Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":April 30, 2026, 6 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
227491 7.5 危険 TIBCO Software - TIBCO SmartPGM FX におけるフォーマットストリングの脆弱性 CWE-134
書式文字列の問題 		CVE-2007-5545 2012-12-20 18:33 2007-10-18 Show GitHub Exploit DB Packet Storm
227492 10 危険 runcms - RunCms の newbb_plus における脆弱性 CWE-noinfo
情報不足 		CVE-2007-5535 2012-12-20 18:33 2007-10-17 Show GitHub Exploit DB Packet Storm
227493 4.6 警告 sitebar - SiteBar の translator.php における任意の PHP コードを実行される脆弱性 CWE-94
コード・インジェクション 		CVE-2007-5492 2012-12-20 18:33 2007-10-17 Show GitHub Exploit DB Packet Storm
227494 9 危険 sitebar - SiteBar の translator.php におけるディレクトリトラバーサルの脆弱性 CWE-22
パス・トラバーサル 		CVE-2007-5491 2012-12-20 18:33 2007-10-17 Show GitHub Exploit DB Packet Storm
227495 5 警告 wwwisis - WWWISIS の wxis.exe におけるディレクトリトラバーサルの脆弱性 CWE-22
パス・トラバーサル 		CVE-2007-5484 2012-12-20 18:33 2007-10-16 Show GitHub Exploit DB Packet Storm
227496 6.4 警告 サン・マイクロシステムズ - Sun StorEdge/StorageTek 3510 FC Array の FTP サービスにおけるサービス運用妨害 (DoS) の脆弱性 CWE-noinfo
情報不足 		CVE-2007-5482 2012-12-20 18:33 2007-10-15 Show GitHub Exploit DB Packet Storm
227497 4.3 警告 xcomputer - Xcomputer の Search.asp におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2007-5479 2012-12-20 18:33 2007-10-16 Show GitHub Exploit DB Packet Storm
227498 4.3 警告 valve software - WebMod Half-Life Dedicated Server プラグインの auth.w におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2007-5477 2012-12-20 18:33 2007-10-16 Show GitHub Exploit DB Packet Storm
227499 7.8 危険 SUSE - SUSE Linux Enterprise Server の ISC BIND named デーモンで使用される libgssapi におけるサービス運用妨害 (DoS) の脆弱性 CWE-DesignError
CVE-2007-5471 2012-12-20 18:33 2007-10-15 Show GitHub Exploit DB Packet Storm
227500 5 警告 viart - ViArt Shop の iDEAL payment モジュール における証明書および鍵ファイルのパス名を取得される脆弱性 CWE-22
パス・トラバーサル 		CVE-2007-5463 2012-12-20 18:33 2007-10-15 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:April 30, 2026, 4:58 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
199851 5.3 MEDIUM
Network 		neomutt
mutt
debian 		neomutt
mutt
debian_linux 		Mutt before 2.0.2 and NeoMutt before 2020-11-20 did not ensure that $ssl_force_tls was processed if an IMAP server's initial server response was invalid. The connection was not properly closed, and t… CWE-287
CWE-755
Improper Authentication
 Improper Handling of Exceptional Conditions 		CVE-2020-28896 2024-11-21 14:23 2020-11-24 Show GitHub Exploit DB Packet Storm
199852 9.8 CRITICAL
Network 		winscp winscp Buffer overflow in WinSCP 5.17.8 allows a malicious FTP server to cause a denial of service or possibly have other unspecified impact via a long file name. CWE-120
Classic Buffer Overflow 		CVE-2020-28864 2024-11-21 14:23 2020-11-24 Show GitHub Exploit DB Packet Storm
199853 7.5 HIGH
Network 		scikit-learn scikit-learn svm_predict_values in svm.cpp in Libsvm v324, as used in scikit-learn 0.23.2 and other products, allows attackers to cause a denial of service (segmentation fault) via a crafted model SVM (introduced… NVD-CWE-noinfo
CVE-2020-28975 2024-11-21 14:23 2020-11-22 Show GitHub Exploit DB Packet Storm
199854 7.8 HIGH
Local 		netskope netskope A CSV injection vulnerability in the Admin portal for Netskope 75.0 allows an unauthenticated user to inject malicious payload in admin's portal thus leads to compromise admin's system. CWE-1236
 Improper Neutralization of Formula Elements in a CSV File 		CVE-2020-28845 2024-11-21 14:23 2020-11-21 Show GitHub Exploit DB Packet Storm
199855 5.0 MEDIUM
Physics 		linux
debian 		linux_kernel
debian_linux 		A slab-out-of-bounds read in fbcon in the Linux kernel before 5.9.7 could be used by local attackers to read privileged information or potentially crash the kernel, aka CID-3c4e0dff2095. This occurs … CWE-125
Out-of-bounds Read 		CVE-2020-28974 2024-11-21 14:23 2020-11-21 Show GitHub Exploit DB Packet Storm
199856 9.8 CRITICAL
Network 		tp-link wdr7400_firmware
wdr7500_firmware
wdr7660_firmware
wdr7800_firmware
wdr8400_firmware
wdr8500_firmware
wdr8600_firmware
wdr8620_firmware
wdr8640_firmware
wdr8660_firmware 		Buffer overflow in in the copy_msg_element function for the devDiscoverHandle server in the TP-Link WR and WDR series, including WDR7400, WDR7500, WDR7660, WDR7800, WDR8400, WDR8500, WDR8600, WDR8620… CWE-120
Classic Buffer Overflow 		CVE-2020-28877 2024-11-21 14:23 2020-11-21 Show GitHub Exploit DB Packet Storm
199857 5.3 MEDIUM
Network 		bigbluebutton bigbluebutton web/controllers/ApiController.groovy in BigBlueButton before 2.2.29 lacks certain parameter sanitization, as demonstrated by accepting control characters in a user name. CWE-116
 Improper Encoding or Escaping of Output 		CVE-2020-28954 2024-11-21 14:23 2020-11-20 Show GitHub Exploit DB Packet Storm
199858 4.3 MEDIUM
Network 		bigbluebutton bigbluebutton In BigBlueButton before 2.2.29, a user can vote more than once in a single poll. NVD-CWE-noinfo
CVE-2020-28953 2024-11-21 14:23 2020-11-20 Show GitHub Exploit DB Packet Storm
199859 7.5 HIGH
Network 		rclone
fedoraproject 		rclone
fedora 		An issue was discovered in Rclone before 1.53.3. Due to the use of a weak random number generator, the password generator has been producing weak passwords with much less entropy than advertised. The… CWE-331
CWE-338
 Insufficient Entropy
 Use of Cryptographically Weak Pseudo-Random Number Generator (PRNG) 		CVE-2020-28924 2024-11-21 14:23 2020-11-20 Show GitHub Exploit DB Packet Storm
199860 9.8 CRITICAL
Network 		openwrt openwrt libuci in OpenWrt before 18.06.9 and 19.x before 19.07.5 may encounter a use after free when using malicious package names. This is related to uci_parse_package in file.c and uci_strdup in util.c. CWE-416
 Use After Free 		CVE-2020-28951 2024-11-21 14:23 2020-11-20 Show GitHub Exploit DB Packet Storm