Vulnerability Search Top

Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

Vulnerability Information Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":April 29, 2026, 6 p.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
227541	7.8	危険	precisionid barcode	-	PrecisionID_DataMatrix.DLL の PrecisionID Barcode ActiveX コントロールにおけるサービス運用妨害 (DoS) の脆弱性	-	CVE-2007-2657	2012-12-20 18:19	2007-05-14	Show	GitHub Exploit DB Packet Storm

227542	4.4	警告	SUSE xfsdump	-	xfsdump の xfs_fsr における xfs ファイルシステム上で任意のファイルを上書きされる脆弱性	CWE-362 CWE-Other	CVE-2007-2654	2012-12-20 18:19	2007-05-11	Show	GitHub Exploit DB Packet Storm

227543	7.5	危険	voodoo circle	-	VooDoo cIRCle におけるサービス運用妨害 (DoS) の脆弱性	-	CVE-2007-2651	2012-12-20 18:19	2007-05-14	Show	GitHub Exploit DB Packet Storm

227544	7.8	危険	t-com	-	T-com Speedport W 700v における遅延を回避される脆弱性	-	CVE-2007-2649	2012-12-20 18:19	2007-05-14	Show	GitHub Exploit DB Packet Storm

227545	6.8	警告	yenc32	-	yEnc32 におけるヒープベースのバッファオーバーフローの脆弱性	-	CVE-2007-2646	2012-12-20 18:19	2007-05-14	Show	GitHub Exploit DB Packet Storm

227546	5	警告	pinkcrow designs	-	PinkCrow Designs Gallery または maGAZIn の phpThumb.php におけるディレクトリトラバーサルの脆弱性	-	CVE-2007-2643	2012-12-20 18:19	2007-05-13	Show	GitHub Exploit DB Packet Storm

227547	7.8	危険	r2k	-	R2K Gallery の galeria.php におけるディレクトリトラバーサルの脆弱性	-	CVE-2007-2642	2012-12-20 18:19	2007-05-13	Show	GitHub Exploit DB Packet Storm

227548	7.5	危険	w1l3d4	-	W1L3D4 Philboard の W1L3D4_bolum.asp における SQL インジェクションの脆弱性	-	CVE-2007-2641	2012-12-20 18:19	2007-05-13	Show	GitHub Exploit DB Packet Storm

227549	10	危険	prosysinfo	-	TFTPdWin におけるディレクトリトラバーサルの脆弱性	-	CVE-2007-2639	2012-12-20 18:19	2007-05-13	Show	GitHub Exploit DB Packet Storm

227550	10	危険	positive software	-	H-Sphere SiteStudio におけるディレクトリトラバーサルの脆弱性	-	CVE-2007-2633	2012-12-20 18:19	2007-05-13	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:April 29, 2026, 4:51 a.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
199561	6.1	MEDIUM Network	online_examination_system_project	online_examination_system	Cross-site scripting (XSS) vulnerability in Online Examination System 1.0 via the q parameter to feedback.php.	CWE-79 Cross-site Scripting	CVE-2020-29257	2024-11-21 14:23	2020-12-10	Show	GitHub Exploit DB Packet Storm

199562	7.5	HIGH Network	plummac	ik-401_firmware	An improper webserver configuration on Plum IK-401 devices with firmware before 1.02 allows an attacker (with network access to the device) to obtain the configuration file, including hashed credenti…	CWE-306 Missing Authentication for Critical Function	CVE-2020-28946	2024-11-21 14:23	2020-12-9	Show	GitHub Exploit DB Packet Storm

199563	5.5	MEDIUM Local	nlnetlabs debian	unbound name_server_daemon debian_linux	NLnet Labs Unbound, up to and including version 1.12.0, and NLnet Labs NSD, up to and including version 4.3.3, contain a local vulnerability that would allow for a local symlink attack. When writing …	CWE-59 Link Following	CVE-2020-28935	2024-11-21 14:23	2020-12-8	Show	GitHub Exploit DB Packet Storm

199564	6.1	MEDIUM Network	seeddms	seeddms	Cross-site scripting (XSS) exists in SeedDMS 6.0.13 via the folderid parameter to views/bootstrap/class.DropFolderChooser.php.	CWE-79 Cross-site Scripting	CVE-2020-28727	2024-11-21 14:23	2020-12-7	Show	GitHub Exploit DB Packet Storm

199565	7.8	HIGH Local	kaspersky	anti-ransomware_tool	The installer of Kaspersky Anti-Ransomware Tool (KART) prior to KART 4.0 Patch C was vulnerable to a DLL hijacking attack that allowed an attacker to elevate privileges during installation process.	CWE-427 Uncontrolled Search Path Element	CVE-2020-28950	2024-11-21 14:23	2020-12-5	Show	GitHub Exploit DB Packet Storm

199566	5.5	MEDIUM Local	qemu debian	qemu debian_linux	hw/net/e1000e_core.c in QEMU 5.0.0 has an infinite loop via an RX descriptor with a NULL buffer address.	CWE-835 Loop with Unreachable Exit Condition ('Infinite Loop')	CVE-2020-28916	2024-11-21 14:23	2020-12-4	Show	GitHub Exploit DB Packet Storm

199567	2.7	LOW Network	lightbend	play_framework	An issue was discovered in Play Framework 2.8.0 through 2.8.4. Carefully crafted JSON payloads sent as a form field lead to Data Amplification. This affects users migrating from a Play version prior …	NVD-CWE-Other	CVE-2020-28923	2024-11-21 14:23	2020-12-4	Show	GitHub Exploit DB Packet Storm

199568	7.2	HIGH Network	openclinic_project	openclinic	OpenClinic version 0.8.2 is affected by a medical/test_new.php insecure file upload vulnerability. This vulnerability allows authenticated users (with substantial privileges) to upload malicious file…	CWE-434 Unrestricted Upload of File with Dangerous Type	CVE-2020-28939	2024-11-21 14:23	2020-12-4	Show	GitHub Exploit DB Packet Storm

199569	5.4	MEDIUM Network	openclinic_project	openclinic	OpenClinic version 0.8.2 is affected by a stored XSS vulnerability in lib/Check.php that allows users of the application to force actions on behalf of other users.	CWE-79 Cross-site Scripting	CVE-2020-28938	2024-11-21 14:23	2020-12-4	Show	GitHub Exploit DB Packet Storm

199570	7.5	HIGH Network	openclinic_project	openclinic	OpenClinic version 0.8.2 is affected by a missing authentication vulnerability that allows unauthenticated users to access any patient's medical test results, possibly resulting in disclosure of Prot…	CWE-306 CWE-425 Missing Authentication for Critical Function Direct Request ('Forced Browsing')	CVE-2020-28937	2024-11-21 14:23	2020-12-4	Show	GitHub Exploit DB Packet Storm