Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":May 4, 2026, 6 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
227471 4.3 警告 phpcredo - PHCDownload の search.php におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2007-6669 2012-12-20 18:34 2008-01-7 Show GitHub Exploit DB Packet Storm
227472 7.5 危険 Zenphoto - Zenphoto の rss.php における SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2007-6666 2012-12-20 18:34 2008-01-4 Show GitHub Exploit DB Packet Storm
227473 7.5 危険 webportal - WebPortal CMS の index.php における SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2007-6664 2012-12-20 18:34 2008-01-4 Show GitHub Exploit DB Packet Storm
227474 7.5 危険 pragmaticutopia - Joomla! 用の Pragmatic Utopia PU Arcade コンポーネントにおける SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2007-6663 2012-12-20 18:34 2008-01-4 Show GitHub Exploit DB Packet Storm
227475 7.5 危険 xcms - XCMS の cpie.php における静的コードを直接挿入する攻撃を実行される脆弱性 CWE-94
コード・インジェクション 		CVE-2007-6652 2012-12-20 18:34 2008-01-4 Show GitHub Exploit DB Packet Storm
227476 5 警告 sanybee gallery - SanyBee Gallery の index.php におけるディレクトリトラバーサルの脆弱性 CWE-22
パス・トラバーサル 		CVE-2007-6648 2012-12-20 18:34 2008-01-4 Show GitHub Exploit DB Packet Storm
227477 7.5 危険 W-Agora - w-Agora の index.php における SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2007-6647 2012-12-20 18:34 2008-01-4 Show GitHub Exploit DB Packet Storm
227478 6.8 警告 xml2owl - xml2owl の showCode.php における任意のコマンドを実行される脆弱性 CWE-94
コード・インジェクション 		CVE-2007-6632 2012-12-20 18:34 2008-01-3 Show GitHub Exploit DB Packet Storm
227479 6.8 警告 pnphpbb - PNphpBB2 の printview.php におけるディレクトリトラバーサルの脆弱性 CWE-22
パス・トラバーサル 		CVE-2007-6624 2012-12-20 18:34 2008-01-3 Show GitHub Exploit DB Packet Storm
227480 5 警告 zeuscms - ZeusCMS における絶対パストラバーサルの脆弱性 CWE-22
パス・トラバーサル 		CVE-2007-6623 2012-12-20 18:34 2008-01-3 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:May 5, 2026, 4:51 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
196881 5.4 MEDIUM
Network 		ibm curam_social_program_management An XPath vulnerability may impact IBM Curam Social Program Management 7.0.9 and 7.0.10, caused by the improper handling of user-supplied input. By sending a specially-crafted input, a remote attacker… CWE-91
Blind XPath Injection 		CVE-2020-4774 2024-11-21 14:33 2020-10-12 Show GitHub Exploit DB Packet Storm
196882 6.5 MEDIUM
Network 		ibm curam_social_program_management A cross-site request forgery (CSRF) vulnerability may impact IBM Curam Social Program Management 7.0.9 and 7.0.10, which is an attack that forces a user to execute unwanted actions on the web applica… CWE-352
 Origin Validation Error 		CVE-2020-4773 2024-11-21 14:33 2020-10-12 Show GitHub Exploit DB Packet Storm
196883 8.1 HIGH
Network 		ibm curam_social_program_management An XML External Entity Injection (XXE) vulnerability may impact IBM Curam Social Program Management 7.0.9 and 7.0.10. A remote attacker could exploit this vulnerability to expose sensitive informatio… CWE-611
XXE 		CVE-2020-4772 2024-11-21 14:33 2020-10-12 Show GitHub Exploit DB Packet Storm
196884 5.3 MEDIUM
Adjacent 		ibm security_access_manager
security_verify_access 		IBM Security Access Manager 9.0.7 and IBM Security Verify Access 10.0.0 could allow an attacker to obtain sensitive using timing side channel attacks which could aid in further attacks against the sy… CWE-203
 Information Exposure Through Discrepancy 		CVE-2020-4699 2024-11-21 14:33 2020-10-12 Show GitHub Exploit DB Packet Storm
196885 5.3 MEDIUM
Adjacent 		ibm security_access_manager
security_verify_access 		IBM Security Access Manager 9.0.7 and IBM Security Verify Access 10.0.0 could allow an attacker to obtain sensitive using timing side channel attacks which could aid in further attacks against the sy… CWE-203
 Information Exposure Through Discrepancy 		CVE-2020-4661 2024-11-21 14:33 2020-10-12 Show GitHub Exploit DB Packet Storm
196886 5.3 MEDIUM
Adjacent 		ibm security_access_manager
security_verify_access 		IBM Security Access Manager 9.0.7 and IBM Security Verify Access 10.0.0 could allow an attacker to obtain sensitive using timing side channel attacks which could aid in further attacks against the sy… CWE-203
 Information Exposure Through Discrepancy 		CVE-2020-4660 2024-11-21 14:33 2020-10-12 Show GitHub Exploit DB Packet Storm
196887 5.3 MEDIUM
Network 		sonicwall sonicos
sonicosv 		SonicOS SSLVPN login page allows a remote unauthenticated attacker to perform firewall management administrator username enumeration based on the server responses. This vulnerability affected SonicOS… CWE-203
 Information Exposure Through Discrepancy 		CVE-2020-5143 2024-11-21 14:33 2020-10-12 Show GitHub Exploit DB Packet Storm
196888 6.1 MEDIUM
Network 		sonicwall sonicos
sonicosv 		A stored cross-site scripting (XSS) vulnerability exists in the SonicOS SSLVPN web interface. A remote unauthenticated attacker is able to store and potentially execute arbitrary JavaScript code in t… CWE-79
Cross-site Scripting 		CVE-2020-5142 2024-11-21 14:33 2020-10-12 Show GitHub Exploit DB Packet Storm
196889 6.5 MEDIUM
Network 		sonicwall sonicos
sonicosv 		A vulnerability in SonicOS allows a remote unauthenticated attacker to brute force Virtual Assist ticket ID in the firewall SSLVPN service. This vulnerability affected SonicOS Gen 5 version 5.9.1.7, … CWE-307
mproper Restriction of Excessive Authentication Attempts 		CVE-2020-5141 2024-11-21 14:33 2020-10-12 Show GitHub Exploit DB Packet Storm
196890 7.5 HIGH
Network 		sonicwall sonicos
sonicosv 		A vulnerability in SonicOS allows a remote unauthenticated attacker to cause Denial of Service (DoS) on the firewall SSLVPN service by sending a malicious HTTP request that leads to memory addresses … CWE-125
Out-of-bounds Read 		CVE-2020-5140 2024-11-21 14:33 2020-10-12 Show GitHub Exploit DB Packet Storm