Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":April 30, 2026, 6 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
227321 6.8 警告 ヤフー株式会社 - Yahoo! Toolbar の yt.ythelper.2 ActiveX コントロールにおけるスタックベースのバッファオーバーフローの脆弱性 CWE-119
バッファエラー 		CVE-2007-6228 2012-12-20 18:34 2007-12-4 Show GitHub Exploit DB Packet Storm
227322 7.2 危険 Fabrice Bellard - QEMU における TranslationBlock バッファを上書きされる脆弱性 CWE-119
バッファエラー 		CVE-2007-6227 2012-12-20 18:34 2007-12-4 Show GitHub Exploit DB Packet Storm
227323 5 警告 リアルネットワークス - RealPlayer に同梱されている rmoc3260.dll におけるサービス運用妨害 (DoS) の脆弱性 CWE-20
不適切な入力確認 		CVE-2007-6224 2012-12-20 18:34 2007-12-4 Show GitHub Exploit DB Packet Storm
227324 7.5 危険 phpBB - phpBB Garage の garage.php における SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2007-6223 2012-12-20 18:34 2007-12-4 Show GitHub Exploit DB Packet Storm
227325 7.8 危険 tumusika evolution - TuMusika Evolution における設定ファイルを取得される脆弱性 CWE-200
情報漏えい 		CVE-2007-6221 2012-12-20 18:34 2007-12-4 Show GitHub Exploit DB Packet Storm
227326 5 警告 typespeed - typespeed におけるサービス運用妨害 (DoS) の脆弱性 CWE-189
数値処理の問題 		CVE-2007-6220 2012-12-20 18:34 2007-12-4 Show GitHub Exploit DB Packet Storm
227327 5 警告 web-meetme - Web-MeetMe の play.php におけるディレクトリトラバーサルの脆弱性 CWE-22
パス・トラバーサル 		CVE-2007-6215 2012-12-20 18:34 2007-12-4 Show GitHub Exploit DB Packet Storm
227328 5 警告 webed - WebED の mod/chat/index.php におけるディレクトリトラバーサルの脆弱性 CWE-22
パス・トラバーサル 		CVE-2007-6213 2012-12-20 18:34 2007-12-4 Show GitHub Exploit DB Packet Storm
227329 7.2 危険 sing - Debian GNU/Linux 上で稼動している sing における任意のファイルを追加される脆弱性 CWE-264
認可・権限・アクセス制御 		CVE-2007-6211 2012-12-20 18:34 2007-12-3 Show GitHub Exploit DB Packet Storm
227330 2.1 注意 Zabbix - ZABBIX の zabbix_agentd における権限を取得される脆弱性 CWE-16
環境設定 		CVE-2007-6210 2012-12-20 18:34 2007-11-25 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:April 30, 2026, 4:58 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
199591 7.2 HIGH
Network 		liferay liferay_portal Liferay Portal Server tested on 7.3.5 GA6, 7.2.0 GA1 is affected by OS Command Injection. An administrator user can inject Groovy script to execute any OS command on the Liferay Portal Sever. NOTE: T… CWE-78
OS Command  		CVE-2020-28884 2024-11-21 14:23 2022-01-28 Show GitHub Exploit DB Packet Storm
199592 5.4 MEDIUM
Network 		checkmk checkmk A stored cross site scripting (XSS) vulnerability in Checkmk 1.6.0x prior to 1.6.0p19 allows an authenticated remote attacker to inject arbitrary JavaScript via a javascript: URL in a view title. CWE-79
Cross-site Scripting 		CVE-2020-28919 2024-11-21 14:23 2022-01-16 Show GitHub Exploit DB Packet Storm
199593 8.8 HIGH
Network 		zohocorp manageengine_applications_manager A vulnerability in the showReports module of Zoho ManageEngine Applications Manager before build 14550 allows authenticated attackers to execute a SQL injection via a crafted request. CWE-89
SQL Injection 		CVE-2020-28679 2024-11-21 14:23 2022-01-11 Show GitHub Exploit DB Packet Storm
199594 7.5 HIGH
Network 		sphinxsearch
debian 		sphinx
debian_linux 		SphinxSearch in Sphinx Technologies Sphinx through 3.1.1 allows directory traversal (in conjunction with CVE-2019-14511) because the mysql client can be used for CALL SNIPPETS and load_file operation… CWE-22
Path Traversal 		CVE-2020-29050 2024-11-21 14:23 2022-01-10 Show GitHub Exploit DB Packet Storm
199595 6.5 MEDIUM
Network 		iball wrd12en_firmware iBall WRD12EN 1.0.0 devices allow cross-site request forgery (CSRF) attacks as demonstrated by enabling DNS settings or modifying the range for IP addresses. CWE-352
 Origin Validation Error 		CVE-2020-29292 2024-11-21 14:23 2021-12-31 Show GitHub Exploit DB Packet Storm
199596 9.1 CRITICAL
Network 		zblogcn z-blogphp Z-BlogPHP v1.6.1.2100 was discovered to contain an arbitrary file deletion vulnerability via \app_del.php. NVD-CWE-Other
CVE-2020-29177 2024-11-21 14:23 2021-12-3 Show GitHub Exploit DB Packet Storm
199597 7.8 HIGH
Local 		zblogcn z-blogphp An arbitrary file upload vulnerability in Z-BlogPHP v1.6.1.2100 allows attackers to execute arbitrary code via a crafted JPG file. CWE-434
 Unrestricted Upload of File with Dangerous Type  		CVE-2020-29176 2024-11-21 14:23 2021-12-3 Show GitHub Exploit DB Packet Storm
199598 7.5 HIGH
Network 		pybbs_project pybbs A SQL injection vulnerability in TopicMapper.xml of PybbsCMS v5.2.1 allows attackers to access sensitive database information. CWE-89
SQL Injection 		CVE-2020-28702 2024-11-21 14:23 2021-11-1 Show GitHub Exploit DB Packet Storm
199599 7.8 HIGH
Local 		aplixio pdf_shapingup Aplioxio PDF ShapingUp 5.0.0.139 contains a buffer overflow which allows attackers to cause a denial of service (DoS) via a crafted PDF file. CWE-120
Classic Buffer Overflow 		CVE-2020-28969 2024-11-21 14:23 2021-10-23 Show GitHub Exploit DB Packet Storm
199600 5.4 MEDIUM
Network 		draytek vigorap_1000c_firmware
vigorap_700_firmware
vigorap_710_firmware
vigorap_800_firmware
vigorap_802_firmware
vigorap_810_firmware
vigorap_900_firmware
vigorap_902_firmware
vigor… 		Draytek VigorAP 1000C contains a stored cross-site scripting (XSS) vulnerability in the RADIUS Setting - RADIUS Server Configuration module. This vulnerability allows attackers to execute arbitrary w… CWE-79
Cross-site Scripting 		CVE-2020-28968 2024-11-21 14:23 2021-10-23 Show GitHub Exploit DB Packet Storm