Vulnerability Search Top

Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

Vulnerability Information Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":April 30, 2026, 10 a.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
227411	7.8	危険	portalapp	-	PortalApp におけるデータベースをダウンロードされる脆弱性	-	CVE-2007-3252	2012-12-20 18:19	2007-06-18	Show	GitHub Exploit DB Packet Storm

227412	6.8	警告	VirtueMart	-	VirtueMart における SQL インジェクションの脆弱性	-	CVE-2007-3247	2012-12-20 18:19	2007-06-18	Show	GitHub Exploit DB Packet Storm

227413	7.5	危険	web-app.org web-app.net	-	web-app.net WebAPP などの Menu Manager Mod における任意のコマンドを実行される脆弱性	CWE-264 認可・権限・アクセス制御	CVE-2007-3242	2012-12-20 18:19	2007-06-14	Show	GitHub Exploit DB Packet Storm

227414	4.3	警告	WordPress.org	-	WordPress 用の cordobo-green-park テーマの blogroll.php におけるクロスサイトスクリプティングの脆弱性	-	CVE-2007-3241	2012-12-20 18:19	2007-06-14	Show	GitHub Exploit DB Packet Storm

227415	4.3	警告	WordPress.org	-	WordPress 用の Vistered-Little テーマの 404.php におけるクロスサイトスクリプティングの脆弱性	-	CVE-2007-3240	2012-12-20 18:19	2007-06-14	Show	GitHub Exploit DB Packet Storm

227416	4.3	警告	WordPress.org	-	WordPress 用の AndyBlue テーマの searchform.php におけるクロスサイトスクリプティングの脆弱性	-	CVE-2007-3239	2012-12-20 18:19	2007-06-14	Show	GitHub Exploit DB Packet Storm

227417	6	警告	WordPress.org	-	WordPress のデフォルトテーマの functions.php におけるクロスサイトスクリプティングの脆弱性	-	CVE-2007-3238	2012-12-20 18:19	2007-06-14	Show	GitHub Exploit DB Packet Storm

227418	6.8	警告	XOOPS	-	XOOPS 用の TinyContent モジュールにおける PHP リモートファイルインクルージョンの脆弱性	-	CVE-2007-3237	2012-12-20 18:19	2007-06-12	Show	GitHub Exploit DB Packet Storm

227419	7.5	危険	XOOPS	-	XOOPS 用の Horoscope モジュールにおける PHP リモートファイルインクルージョンの脆弱性	-	CVE-2007-3236	2012-12-20 18:19	2007-06-14	Show	GitHub Exploit DB Packet Storm

227420	5	警告	tec-it	-	TEC-IT TBarCode OCX ActiveX コントロールにおける任意のファイルを上書きされる脆弱性	-	CVE-2007-3233	2012-12-20 18:19	2007-06-14	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:April 30, 2026, 4:58 a.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
197821	5.4	MEDIUM Network	lavalite	lavalite	A stored cross site scripting (XSS) vulnerability in the /admin/roles/role component of LavaLite 5.8.0 allows authenticated attackers to execute arbitrary web scripts or HTML via a crafted payload en…	CWE-79 Cross-site Scripting	CVE-2020-36396	2024-11-21 14:29	2021-07-3	Show	GitHub Exploit DB Packet Storm

197822	5.4	MEDIUM Network	lavalite	lavalite	A stored cross site scripting (XSS) vulnerability in the /admin/user/team component of LavaLite 5.8.0 allows authenticated attackers to execute arbitrary web scripts or HTML via a crafted payload ent…	CWE-79 Cross-site Scripting	CVE-2020-36395	2024-11-21 14:29	2021-07-3	Show	GitHub Exploit DB Packet Storm

197823	8.8	HIGH Network	aomedia	libavif	libavif 0.8.0 and 0.8.1 has an out-of-bounds write in avifDecoderDataFillImageGrid.	CWE-787 Out-of-bounds Write	CVE-2020-36407	2024-11-21 14:29	2021-07-1	Show	GitHub Exploit DB Packet Storm

197824	8.8	HIGH Network	uwebsockets_project	uwebsockets	uWebSockets 18.11.0 and 18.12.0 has a stack-based buffer overflow in uWS::TopicTree::trimTree (called from uWS::TopicTree::unsubscribeAll). NOTE: the vendor's position is that this is "a minor issue …	CWE-787 Out-of-bounds Write	CVE-2020-36406	2024-11-21 14:29	2021-07-1	Show	GitHub Exploit DB Packet Storm

197825	7.8	HIGH Local	keystone-engine	keystone_engine	Keystone Engine 0.9.2 has a use-after-free in llvm_ks::X86Operand::getToken.	CWE-416 Use After Free	CVE-2020-36405	2024-11-21 14:29	2021-07-1	Show	GitHub Exploit DB Packet Storm

197826	7.8	HIGH Local	keystone-engine	keystone	Keystone Engine 0.9.2 has an invalid free in llvm_ks::SmallVectorImpl<llvm_ks::MCFixup>::~SmallVectorImpl.	CWE-763 Release of Invalid Pointer or Reference	CVE-2020-36404	2024-11-21 14:29	2021-07-1	Show	GitHub Exploit DB Packet Storm

197827	8.8	HIGH Network	htslib	htslib	HTSlib through 1.10.2 allows out-of-bounds write access in vcf_parse_format (called from vcf_parse and vcf_read).	CWE-787 Out-of-bounds Write	CVE-2020-36403	2024-11-21 14:29	2021-07-1	Show	GitHub Exploit DB Packet Storm

197828	7.8	HIGH Local	soliditylang	solidity	Solidity 0.7.5 has a stack-use-after-return issue in smtutil::CHCSmtLib2Interface::querySolver. NOTE: c39a5e2b7a3fabbf687f53a2823fc087be6c1a7e is cited in the OSV "fixed" field but does not have a co…	CWE-787 Out-of-bounds Write	CVE-2020-36402	2024-11-21 14:29	2021-07-1	Show	GitHub Exploit DB Packet Storm

197829	7.8	HIGH Local	mruby	mruby	mruby 2.1.2 has a double free in mrb_default_allocf (called from mrb_free and obj_free).	CWE-415 Double Free	CVE-2020-36401	2024-11-21 14:29	2021-07-1	Show	GitHub Exploit DB Packet Storm

197830	9.8	CRITICAL Network	zeromq	libzmq	ZeroMQ libzmq 4.3.3 has a heap-based buffer overflow in zmq::tcp_read, a different vulnerability than CVE-2021-20235.	CWE-787 Out-of-bounds Write	CVE-2020-36400	2024-11-21 14:29	2021-07-1	Show	GitHub Exploit DB Packet Storm