Vulnerability Search Top

Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

Vulnerability Information Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":June 24, 2026, 12:02 p.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
258611	9.3	危険	アップルアドビシステムズレッドハットオラクル	-	Adobe Flash Player における任意のコードを実行される脆弱性	CWE-noinfo 情報不足	CVE-2010-3650	2011-02-2 15:06	2010-11-4	Show	GitHub Exploit DB Packet Storm

258612	9.3	危険	アップルアドビシステムズレッドハットオラクル	-	Adobe Flash Player における任意のコードを実行される脆弱性	CWE-noinfo 情報不足	CVE-2010-3649	2011-02-2 15:06	2010-11-4	Show	GitHub Exploit DB Packet Storm

258613	9.3	危険	アップルアドビシステムズレッドハットオラクル	-	Adobe Flash Player における任意のコードを実行される脆弱性	CWE-noinfo 情報不足	CVE-2010-3648	2011-02-2 15:06	2010-11-4	Show	GitHub Exploit DB Packet Storm

258614	9.3	危険	アップルアドビシステムズレッドハットオラクル	-	Adobe Flash Player における任意のコードを実行される脆弱性	CWE-noinfo 情報不足	CVE-2010-3647	2011-02-2 15:05	2010-11-4	Show	GitHub Exploit DB Packet Storm

258615	9.3	危険	アップルアドビシステムズレッドハットオラクル	-	Adobe Flash Player における任意のコードを実行される脆弱性	CWE-noinfo 情報不足	CVE-2010-3646	2011-02-2 15:05	2010-11-4	Show	GitHub Exploit DB Packet Storm

258616	9.3	危険	アップルアドビシステムズレッドハットオラクル	-	Adobe Flash Player における任意のコードを実行される脆弱性	CWE-noinfo 情報不足	CVE-2010-3645	2011-02-2 15:05	2010-11-4	Show	GitHub Exploit DB Packet Storm

258617	10	危険	アドバンテック株式会社	-	Advantech Studio Test Web Server にバッファオーバーフローの脆弱性	CWE-119 バッファエラー	CVE-2011-0488	2011-02-2 15:00	2011-01-13	Show	GitHub Exploit DB Packet Storm

258618	10	危険	WellinTech	-	WellinTech KingView 6.53 にヒープオーバーフローの脆弱性	CWE-119 バッファエラー	CVE-2011-0406	2011-02-2 14:59	2011-01-13	Show	GitHub Exploit DB Packet Storm

258619	6.8	警告	PNG Development Group	-	libpng 1.5.0 の png_set_rgb_to_gray() 関数に脆弱性	CWE-189 数値処理の問題	CVE-2011-0408	2011-02-2 14:59	2011-01-12	Show	GitHub Exploit DB Packet Storm

258620	5	警告	PolyVision	-	PolyVision RoomWizard に脆弱性	CWE-200 情報漏えい	CVE-2010-0214	2011-02-2 14:59	2011-01-11	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:June 24, 2026, 4 a.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
214001	5.4	MEDIUM Network	yzmcms	yzmcms	In YzmCMS 5.6, stored XSS exists via the common/static/plugin/ueditor/1.4.3.3/php/controller.php action parameter, which allows remote attackers to upload a swf file. The swf file can be injected wit…	CWE-79 Cross-site Scripting	CVE-2020-23370	2024-11-21 14:13	2021-05-11	Show	GitHub Exploit DB Packet Storm

214002	6.1	MEDIUM Network	yzmcms	yzmcms	In YzmCMS 5.6, XSS was discovered in member/member_content/init.html via the SRC attribute of an IFRAME element because of using UEditor 1.4.3.3.	CWE-79 Cross-site Scripting	CVE-2020-23369	2024-11-21 14:13	2021-05-11	Show	GitHub Exploit DB Packet Storm

214003	7.8	HIGH Local	windscribe	windscribe	In Windscribe v1.83 Build 20, 'WindscribeService' has an Unquoted Service Path that facilitates privilege escalation.	CWE-428 Unquoted Search Path or Element	CVE-2020-22809	2024-11-21 14:13	2021-05-10	Show	GitHub Exploit DB Packet Storm

214004	8.8	HIGH Network	fork-cms	fork_cms	Cross-site request forgery (CSRF) in Fork-CMS before 5.8.2 allow remote attackers to hijack the authentication of logged administrators.	CWE-352 Origin Validation Error	CVE-2020-23264	2024-11-21 14:13	2021-05-7	Show	GitHub Exploit DB Packet Storm

214005	6.1	MEDIUM Network	fork-cms	fork_cms	Persistent Cross-site scripting vulnerability on Fork CMS version 5.8.2 allows remote attackers to inject arbitrary Javascript code via the "navigation_title" parameter and the "title" parameter in /…	CWE-79 Cross-site Scripting	CVE-2020-23263	2024-11-21 14:13	2021-05-7	Show	GitHub Exploit DB Packet Storm

214006	4.9	MEDIUM Network	chamilo	chamilo_lms	Chamilo LMS 1.11.10 does not properly manage privileges which could allow a user with Sessions administrator privilege to create a new user then use the edit user function to change this new user to …	CWE-269 Improper Privilege Management	CVE-2020-23128	2024-11-21 14:13	2021-05-6	Show	GitHub Exploit DB Packet Storm

214007	8.8	HIGH Network	chamilo	chamilo_lms	Chamilo LMS 1.11.10 is affected by Cross Site Request Forgery (CSRF) via the edit_user function by targeting an admin user.	CWE-352 Origin Validation Error	CVE-2020-23127	2024-11-21 14:13	2021-05-6	Show	GitHub Exploit DB Packet Storm

214008	4.8	MEDIUM Network	solarwinds	serv-u_ftp_server serv-u_mft_server	SolarWinds Serv-U before 15.1.6 Hotfix 3 is affected by Cross Site Scripting (XSS) via a directory name (entered by an admin) containing a JavaScript payload.	CWE-79 Cross-site Scripting	CVE-2020-22428	2024-11-21 14:13	2021-05-5	Show	GitHub Exploit DB Packet Storm

214009	9.8	CRITICAL Network	guojusoft	jeecg	Unrestricted File Upload in JEECG v4.0 and earlier allows remote attackers to execute arbitrary code or gain privileges by uploading a crafted file to the component "jeecgFormDemoController.do?common…	CWE-434 Unrestricted Upload of File with Dangerous Type	CVE-2020-23083	2024-11-21 14:13	2021-05-4	Show	GitHub Exploit DB Packet Storm

214010	6.1	MEDIUM Network	opnsense	opnsense	An open redirect issue was discovered in OPNsense through 20.1.5. The redirect parameter "url" in login page was not filtered and can redirect user to any website.	CWE-601 Open Redirect	CVE-2020-23015	2024-11-21 14:13	2021-05-4	Show	GitHub Exploit DB Packet Storm