4.…	CWE-306 Missing Authentication for Critical Function	CVE-2020-11028	2024-11-21 13:56	2020-05-1	Show	GitHub Exploit DB Packet Storm

219826	8.1	HIGH Network	debian wordpress	debian_linux wordpress	In affected versions of WordPress, a password reset link emailed to a user does not expire upon changing the user password. Access would be needed to the email account of the user by a malicious part…	-	CVE-2020-11027	2024-11-21 13:56	2020-05-1	Show	GitHub Exploit DB Packet Storm

219827	5.4	MEDIUM Network	wordpress debian	wordpress debian_linux	In affected versions of WordPress, files with a specially crafted name when uploaded to the Media section can lead to script execution upon accessing the file. This requires an authenticated user wit…	CWE-79 Cross-site Scripting	CVE-2020-11026	2024-11-21 13:56	2020-05-1	Show	GitHub Exploit DB Packet Storm

219828	8.8	HIGH Network	intelmq_manager_project	intelmq_manager	IntelMQ Manager from version 1.1.0 and before version 2.1.1 has a vulnerability where the backend incorrectly handled messages given by user-input in the "send" functionality of the Inspect-tool of t…	CWE-78 OS Command	CVE-2020-11016	2024-11-21 13:56	2020-05-1	Show	GitHub Exploit DB Packet Storm

219829	5.4	MEDIUM Network	wordpress debian	wordpress debian_linux	In affected versions of WordPress, a cross-site scripting (XSS) vulnerability in the navigation section of Customizer allows JavaScript code to be executed. Exploitation requires an authenticated use…	CWE-79 Cross-site Scripting	CVE-2020-11025	2024-11-21 13:56	2020-05-1	Show	GitHub Exploit DB Packet Storm

219830	9.1	CRITICAL Network	thinx-device-api_project	thinx-device-api	A vulnerability has been disclosed in thinx-device-api IoT Device Management Server before version 2.5.0. Device MAC address can be spoofed. This means initial registration requests without UDID and …	-	CVE-2020-11015	2024-11-21 13:56	2020-05-1	Show	GitHub Exploit DB Packet Storm