Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":May 4, 2026, noon

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
227611 4.3 警告 phpslideshow - PHPSlideShow の phpslideshow.php におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2007-6135 2012-12-20 18:33 2007-11-27 Show GitHub Exploit DB Packet Storm
227612 7.5 危険 PHPKIT - PHPKIT の pkinc/public/article.php における SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2007-6134 2012-12-20 18:33 2007-11-27 Show GitHub Exploit DB Packet Storm
227613 2.1 注意 レッドハット - scanbuttond の buttonpressed.sh における任意のファイルを上書きされる脆弱性 CWE-16
環境設定 		CVE-2007-6131 2012-12-20 18:33 2007-11-14 Show GitHub Exploit DB Packet Storm
227614 7.5 危険 project alumni - project alumni における SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2007-6127 2012-12-20 18:33 2007-11-26 Show GitHub Exploit DB Packet Storm
227615 4.3 警告 project alumni - project alumni におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2007-6126 2012-12-20 18:33 2007-11-26 Show GitHub Exploit DB Packet Storm
227616 7.5 危険 softbiz - Softbiz Freelancers Script の search_form.php における SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2007-6125 2012-12-20 18:33 2007-11-26 Show GitHub Exploit DB Packet Storm
227617 4.3 警告 softbiz - Softbiz Freelancers Script の signin.php におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2007-6124 2012-12-20 18:33 2007-11-26 Show GitHub Exploit DB Packet Storm
227618 6.8 警告 talkback - TalkBack における PHP リモートファイルインクルージョンの脆弱性 CWE-94
コード・インジェクション 		CVE-2007-6105 2012-12-20 18:33 2007-11-23 Show GitHub Exploit DB Packet Storm
227619 2.6 注意 The phpMyAdmin Project - phpMyAdmin の libraries/auth/cookie.auth.lib.php におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2007-6100 2012-12-20 18:33 2007-11-20 Show GitHub Exploit DB Packet Storm
227620 9.3 危険 phpbbviet - phpBBViet の includes/functions_mod_user.php における PHP リモートファイルインクルージョンの脆弱性 CWE-94
コード・インジェクション 		CVE-2007-6088 2012-12-20 18:33 2007-11-21 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:May 4, 2026, 4:06 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
200601 9.6 CRITICAL
Network 		mydbr mydbr myDBR 5.8.3/4262 is affected by: Cross Site Scripting (XSS). The impact is: execute arbitrary code (remote). The component is: CSRF Token. The attack vector is: CSRF token injection to XSS. CWE-79
Cross-site Scripting 		CVE-2020-28149 2024-11-21 14:22 2021-03-16 Show GitHub Exploit DB Packet Storm
200602 5.5 MEDIUM
Local 		siemens solid_edge A vulnerability has been identified in Solid Edge SE2020 (All Versions < SE2020MP13), Solid Edge SE2021 (All Versions < SE2021MP3). When opening a specially crafted SEECTCXML file, the application co… - CVE-2020-28387 2024-11-21 14:22 2021-03-16 Show GitHub Exploit DB Packet Storm
200603 7.8 HIGH
Local 		siemens solid_edge A vulnerability has been identified in Solid Edge SE2020 (All versions < SE2020MP13), Solid Edge SE2021 (All Versions < SE2021MP4). Affected applications lack proper validation of user-supplied data … CWE-787
 Out-of-bounds Write 		CVE-2020-28385 2024-11-21 14:22 2021-03-16 Show GitHub Exploit DB Packet Storm
200604 6.1 MEDIUM
Network 		inetsoftware i-net_clear_reports I-Net Software Clear Reports 20.10.136 web application accepts a user-controlled input that specifies a link to an external site, and uses the user supplied data in a Redirect. CWE-601
Open Redirect 		CVE-2020-28150 2024-11-21 14:22 2021-03-10 Show GitHub Exploit DB Packet Storm
200605 7.5 HIGH
Network 		nats nats_server This affects all versions of package github.com/nats-io/nats-server/server. Untrusted accounts are able to crash the server using configs that represent a service export/import cycles. Disclaimer fro… NVD-CWE-noinfo
CVE-2020-28466 2024-11-21 14:22 2021-03-7 Show GitHub Exploit DB Packet Storm
200606 8.1 HIGH
Network 		xmlhttprequest_project xmlhttprequest This affects the package xmlhttprequest before 1.7.0; all versions of package xmlhttprequest-ssl. Provided requests are sent synchronously (async=False on xhr.open), malicious user input flowing into… CWE-94
Code Injection 		CVE-2020-28502 2024-11-21 14:22 2021-03-6 Show GitHub Exploit DB Packet Storm
200607 9.1 CRITICAL
Network 		zohocorp manageengine_desktop_central Zoho ManageEngine Desktop Central before build 10.0.647 allows a single authentication secret from multiple agents to communicate with the server. CWE-287
Improper Authentication 		CVE-2020-28050 2024-11-21 14:22 2021-03-6 Show GitHub Exploit DB Packet Storm
200608 9.8 CRITICAL
Network 		cgal
fedoraproject
debian 		computational_geometry_algorithms_library
fedora
debian_linux 		A code execution vulnerability exists in the Nef polygon-parsing functionality of CGAL libcgal CGAL-5.1.1. An oob read vulnerability exists in Nef_2/PM_io_parser.h PM_io_parser::read_vertex() Face_of… - CVE-2020-28601 2024-11-21 14:22 2021-03-5 Show GitHub Exploit DB Packet Storm
200609 7.5 HIGH
Network 		epignosishq efront A predictable seed vulnerability exists in the password reset functionality of Epignosis EfrontPro 5.2.21. By predicting the seed it is possible to generate the correct password reset 1-time token. A… CWE-335
 Incorrect Usage of Seeds in Pseudo-Random Number Generator (PRNG) 		CVE-2020-28597 2024-11-21 14:22 2021-03-4 Show GitHub Exploit DB Packet Storm
200610 6.5 MEDIUM
Network 		slic3r
fedoraproject 		libslic3r
fedora 		An out-of-bounds read vulnerability exists in the AMF File AMFParserContext::endElement() functionality of Slic3r libslic3r 1.3.0 and Master Commit 92abbc42. A specially crafted AMF file can lead to … CWE-125
Out-of-bounds Read 		CVE-2020-28591 2024-11-21 14:22 2021-03-4 Show GitHub Exploit DB Packet Storm