Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":May 6, 2026, 2 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
227911 7.5 危険 speedtech - SpeedTech PHP Library における PHP リモートファイルインクルージョンの脆弱性 CWE-20
CWE-94
CVE-2007-4738 2012-12-20 18:33 2007-09-6 Show GitHub Exploit DB Packet Storm
227912 7.5 危険 speedtech - STPHPLibrary における PHP リモートファイルインクルージョンの脆弱性 CWE-94
コード・インジェクション 		CVE-2007-4737 2012-12-20 18:33 2007-09-6 Show GitHub Exploit DB Packet Storm
227913 10 危険 トレンドマイクロ - Trend Micro ServerProtect の TMReg.dll におけるスタックベースのバッファオーバーフローの脆弱性 CWE-119
バッファエラー 		CVE-2007-4731 2012-12-20 18:33 2007-09-11 Show GitHub Exploit DB Packet Storm
227914 5 警告 weboddity - Web Oddity におけるディレクトリトラバーサルの脆弱性 CWE-22
パス・トラバーサル 		CVE-2007-4726 2012-12-20 18:33 2007-09-5 Show GitHub Exploit DB Packet Storm
227915 7.5 危険 weblogicnet - Weblogicnet における PHP リモートファイルインクルージョンの脆弱性 CWE-94
コード・インジェクション 		CVE-2007-4715 2012-12-20 18:33 2007-09-5 Show GitHub Exploit DB Packet Storm
227916 7.5 危険 yvora - Yvora の error_view.php における SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2007-4714 2012-12-20 18:33 2007-09-5 Show GitHub Exploit DB Packet Storm
227917 4.3 警告 roi revolution - Urchin の urchin.cgi におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2007-4713 2012-12-20 18:33 2007-09-5 Show GitHub Exploit DB Packet Storm
227918 4.3 警告 www.toms-seiten.at - Toms Gaestebuch におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2007-4711 2012-12-20 18:33 2007-09-5 Show GitHub Exploit DB Packet Storm
227919 7.5 危険 phpBB - phpBB 用の Links MOD における SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2007-4653 2012-12-20 18:33 2007-09-4 Show GitHub Exploit DB Packet Storm
227920 6.4 警告 xgb - xGB の xGB.php における不特定の変更を実行される脆弱性 CWE-noinfo
情報不足 		CVE-2007-4637 2012-12-20 18:33 2007-08-31 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:May 6, 2026, 4:08 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
196571 6.1 MEDIUM
Network 		zenphoto zenphoto Cross-site scripting vulnerability in Zenphoto versions prior to 1.5.7 allows remote attackers to inject an arbitrary JavaScript via unspecified vectors. CWE-79
Cross-site Scripting 		CVE-2020-5592 2024-11-21 14:34 2020-06-11 Show GitHub Exploit DB Packet Storm
196572 6.7 MEDIUM
Local 		dell latitude_5300_firmware
latitude_5300_2-in-1_firmware
latitude_5400_firmware
latitude_5401_firmware
latitude_5500_firmware
latitude_5501_firmware
latitude_7200_2_in_1_firmware
lat… 		Select Dell Client Consumer and Commercial platforms include an issue that allows the BIOS Admin password to be changed through Dell's manageability interface without knowledge of the current BIOS Ad… NVD-CWE-Other
CVE-2020-5363 2024-11-21 14:34 2020-06-11 Show GitHub Exploit DB Packet Storm
196573 8.8 HIGH
Adjacent 		sony wf-1000x_firmware
wf-sp700n_firmware
wh-1000xm2_firmware
wh-1000xm3_firmware
wh-ch700n_firmware
wh-h900n_firmware
wh-xb700_firmware
wh-xb900n_firmware
wi-1000x_firmware
wi-… 		SONY Wireless Headphones WF-1000X, WF-SP700N, WH-1000XM2, WH-1000XM3, WH-CH700N, WH-H900N, WH-XB700, WH-XB900N, WI-1000X, WI-C600N and WI-SP600N with firmware versions prior to 4.5.2 have vulnerabili… CWE-306
Missing Authentication for Critical Function 		CVE-2020-5589 2024-11-21 14:34 2020-06-9 Show GitHub Exploit DB Packet Storm
196574 7.5 HIGH
Network 		xack xack_dns XACK DNS 1.11.0 to 1.11.4, 1.10.0 to 1.10.8, 1.8.0 to 1.8.23, 1.7.0 to 1.7.18, and versions before 1.7.0 allow remote attackers to cause a denial of service condition resulting in degradation of the … CWE-674
 Uncontrolled Recursion 		CVE-2020-5591 2024-11-21 14:34 2020-06-6 Show GitHub Exploit DB Packet Storm
196575 7.5 HIGH
Network 		vmware spring_cloud_config Spring Cloud Config, versions 2.2.x prior to 2.2.3, versions 2.1.x prior to 2.1.9, and older unsupported versions allow applications to serve arbitrary configuration files through the spring-cloud-co… CWE-22
Path Traversal 		CVE-2020-5410 2024-11-21 14:34 2020-06-3 Show GitHub Exploit DB Packet Storm
196576 4.6 MEDIUM
Physics 		cybozu kintone Android App 'kintone mobile for Android' 1.0.0 to 2.5 allows an attacker to obtain credential information registered in the product via unspecified vectors. CWE-200
Information Exposure 		CVE-2020-5573 2024-11-21 14:34 2020-05-29 Show GitHub Exploit DB Packet Storm
196577 4.6 MEDIUM
Physics 		cybozu mailwise Android App 'Mailwise for Android' 1.0.0 to 1.0.1 allows an attacker to obtain credential information registered in the product via unspecified vectors. CWE-200
Information Exposure 		CVE-2020-5572 2024-11-21 14:34 2020-05-29 Show GitHub Exploit DB Packet Storm
196578 9.8 CRITICAL
Network 		cybozu desktop Cybozu Desktop for Windows 2.0.23 to 2.2.40 allows remote code execution via unspecified vectors. CWE-20
 Improper Input Validation  		CVE-2020-5537 2024-11-21 14:34 2020-05-25 Show GitHub Exploit DB Packet Storm
196579 7.8 HIGH
Local 		druva insync_client Relative path traversal in Druva inSync Windows Client 6.6.3 allows a local, unauthenticated attacker to execute arbitrary operating system commands with SYSTEM privileges. CWE-22
Path Traversal 		CVE-2020-5752 2024-11-21 14:34 2020-05-22 Show GitHub Exploit DB Packet Storm
196580 7.5 HIGH
Network 		dell emc_isilon_onefs Dell EMC Isilon versions 8.2.2 and earlier contain a remotesupport vulnerability. The pre-configured support account, remotesupport, is bundled in the Dell EMC Isilon OneFS installation. This account… CWE-330
 Use of Insufficiently Random Values 		CVE-2020-5365 2024-11-21 14:34 2020-05-21 Show GitHub Exploit DB Packet Storm