Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":May 7, 2026, 2:09 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
227971 7.5 危険 Trivantis Corporation Inc. - Trivantis CourseMill Enterprise Learning Management System の userlogin.jsp における SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2007-6338 2012-12-20 18:34 2007-12-14 Show GitHub Exploit DB Packet Storm
227972 5 警告 sergey lyubka - Windows 上で稼動する Sergey Lyubka Simple HTTPD におけるサービス運用妨害 (DoS) の脆弱性 CWE-20
不適切な入力確認 		CVE-2007-6326 2012-12-20 18:34 2007-12-13 Show GitHub Exploit DB Packet Storm
227973 5 警告 xml2owl - xml2owl の filedownload.php におけるディレクトリトラバーサルの脆弱性 CWE-22
パス・トラバーサル 		CVE-2007-6322 2012-12-20 18:34 2007-12-13 Show GitHub Exploit DB Packet Storm
227974 4.3 警告 Roundcube.net - RoundCube webmail におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2007-6321 2012-12-20 18:34 2007-12-11 Show GitHub Exploit DB Packet Storm
227975 6.8 警告 WordPress.org - WordPress の wp-includes/query.php における SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2007-6318 2012-12-20 18:34 2007-12-11 Show GitHub Exploit DB Packet Storm
227976 5.5 警告 Real Time Logic - BarracudaDrive Web Server におけるディレクトリトラバーサルの脆弱性 CWE-22
パス・トラバーサル 		CVE-2007-6317 2012-12-20 18:34 2007-12-11 Show GitHub Exploit DB Packet Storm
227977 4.3 警告 Real Time Logic - BarracudaDrive Web Server におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2007-6316 2012-12-20 18:34 2007-12-11 Show GitHub Exploit DB Packet Storm
227978 4 警告 Real Time Logic - Group Chat の BarracudaDrive Web Server におけるサービス運用妨害 (DoS) の脆弱性 CWE-119
バッファエラー 		CVE-2007-6315 2012-12-20 18:34 2007-12-11 Show GitHub Exploit DB Packet Storm
227979 5 警告 Real Time Logic - BarracudaDrive Web Server における Web スクリプトに対するソースコードを読まれる脆弱性 CWE-20
不適切な入力確認 		CVE-2007-6314 2012-12-20 18:34 2007-12-11 Show GitHub Exploit DB Packet Storm
227980 4.3 警告 ウェブセンス - Websense Enterprise および Web Security Suite の Web Reporting Tools portal におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2007-6312 2012-12-20 18:34 2007-12-11 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:May 7, 2026, 4:22 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
209921 9.8 CRITICAL
Network 		rukovoditel rukovoditel In Rukovoditel V2.5.2, attackers can upload an arbitrary file to the server just changing the the content-type value. As a result of that, an attacker can execute a command on the server. This specif… CWE-434
 Unrestricted Upload of File with Dangerous Type  		CVE-2020-11817 2024-11-21 13:58 2020-04-28 Show GitHub Exploit DB Packet Storm
209922 3.7 LOW
Network 		openvpn
debian
fedoraproject 		openvpn
debian_linux
fedora 		An issue was discovered in OpenVPN 2.4.x before 2.4.9. An attacker can inject a data channel v2 (P_DATA_V2) packet using a victim's peer-id. Normally such packets are dropped, but if this packet arri… CWE-362
Race Condition 		CVE-2020-11810 2024-11-21 13:58 2020-04-28 Show GitHub Exploit DB Packet Storm
209923 9.8 CRITICAL
Network 		squid-cache
debian
opensuse
fedoraproject
canonical 		squid
debian_linux
leap
fedora
ubuntu_linux 		An issue was discovered in Squid before 5.0.2. A remote attacker can replay a sniffed Digest Authentication nonce to gain access to resources that are otherwise forbidden. This occurs because the att… CWE-190
 Integer Overflow or Wraparound 		CVE-2020-11945 2024-11-21 13:58 2020-04-24 Show GitHub Exploit DB Packet Storm
209924 7.5 HIGH
Network 		ntop ndpi In nDPI through 3.2 Stable, an out-of-bounds read in concat_hash_string in ssh.c can be exploited by a network-positioned attacker that can send malformed SSH protocol messages on a network segment m… CWE-125
Out-of-bounds Read 		CVE-2020-11940 2024-11-21 13:58 2020-04-24 Show GitHub Exploit DB Packet Storm
209925 9.8 CRITICAL
Network 		ntop ndpi In nDPI through 3.2 Stable, the SSH protocol dissector has multiple KEXINIT integer overflows that result in a controlled remote heap overflow in concat_hash_string in ssh.c. Due to the granular natu… CWE-787
CWE-190
 Out-of-bounds Write
 Integer Overflow or Wraparound 		CVE-2020-11939 2024-11-21 13:58 2020-04-24 Show GitHub Exploit DB Packet Storm
209926 5.9 MEDIUM
Network 		mailstore mailstore_server In MailStore Outlook Add-in (and Email Archive Outlook Add-in) through 12.1.2, the login process does not validate the validity of the certificate presented by the server. CWE-295
Improper Certificate Validation  		CVE-2020-11806 2024-11-21 13:58 2020-04-24 Show GitHub Exploit DB Packet Storm
209927 6.5 MEDIUM
Network 		gitlab gitlab An issue was discovered in GitLab CE and EE 8.15 through 12.9.2. Members of a group could still have access after the group is deleted. CWE-306
Missing Authentication for Critical Function 		CVE-2020-11649 2024-11-21 13:58 2020-04-23 Show GitHub Exploit DB Packet Storm
209928 7.5 HIGH
Network 		gitlab gitlab An issue was discovered in GitLab 10.7.0 and later through 12.9.2. A Workhorse bypass could lead to job artifact uploads and file disclosure (Exposure of Sensitive Information) via request smuggling. CWE-444
HTTP Request Smuggling 		CVE-2020-11506 2024-11-21 13:58 2020-04-23 Show GitHub Exploit DB Packet Storm
209929 7.5 HIGH
Network 		gitlab gitlab An issue was discovered in GitLab Community Edition (CE) and Enterprise Edition (EE) before 12.7.9, 12.8.x before 12.8.9, and 12.9.x before 12.9.3. A Workhorse bypass could lead to NuGet package and … CWE-444
HTTP Request Smuggling 		CVE-2020-11505 2024-11-21 13:58 2020-04-23 Show GitHub Exploit DB Packet Storm
209930 4.9 MEDIUM
Network 		jetbrains teamcity In JetBrains TeamCity 2018.2 through 2019.2.1, a project administrator was able to see scrambled password parameters used in a project. The issue was resolved in 2019.2.2. NVD-CWE-noinfo
CVE-2020-11938 2024-11-21 13:58 2020-04-22 Show GitHub Exploit DB Packet Storm