Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":April 30, 2026, 4 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
227551 6.8 警告 phpwcms-xt - phpWCMS XT における PHP リモートファイルインクルージョンの脆弱性 CWE-94
コード・インジェクション 		CVE-2007-5185 2012-12-20 18:33 2007-10-3 Show GitHub Exploit DB Packet Storm
227552 7.5 危険 smbftpd - SmbFTPD の dirlist.c におけるフォーマットストリングの脆弱性 CWE-134
書式文字列の問題 		CVE-2007-5184 2012-12-20 18:33 2007-09-30 Show GitHub Exploit DB Packet Storm
227553 4.3 警告 y&k iletisim formu - Y&K Iletisim Formu の iletisim.asp におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2007-5179 2012-12-20 18:33 2007-10-3 Show GitHub Exploit DB Packet Storm
227554 5 警告 quicksilver forums - Quicksilver Forums における重要な情報を取得される脆弱性 CWE-200
情報漏えい 		CVE-2007-5172 2012-12-20 18:33 2007-10-1 Show GitHub Exploit DB Packet Storm
227555 5 警告 quicksilver forums - Quicksilver Forums における任意の PMs を削除される脆弱性 CWE-264
認可・権限・アクセス制御 		CVE-2007-5171 2012-12-20 18:33 2007-10-1 Show GitHub Exploit DB Packet Storm
227556 5 警告 サン・マイクロシステムズ - Sun Fire X2100 M2 および ELOM の SP における任意のネットワークトラフィックを送信される脆弱性 CWE-264
認可・権限・アクセス制御 		CVE-2007-5170 2012-12-20 18:33 2007-09-28 Show GitHub Exploit DB Packet Storm
227557 6.8 警告 phplister - phpLister の .systeme/fonctions.php における PHP リモートファイルインクルージョンの脆弱性 CWE-94
コード・インジェクション 		CVE-2007-5167 2012-12-20 18:33 2007-10-1 Show GitHub Exploit DB Packet Storm
227558 5 警告 wzdftpd - wzdftpd の libwzd-core/wzd_login.c におけるサービス運用妨害 (DoS) の脆弱性 CWE-119
CWE-189
CVE-2007-5300 2012-12-20 18:33 2007-10-9 Show GitHub Exploit DB Packet Storm
227559 5 警告 skadate - SkaDate におけるディレクトリトラバーサルの脆弱性 CWE-22
パス・トラバーサル 		CVE-2007-5299 2012-12-20 18:33 2007-10-9 Show GitHub Exploit DB Packet Storm
227560 4.3 警告 wikepage - Wikepage Opus および TipiWiki の index.php におけるクロスサイトスクリプティングの脆弱性 CWE-79
CWE-94
CVE-2007-5295 2012-12-20 18:33 2007-10-9 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:April 30, 2026, 4:58 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
199851 5.3 MEDIUM
Network 		neomutt
mutt
debian 		neomutt
mutt
debian_linux 		Mutt before 2.0.2 and NeoMutt before 2020-11-20 did not ensure that $ssl_force_tls was processed if an IMAP server's initial server response was invalid. The connection was not properly closed, and t… CWE-287
CWE-755
Improper Authentication
 Improper Handling of Exceptional Conditions 		CVE-2020-28896 2024-11-21 14:23 2020-11-24 Show GitHub Exploit DB Packet Storm
199852 9.8 CRITICAL
Network 		winscp winscp Buffer overflow in WinSCP 5.17.8 allows a malicious FTP server to cause a denial of service or possibly have other unspecified impact via a long file name. CWE-120
Classic Buffer Overflow 		CVE-2020-28864 2024-11-21 14:23 2020-11-24 Show GitHub Exploit DB Packet Storm
199853 7.5 HIGH
Network 		scikit-learn scikit-learn svm_predict_values in svm.cpp in Libsvm v324, as used in scikit-learn 0.23.2 and other products, allows attackers to cause a denial of service (segmentation fault) via a crafted model SVM (introduced… NVD-CWE-noinfo
CVE-2020-28975 2024-11-21 14:23 2020-11-22 Show GitHub Exploit DB Packet Storm
199854 7.8 HIGH
Local 		netskope netskope A CSV injection vulnerability in the Admin portal for Netskope 75.0 allows an unauthenticated user to inject malicious payload in admin's portal thus leads to compromise admin's system. CWE-1236
 Improper Neutralization of Formula Elements in a CSV File 		CVE-2020-28845 2024-11-21 14:23 2020-11-21 Show GitHub Exploit DB Packet Storm
199855 5.0 MEDIUM
Physics 		linux
debian 		linux_kernel
debian_linux 		A slab-out-of-bounds read in fbcon in the Linux kernel before 5.9.7 could be used by local attackers to read privileged information or potentially crash the kernel, aka CID-3c4e0dff2095. This occurs … CWE-125
Out-of-bounds Read 		CVE-2020-28974 2024-11-21 14:23 2020-11-21 Show GitHub Exploit DB Packet Storm
199856 9.8 CRITICAL
Network 		tp-link wdr7400_firmware
wdr7500_firmware
wdr7660_firmware
wdr7800_firmware
wdr8400_firmware
wdr8500_firmware
wdr8600_firmware
wdr8620_firmware
wdr8640_firmware
wdr8660_firmware 		Buffer overflow in in the copy_msg_element function for the devDiscoverHandle server in the TP-Link WR and WDR series, including WDR7400, WDR7500, WDR7660, WDR7800, WDR8400, WDR8500, WDR8600, WDR8620… CWE-120
Classic Buffer Overflow 		CVE-2020-28877 2024-11-21 14:23 2020-11-21 Show GitHub Exploit DB Packet Storm
199857 5.3 MEDIUM
Network 		bigbluebutton bigbluebutton web/controllers/ApiController.groovy in BigBlueButton before 2.2.29 lacks certain parameter sanitization, as demonstrated by accepting control characters in a user name. CWE-116
 Improper Encoding or Escaping of Output 		CVE-2020-28954 2024-11-21 14:23 2020-11-20 Show GitHub Exploit DB Packet Storm
199858 4.3 MEDIUM
Network 		bigbluebutton bigbluebutton In BigBlueButton before 2.2.29, a user can vote more than once in a single poll. NVD-CWE-noinfo
CVE-2020-28953 2024-11-21 14:23 2020-11-20 Show GitHub Exploit DB Packet Storm
199859 7.5 HIGH
Network 		rclone
fedoraproject 		rclone
fedora 		An issue was discovered in Rclone before 1.53.3. Due to the use of a weak random number generator, the password generator has been producing weak passwords with much less entropy than advertised. The… CWE-331
CWE-338
 Insufficient Entropy
 Use of Cryptographically Weak Pseudo-Random Number Generator (PRNG) 		CVE-2020-28924 2024-11-21 14:23 2020-11-20 Show GitHub Exploit DB Packet Storm
199860 9.8 CRITICAL
Network 		openwrt openwrt libuci in OpenWrt before 18.06.9 and 19.x before 19.07.5 may encounter a use after free when using malicious package names. This is related to uci_parse_package in file.c and uci_strdup in util.c. CWE-416
 Use After Free 		CVE-2020-28951 2024-11-21 14:23 2020-11-20 Show GitHub Exploit DB Packet Storm