Vulnerability Search Top

Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

Vulnerability Information Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":May 5, 2026, 6 p.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
227971	4.3	警告	シーメンス	-	Siemens Gigaset SE361 WLAN ルータにおけるクロスサイトスクリプティングの脆弱性	-	CVE-2007-4488	2012-12-20 18:33	2007-08-22	Show	GitHub Exploit DB Packet Storm

227972	4.3	警告	WordPress.org	-	WordPress の WordPress Classic テーマの index.php におけるクロスサイトスクリプティングの脆弱性	-	CVE-2007-4483	2012-12-20 18:33	2007-08-22	Show	GitHub Exploit DB Packet Storm

227973	4.3	警告	WordPress.org	-	WordPress 用の Pool テーマの index.php におけるクロスサイトスクリプティングの脆弱性	-	CVE-2007-4482	2012-12-20 18:33	2007-08-22	Show	GitHub Exploit DB Packet Storm

227974	4.3	警告	WordPress.org	-	WordPress 用の Blix テーマなどの index.php におけるクロスサイトスクリプティングの脆弱性	-	CVE-2007-4481	2012-12-20 18:33	2007-08-16	Show	GitHub Exploit DB Packet Storm

227975	4.3	警告	WordPress.org	-	WordPress 用の Sirius テーマの index.php におけるクロスサイトスクリプティングの脆弱性	-	CVE-2007-4480	2012-12-20 18:33	2007-08-22	Show	GitHub Exploit DB Packet Storm

227976	5	警告	planet technology corp	-	Planet VC-200M VDSL2 ルータの管理インターフェースにおけるサービス運用妨害 (DoS) の脆弱性	-	CVE-2007-4477	2012-12-20 18:33	2007-08-22	Show	GitHub Exploit DB Packet Storm

227977	3.3	注意	po4a	-	po4a の lib/Locale/Po4a/Po.pm における任意のファイルを上書きされる脆弱性	-	CVE-2007-4462	2012-12-20 18:33	2007-08-15	Show	GitHub Exploit DB Packet Storm

227978	5	警告	toribash	-	Toribash のサーバにおけるサービス運用妨害 (DoS) の脆弱性	-	CVE-2007-4452	2012-12-20 18:33	2007-08-20	Show	GitHub Exploit DB Packet Storm

227979	5	警告	toribash	-	Windows 上で稼動している Toribash のサーバにおけるサービス運用妨害 (DoS) の脆弱性	-	CVE-2007-4451	2012-12-20 18:33	2007-08-20	Show	GitHub Exploit DB Packet Storm

227980	5	警告	toribash	-	Toribash のサーバにおけるプロトコル違反を誘発される脆弱性	CWE-20 不適切な入力確認	CVE-2007-4450	2012-12-20 18:33	2007-08-20	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:May 5, 2026, 4:51 a.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
196591	6.8	MEDIUM Network	gilacms	gila_cms	Gila CMS 1.11.8 allows /admin/media?path=../ Path Traversal.	CWE-22 Path Traversal	CVE-2020-5512	2024-11-21 14:34	2020-01-7	Show	GitHub Exploit DB Packet Storm

196592	7.2	HIGH Network	gilacms	gila_cms	Gila CMS 1.11.8 allows /admin/sql?query= SQL Injection.	CWE-89 SQL Injection	CVE-2020-5515	2024-11-21 14:34	2020-01-7	Show	GitHub Exploit DB Packet Storm

196593	9.1	CRITICAL Network	gilacms	gila_cms	Gila CMS 1.11.8 allows Unrestricted Upload of a File with a Dangerous Type via .phar or .phtml to the lzld/thumb?src= URI.	CWE-434 Unrestricted Upload of File with Dangerous Type	CVE-2020-5514	2024-11-21 14:34	2020-01-7	Show	GitHub Exploit DB Packet Storm

196594	7.5	HIGH Network	hashbrowncms	hashbrown_cms	An issue was discovered in HashBrown CMS before 1.3.2. Server/Entity/Resource/Connection.js allows an attacker to reach a parent directory via a crafted name or ID field.	CWE-22 Path Traversal	CVE-2020-5840	2024-11-21 14:34	2020-01-7	Show	GitHub Exploit DB Packet Storm

196595	9.8	CRITICAL Network	litespeedtech	openlitespeed	The WebAdmin Console in OpenLiteSpeed before v1.6.5 does not strictly check request URLs, as demonstrated by the "Server Configuration > External App" screen.	CWE-20 Improper Input Validation	CVE-2020-5519	2024-11-21 14:34	2020-01-6	Show	GitHub Exploit DB Packet Storm

196596	9.8	CRITICAL Network	apache	rust_sgx_sdk	Baidu Rust SGX SDK through 1.0.8 has an enclave ID race. There are non-deterministic results in which, sometimes, two global IDs are the same.	NVD-CWE-noinfo	CVE-2020-5499	2024-11-21 14:34	2020-01-4	Show	GitHub Exploit DB Packet Storm

196597	6.1	MEDIUM Network	mitreid	connect	The OpenID Connect reference implementation for MITREid Connect through 1.3.3 allows XSS due to userInfoJson being included in the page unsanitized. This is related to header.tag. The issue can be ex…	CWE-79 Cross-site Scripting	CVE-2020-5497	2024-11-21 14:34	2020-01-4	Show	GitHub Exploit DB Packet Storm

196598	8.8	HIGH Network	fontforge opensuse	fontforge leap	FontForge 20190801 has a heap-based buffer overflow in the Type2NotDefSplines() function in splinesave.c.	CWE-787 Out-of-bounds Write	CVE-2020-5496	2024-11-21 14:34	2020-01-4	Show	GitHub Exploit DB Packet Storm

196599	8.8	HIGH Network	fontforge fedoraproject opensuse	fontforge fedora leap	FontForge 20190801 has a use-after-free in SFD_GetFontMetaData in sfd.c.	CWE-416 Use After Free	CVE-2020-5395	2024-11-21 14:34	2020-01-4	Show	GitHub Exploit DB Packet Storm

196600	5.3	MEDIUM Network	ibm	safer_payments	IBM Counter Fraud Management for Safer Payments 5.7.0.00 through 5.7.0.10, 6.0.0.00 through 6.0.0.07, 6.1.0.00 through 6.1.0.05, and 6.2.0.00 through 6.2.1.00 could allow an authenticated attacker un…	NVD-CWE-noinfo	CVE-2020-4729	2024-11-21 14:33	2023-04-28	Show	GitHub Exploit DB Packet Storm