Vulnerability Search Top

Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

Vulnerability Information Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":April 29, 2026, 6 p.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
227761	7.5	危険	really simple php and ajax	-	RSPA におけるディレクトリトラバーサルの脆弱性	-	CVE-2007-1851	2012-12-20 18:19	2007-04-3	Show	GitHub Exploit DB Packet Storm

227762	7.5	危険	XOOPS	-	XOOPS 用の Repository モジュールにおける SQL インジェクションの脆弱性	-	CVE-2007-1847	2012-12-20 18:19	2007-04-3	Show	GitHub Exploit DB Packet Storm

227763	7.5	危険	XOOPS	-	Xoops 用の MyAds モジュールにおける SQL インジェクションの脆弱性	-	CVE-2007-1846	2012-12-20 18:19	2007-04-3	Show	GitHub Exploit DB Packet Storm

227764	7.5	危険	XOOPS	-	Xoops 用の Friendfinder モジュールにおける SQL インジェクションの脆弱性	-	CVE-2007-1838	2012-12-20 18:19	2007-04-2	Show	GitHub Exploit DB Packet Storm

227765	5	警告	web-app.org	-	web-app.org WebAPP における特定のファイルをアップロードされる脆弱性	-	CVE-2007-1832	2012-12-20 18:19	2007-04-2	Show	GitHub Exploit DB Packet Storm

227766	6	警告	web-app.org	-	web-app.org WebAPP におけるファイルを開かれる脆弱性	-	CVE-2007-1831	2012-12-20 18:19	2007-04-2	Show	GitHub Exploit DB Packet Storm

227767	4.3	警告	web-app.org	-	web-app.org WebAPP 用の Username Hijacking Patch における管理アクセス権限を取得される脆弱性	-	CVE-2007-1830	2012-12-20 18:19	2007-04-2	Show	GitHub Exploit DB Packet Storm

227768	7.5	危険	web-app.net	-	web-app.net WebAPP における脆弱性	-	CVE-2007-1829	2012-12-20 18:19	2007-03-17	Show	GitHub Exploit DB Packet Storm

227769	3.5	注意	web-app.org	-	web-app.org WebAPP におけるクロスサイトスクリプティングの脆弱性	-	CVE-2007-1828	2012-12-20 18:19	2007-04-2	Show	GitHub Exploit DB Packet Storm

227770	6	警告	web-app.org	-	web-app.org WebAPP のフォーム入力検証におけるデータファイルを破損される脆弱性	-	CVE-2007-1827	2012-12-20 18:19	2007-04-2	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:April 29, 2026, 4:51 a.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
199871	5.9	MEDIUM Network	siemens	scalance_x200-4pirt_firmware scalance_x201-3pirt_firmware scalance_x202-2irt_firmware scalance_x202-2pirt_firmware scalance_x202-2pirt_siplus_net_firmware scalance_x204irt_firmware …	A vulnerability has been identified in SCALANCE X-200 switch family (incl. SIPLUS NET variants) (All versions < V5.2.5), SCALANCE X-200IRT switch family (incl. SIPLUS NET variants) (All versions < V5…	-	CVE-2020-28391	2024-11-21 14:22	2021-01-13	Show	GitHub Exploit DB Packet Storm

199872	7.8	HIGH Local	siemens	jt2go teamcenter_visualization solid_edge	A vulnerability has been identified in JT2Go (All versions < V13.1.0.1), Solid Edge SE2020 (All Versions < SE2020MP12), Solid Edge SE2021 (All Versions < SE2021MP2), Teamcenter Visualization (All ver…	-	CVE-2020-28383	2024-11-21 14:22	2021-01-13	Show	GitHub Exploit DB Packet Storm

199873	5.3	MEDIUM Network	rocket.chat	rocket.chat	An email address enumeration vulnerability exists in the password reset function of Rocket.Chat through 3.9.1.	CWE-203 Information Exposure Through Discrepancy	CVE-2020-28208	2024-11-21 14:22	2021-01-9	Show	GitHub Exploit DB Packet Storm

199874	9.8	CRITICAL Network	pwntools_project	pwntools	This affects the package pwntools before 4.3.1. The shellcraft generator for affected versions of this module are vulnerable to Server-Side Template Injection (SSTI), which can lead to remote code ex…	CWE-74 Injection	CVE-2020-28468	2024-11-21 14:22	2021-01-8	Show	GitHub Exploit DB Packet Storm

199875	9.8	CRITICAL Network	djv_project	djv	This affects the package djv before 2.1.4. By controlling the schema file, an attacker can run arbitrary JavaScript code on the victim machine.	CWE-94 Code Injection	CVE-2020-28464	2024-11-21 14:22	2021-01-4	Show	GitHub Exploit DB Packet Storm

199876	6.5	MEDIUM Network	mantisbt	mantisbt	In MantisBT 2.24.3, SQL Injection can occur in the parameter "access" of the mc_project_get_users function through the API SOAP.	CWE-89 SQL Injection	CVE-2020-28413	2024-11-21 14:22	2020-12-31	Show	GitHub Exploit DB Packet Storm

199877	7.5	HIGH Network	tenda	ac1200_firmware	On Tenda AC1200 (Model AC6) 15.03.06.51_multi devices, a large HTTP POST request sent to the change password API will trigger the router to crash and enter an infinite boot loop.	CWE-835 Loop with Unreachable Exit Condition ('Infinite Loop')	CVE-2020-28095	2024-11-21 14:22	2020-12-31	Show	GitHub Exploit DB Packet Storm

199878	6.1	MEDIUM Network	sapplica	sentrifugo	Sentrifugo 3.2 allows Stored Cross-Site Scripting (XSS) vulnerability by inserting a payload within the X-Forwarded-For HTTP header during the login process. When an administrator looks at logs, the …	CWE-79 Cross-site Scripting	CVE-2020-28365	2024-11-21 14:22	2020-12-31	Show	GitHub Exploit DB Packet Storm

199879	9.8	CRITICAL Network	libnested_project	libnested	Prototype pollution vulnerability in 'libnested' versions 0.0.0 through 1.5.0 allows an attacker to cause a denial of service and may lead to remote code execution.	NVD-CWE-Other	CVE-2020-28283	2024-11-21 14:22	2020-12-30	Show	GitHub Exploit DB Packet Storm

199880	9.8	CRITICAL Network	getobject_project	getobject	Prototype pollution vulnerability in 'getobject' version 0.1.0 allows an attacker to cause a denial of service and may lead to remote code execution.	NVD-CWE-Other	CVE-2020-28282	2024-11-21 14:22	2020-12-30	Show	GitHub Exploit DB Packet Storm