Vulnerability Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":June 23, 2026, 6 p.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
259481	6.8	警告	ヒューレット・パッカード	-	HP HP-UX の Software Distributor における権限を取得される脆弱性	CWE-noinfo 情報不足	CVE-2010-2712	2010-09-15 17:18	2010-08-25	Show	GitHub Exploit DB Packet Storm

259482	6	警告	レッドハット	-	Red Hat Enterprise Linux の gdm におけるアクセス制限を回避される脆弱性	CWE-DesignError	CVE-2007-5079	2010-09-15 17:18	2007-09-25	Show	GitHub Exploit DB Packet Storm

259483	9.3	危険	ImageMagick GraphicsMagick レッドハット	-	ImageMagick および GraphicsMagick の XMakeImage 関数における整数オーバーフローの脆弱性	CWE-189 数値処理の問題	CVE-2009-1882	2010-09-15 17:17	2009-06-2	Show	GitHub Exploit DB Packet Storm

259484	3.3	注意	レッドハット	-	Firefox の SPICE プラグインにおける任意のファイルを上書きされる脆弱性	CWE-59 リンク解釈の問題	CVE-2010-2794	2010-09-15 17:17	2010-08-25	Show	GitHub Exploit DB Packet Storm

259485	3.3	注意	レッドハット	-	Firefox の SPICE プラグインにおける重要な情報を取得される脆弱性	CWE-362 競合状態	CVE-2010-2792	2010-09-15 17:13	2010-08-25	Show	GitHub Exploit DB Packet Storm

259486	1.9	注意	シトリックス・システムズ	-	Citrix XenServer におけるサービス運用妨害 (DoS) の脆弱性	CWE-DesignError	CVE-2010-2619	2010-09-14 15:55	2010-06-17	Show	GitHub Exploit DB Packet Storm

259487	4.6	警告	シトリックス・システムズ	-	Citrix XenServer における認証を回避され Xen API (XAPI) を実行される脆弱性	CWE-noinfo 情報不足	CVE-2010-0633	2010-09-14 15:54	2010-02-12	Show	GitHub Exploit DB Packet Storm

259488	4.3	警告	シトリックス・システムズ	-	複数の Citrix XenServer 製品の XenAPI HTTP インターフェイスにおけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2008-3253	2010-09-14 15:54	2008-07-16	Show	GitHub Exploit DB Packet Storm

259489	7.5	危険	シトリックス・システムズ	-	Citrix XenCenterWeb の XenServer Resource Kit における PHP コードを挿入される脆弱性	CWE-94 コード・インジェクション	CVE-2009-3760	2010-09-14 15:54	2009-10-22	Show	GitHub Exploit DB Packet Storm

259490	6	警告	シトリックス・システムズ	-	Citrix XenCenterWeb の XenServer Resource Kit におけるクロスサイトリクエストフォージェリの脆弱性	CWE-352 同一生成元ポリシー違反	CVE-2009-3759	2010-09-14 15:54	2009-10-22	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:June 24, 2026, 4 a.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
209181	4.8	MEDIUM Network	4homepages	4images	4images Image Gallery Management System 1.7.11 is affected by cross-site scripting (XSS) in the Image URL. This vulnerability can result in an attacker to inject the XSS payload into the IMAGE URL. E…	CWE-79 Cross-site Scripting	CVE-2020-35853	2024-11-21 14:28	2021-01-27	Show	GitHub Exploit DB Packet Storm

209182	7.8	HIGH Local	faststone	image_viewer	FastStone Image Viewer 7.5 has an out-of-bounds write (via a crafted image file) at FSViewer.exe+0x96cf.	CWE-787 Out-of-bounds Write	CVE-2020-35845	2024-11-21 14:28	2021-01-27	Show	GitHub Exploit DB Packet Storm

209183	7.8	HIGH Local	faststone	image_viewer	FastStone Image Viewer 7.5 has an out-of-bounds write (via a crafted image file) at FSViewer.exe+0xbe9c4.	CWE-787 Out-of-bounds Write	CVE-2020-35844	2024-11-21 14:28	2021-01-27	Show	GitHub Exploit DB Packet Storm

209184	5.5	MEDIUM Local	faststone	image_viewer	FastStone Image Viewer 7.5 has an out-of-bounds write (via a crafted image file) at FSViewer.exe+0x956e.	CWE-787 Out-of-bounds Write	CVE-2020-35843	2024-11-21 14:28	2021-01-27	Show	GitHub Exploit DB Packet Storm

209185	6.1	MEDIUM Network	persis	human_resource_management_portal	The job posting recommendation form in Persis Human Resource Management Portal (Versions 17.2.00 through 17.2.35 and 19.0.00 through 19.0.20), when the "Recommend job posting" function is enabled, al…	CWE-79 Cross-site Scripting	CVE-2020-35753	2024-11-21 14:28	2021-01-27	Show	GitHub Exploit DB Packet Storm

209186	9.8	CRITICAL Network	kaspersky	tinycheck	In TinyCheck before commits 9fd360d and ea53de8, the installation script of the tool contained hard-coded credentials to the backend part of the tool. This information could be used by an attacker fo…	CWE-798 Use of Hard-coded Credentials	CVE-2020-35929	2024-11-21 14:28	2021-01-20	Show	GitHub Exploit DB Packet Storm

209187	7.5	HIGH Network	php fedoraproject debian drupal	archive_tar fedora debian_linux drupal	Tar.php in Archive_Tar through 1.4.11 allows write operations with Directory Traversal due to inadequate checking of symbolic links, a related issue to CVE-2020-28948.	CWE-22 CWE-59 Path Traversal Link Following	CVE-2020-36193	2024-11-21 14:28	2021-01-19	Show	GitHub Exploit DB Packet Storm

209188	7.7	HIGH Network	presstigers	simple_board_job	Directory traversal vulnerability in class-simple_job_board_resume_download_handler.php in the Simple Board Job plugin 2.9.3 and earlier for WordPress allows remote attackers to read arbitrary files …	CWE-22 Path Traversal	CVE-2020-35749	2024-11-21 14:28	2021-01-16	Show	GitHub Exploit DB Packet Storm

209189	5.4	MEDIUM Network	foliovision	fv_flowplayer_video_player	Cross-site scripting (XSS) vulnerability in models/list-table.php in the FV Flowplayer Video Player plugin before 7.4.37.727 for WordPress allows remote authenticated users to inject arbitrary web sc…	CWE-79 Cross-site Scripting	CVE-2020-35748	2024-11-21 14:28	2021-01-16	Show	GitHub Exploit DB Packet Storm

209190	5.3	MEDIUM Network	mantisbt	source_integration	An issue was discovered in the Source Integration plugin before 2.4.1 for MantisBT. An attacker can gain access to the Summary field of private Issues (either marked as Private, or part of a private …	NVD-CWE-noinfo	CVE-2020-36192	2024-11-21 14:28	2021-01-19	Show	GitHub Exploit DB Packet Storm

Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed