Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":May 5, 2026, 6 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
227881 7.5 危険 WordPress.org - Wordpress および MU における SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2007-4894 2012-12-20 18:33 2007-09-8 Show GitHub Exploit DB Packet Storm
227882 4.3 警告 WordPress.org - Wordpress および MU の wp-admin/admin-functions.php におけるクロスサイトスクリプティング (XSS) 攻撃を実行される脆弱性 CWE-352
同一生成元ポリシー違反 		CVE-2007-4893 2012-12-20 18:33 2007-09-8 Show GitHub Exploit DB Packet Storm
227883 7.5 危険 swsoft - Windows 用の SWSoft Plesk における SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2007-4892 2012-12-20 18:33 2007-09-14 Show GitHub Exploit DB Packet Storm
227884 3.5 注意 XWiki - XWiki の "You are not allowed ..." のエラーハンドラにおける任意のドキュメントを読み取られる脆弱性 CWE-DesignError
CVE-2007-4888 2012-12-20 18:33 2007-01-11 Show GitHub Exploit DB Packet Storm
227885 4.3 警告 techexcel inc. - TechExcel CustomerWise におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2007-4882 2012-12-20 18:33 2007-09-13 Show GitHub Exploit DB Packet Storm
227886 7.5 危険 psi-labs - psisns の profile/myprofile.php における SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2007-4881 2012-12-20 18:33 2007-09-13 Show GitHub Exploit DB Packet Storm
227887 5 警告 Simplenews Project - SimpNews における任意の .inc ファイルをダウンロードされる脆弱性 CWE-264
認可・権限・アクセス制御 		CVE-2007-4873 2012-12-20 18:33 2007-09-27 Show GitHub Exploit DB Packet Storm
227888 5 警告 Simplenews Project - SimpleNews における重要な情報を取得される脆弱性 CWE-DesignError
CVE-2007-4872 2012-12-20 18:33 2007-09-27 Show GitHub Exploit DB Packet Storm
227889 6.8 警告 Quirm - SAXON の example.php における SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2007-4863 2012-12-20 18:33 2007-10-30 Show GitHub Exploit DB Packet Storm
227890 4.3 警告 Quirm - SAXON の admin/menu.php におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2007-4862 2012-12-20 18:33 2007-10-30 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:May 5, 2026, 4:51 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
196701 8.2 HIGH
Network 		sonicwall directory_services_connector SonicWall SSO-agent default configuration uses NetAPI to probe the associated IP's in the network, this client probing method allows a potential attacker to capture the password hash of the privilege… CWE-287
Improper Authentication 		CVE-2020-5148 2024-11-21 14:33 2021-03-5 Show GitHub Exploit DB Packet Storm
196702 5.4 MEDIUM
Network 		ibm rational_quality_manager
rational_team_concert
rational_doors_next_generation
doors_next
engineering_workflow_management
engineering_test_management
engineering_lifecycle_management… 		IBM Engineering products are vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially … CWE-79
Cross-site Scripting 		CVE-2020-4975 2024-11-21 14:33 2021-03-5 Show GitHub Exploit DB Packet Storm
196703 5.4 MEDIUM
Network 		ibm rational_quality_manager
rational_team_concert
rational_doors_next_generation
doors_next
engineering_workflow_management
engineering_test_management
engineering_lifecycle_management… 		IBM Engineering products are vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially … CWE-79
Cross-site Scripting 		CVE-2020-4866 2024-11-21 14:33 2021-03-5 Show GitHub Exploit DB Packet Storm
196704 5.4 MEDIUM
Network 		ibm rational_quality_manager
rational_team_concert
rational_doors_next_generation
doors_next
engineering_workflow_management
engineering_test_management
engineering_lifecycle_management… 		IBM Engineering products are vulnerable to stored cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality poten… CWE-79
Cross-site Scripting 		CVE-2020-4863 2024-11-21 14:33 2021-03-5 Show GitHub Exploit DB Packet Storm
196705 5.4 MEDIUM
Network 		ibm rational_quality_manager
rational_team_concert
rational_doors_next_generation
doors_next
engineering_workflow_management
engineering_test_management
engineering_lifecycle_management… 		IBM Engineering products are vulnerable to stored cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality poten… CWE-79
Cross-site Scripting 		CVE-2020-4857 2024-11-21 14:33 2021-03-5 Show GitHub Exploit DB Packet Storm
196706 5.4 MEDIUM
Network 		ibm rational_quality_manager
rational_team_concert
rational_doors_next_generation
doors_next
engineering_workflow_management
engineering_test_management
engineering_lifecycle_management… 		IBM Engineering products are vulnerable to stored cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality poten… CWE-79
Cross-site Scripting 		CVE-2020-4856 2024-11-21 14:33 2021-03-5 Show GitHub Exploit DB Packet Storm
196707 3.3 LOW
Local 		ibm cloud_application_performance_management The IBM Application Performance Monitoring UI (IBM Cloud APM 8.1.4) allows web pages to be stored locally which can be read by another user on the system. IBM X-Force ID: 187975. CWE-922
 Insecure Storage of Sensitive Information 		CVE-2020-4726 2024-11-21 14:33 2021-03-3 Show GitHub Exploit DB Packet Storm
196708 3.5 LOW
Network 		ibm cloud_application_performance_management IBM Monitoring (IBM Cloud APM 8.1.4 ) could allow an authenticated user to modify HTML content by sending a specially crafted HTTP request to the APM UI, which could mislead another user. IBM X-Force… NVD-CWE-Other
CVE-2020-4725 2024-11-21 14:33 2021-03-3 Show GitHub Exploit DB Packet Storm
196709 4.9 MEDIUM
Network 		ibm cloud_application_performance_management The IBM Cloud APM 8.1.4 server will issue a DNS request to resolve any hostname specified in the Cloud Event Management Webhook URL configuration definition. This could enable an authenticated user w… CWE-706
 Use of Incorrectly-Resolved Name or Reference 		CVE-2020-4719 2024-11-21 14:33 2021-03-3 Show GitHub Exploit DB Packet Storm
196710 6.5 MEDIUM
Network 		ibm mq IBM MQ 9.1 LTS, 9.2 LTS, and 9.1 CD AMQP Channels could allow an authenticated user to cause a denial of service due to an issue processing messages. IBM X-Force ID: 191747. NVD-CWE-noinfo
CVE-2020-4931 2024-11-21 14:33 2021-02-25 Show GitHub Exploit DB Packet Storm