Vulnerability Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":June 19, 2026, 6 p.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
259641	9.3	危険	Artifex Software サイバートラスト株式会社サン・マイクロシステムズレッドハット	-	ICC Format ライブラリにおける整数オーバーフローの脆弱性	CWE-119 バッファエラー	CVE-2009-0583	2010-02-17 11:43	2009-03-23	Show	GitHub Exploit DB Packet Storm

259642	6	警告	Artifex Software サイバートラスト株式会社レッドハット	-	Ghostscript の zseticcspace() 関数におけるバッファオーバーフローの脆弱性	CWE-119 バッファエラー	CVE-2008-0411	2010-02-17 11:43	2008-02-27	Show	GitHub Exploit DB Packet Storm

259643	2.1	注意	サイバートラスト株式会社レッドハット	-	lm_sensors の pwmconfig (スクリプト)における不適切な一時ファイル作成によるシンボリックリンク攻撃を受ける脆弱性	-	CVE-2005-2672	2010-02-17 11:43	2005-08-22	Show	GitHub Exploit DB Packet Storm

259644	9.3	危険	アップル	-	Apple Mac OS X の Image RAW における任意のコードを実行される脆弱性	CWE-119 バッファエラー	CVE-2010-0037	2010-02-16 11:45	2010-01-19	Show	GitHub Exploit DB Packet Storm

259645	9.3	危険	アップル	-	Apple Mac OS X の CoreAudio における任意のコードを実行される脆弱性	CWE-119 バッファエラー	CVE-2010-0036	2010-02-16 11:45	2010-01-19	Show	GitHub Exploit DB Packet Storm

259646	9.3	危険	アドビシステムズ	-	Adobe Shockwave Player における任意のコードを実行される脆弱性	CWE-189 数値処理の問題	CVE-2009-4003	2010-02-16 11:44	2010-01-19	Show	GitHub Exploit DB Packet Storm

259647	9.3	危険	アドビシステムズ	-	Adobe Shockwave Player における任意のコードを実行される脆弱性	CWE-119 バッファエラー	CVE-2009-4002	2010-02-16 11:44	2010-01-19	Show	GitHub Exploit DB Packet Storm

259648	6.9	警告	サイバートラスト株式会社 Linux レッドハット	-	Linux kernel における競合状態の脆弱性	CWE-362 競合状態	CVE-2009-3547	2010-02-16 11:44	2009-11-3	Show	GitHub Exploit DB Packet Storm

259649	4.9	警告	サイバートラスト株式会社 Linux レッドハット	-	Linux kernel の netlink サブシステムにおける重要な情報を取得される脆弱性	CWE-200 情報漏えい	CVE-2005-4881	2010-02-16 11:43	2009-10-19	Show	GitHub Exploit DB Packet Storm

259650	4.7	警告	サイバートラスト株式会社 Linux レッドハット	-	Linux kernel の execve 関数におけるサービス運用妨害 (DoS) の脆弱性	CWE-Other その他	CVE-2009-2848	2010-02-16 11:43	2009-08-18	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:June 19, 2026, 4:01 a.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
209231	9.8	CRITICAL Network	ultimatemember	ultimate_member	An issue was discovered in the Ultimate Member plugin before 2.1.12 for WordPress, aka Unauthenticated Privilege Escalation via User Roles. Due to the lack of filtering on the role parameter that cou…	NVD-CWE-noinfo	CVE-2020-36157	2024-11-21 14:28	2021-01-5	Show	GitHub Exploit DB Packet Storm

209232	8.8	HIGH Network	ultimatemember	ultimate_member	An issue was discovered in the Ultimate Member plugin before 2.1.12 for WordPress, aka Authenticated Privilege Escalation via Profile Update. Any user with wp-admin access to the profile.php page cou…	CWE-269 Improper Privilege Management	CVE-2020-36156	2024-11-21 14:28	2021-01-5	Show	GitHub Exploit DB Packet Storm

209233	9.8	CRITICAL Network	ultimatemember	ultimate_member	An issue was discovered in the Ultimate Member plugin before 2.1.12 for WordPress, aka Unauthenticated Privilege Escalation via User Meta. An attacker could supply an array parameter for sensitive me…	CWE-269 Improper Privilege Management	CVE-2020-36155	2024-11-21 14:28	2021-01-5	Show	GitHub Exploit DB Packet Storm

209234	7.8	HIGH Local	pearson	vue_testing_system	The Application Wrapper in Pearson VUE VTS Installer 2.3.1911 has Full Control permissions for Everyone in the "%SYSTEMDRIVE%\Pearson VUE" directory, which allows local users to obtain administrative…	CWE-732 Incorrect Permission Assignment for Critical Resource	CVE-2020-36154	2024-11-21 14:28	2021-01-5	Show	GitHub Exploit DB Packet Storm

209235	9.8	CRITICAL Network	cse_bookstore_project	cse_bookstore	CSE Bookstore version 1.0 is vulnerable to time-based blind, boolean-based blind and OR error-based SQL injection in pubid parameter in bookPerPub.php and in cart.php. A successful exploitation of th…	CWE-89 SQL Injection	CVE-2020-36112	2024-11-21 14:28	2021-01-5	Show	GitHub Exploit DB Packet Storm

209236	7.5	HIGH Network	ffmpeg debian	ffmpeg debian_linux	decode_frame in libavcodec/exr.c in FFmpeg 4.3.1 has an out-of-bounds write because of errors in calculations of when to perform memset zero operations.	CWE-787 Out-of-bounds Write	CVE-2020-35965	2024-11-21 14:28	2021-01-4	Show	GitHub Exploit DB Packet Storm

209237	6.5	MEDIUM Network	ffmpeg	ffmpeg	track_header in libavformat/vividas.c in FFmpeg 4.3.1 has an out-of-bounds write because of incorrect extradata packing.	CWE-787 Out-of-bounds Write	CVE-2020-35964	2024-11-21 14:28	2021-01-4	Show	GitHub Exploit DB Packet Storm

209238	7.8	HIGH Local	treasuredata	fluent_bit	flb_gzip_compress in flb_gzip.c in Fluent Bit before 1.6.4 has an out-of-bounds write because it does not use the correct calculation of the maximum gzip data-size expansion.	CWE-787 Out-of-bounds Write	CVE-2020-35963	2024-11-21 14:28	2021-01-4	Show	GitHub Exploit DB Packet Storm

209239	7.5	HIGH Network	loopring	loopring	The sellTokenForLRC function in the vault protocol in the smart contract implementation for Loopring (LRC), an Ethereum token, lacks access control for fee swapping and thus allows price manipulation.	NVD-CWE-noinfo	CVE-2020-35962	2024-11-21 14:28	2021-01-3	Show	GitHub Exploit DB Packet Storm

209240	6.5	MEDIUM Network	php-fusion	php-fusion	login.php in PHPFusion (aka PHP-Fusion) Andromeda 9.x before 2020-12-30 generates error messages that distinguish between incorrect username and incorrect password (i.e., not a single "Incorrect user…	NVD-CWE-noinfo	CVE-2020-35952	2024-11-21 14:28	2021-01-3	Show	GitHub Exploit DB Packet Storm

Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed