Vulnerability Search Top

Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

Vulnerability Information Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":May 2, 2026, noon

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
228001	6.8	警告	stephane pineau	-	Stephane Pineau VOTE の depouilg.php3 における PHP リモートファイルインクルージョンの脆弱性	-	CVE-2007-4384	2012-12-20 18:33	2007-08-17	Show	GitHub Exploit DB Packet Storm

228002	7.2	危険	シマンテック	-	Symantec Altiris Deployment Solution の Aclient におけるローカルのシステム権限を取得される脆弱性	-	CVE-2007-4380	2012-12-20 18:33	2007-08-13	Show	GitHub Exploit DB Packet Storm

228003	4.3	警告	rndlabs	-	Babo Violent におけるサービス運用妨害 (DoS) の脆弱性	-	CVE-2007-4379	2012-12-20 18:33	2007-08-16	Show	GitHub Exploit DB Packet Storm

228004	6.8	警告	rndlabs	-	Babo Violent におけるフォーマットストリングの脆弱性	-	CVE-2007-4378	2012-12-20 18:33	2007-08-16	Show	GitHub Exploit DB Packet Storm

228005	6.8	警告	szymon kosok	-	Szymon Kosok Best Top List の banner-upload.php における banners/ 配下の任意の PHP ファイルを実行される脆弱性	-	CVE-2007-4376	2012-12-20 18:33	2007-08-16	Show	GitHub Exploit DB Packet Storm

228006	4	警告	rndlabs	-	Babo Violent におけるメッセージを偽造される脆弱性	-	CVE-2007-4374	2012-12-20 18:33	2007-08-16	Show	GitHub Exploit DB Packet Storm

228007	6.8	警告	rndlabs	-	Babo Violent のサーバにおける認証を回避される脆弱性	-	CVE-2007-4373	2012-12-20 18:33	2007-08-16	Show	GitHub Exploit DB Packet Storm

228008	7.5	危険	racer	-	Racer の client などにおけるバッファオーバーフローの脆弱性	-	CVE-2007-4370	2012-12-20 18:33	2007-08-15	Show	GitHub Exploit DB Packet Storm

228009	5	警告	sote	-	SOTEeSKLEP の go/_files におけるディレクトリトラバーサルの脆弱性	-	CVE-2007-4369	2012-12-20 18:33	2007-08-15	Show	GitHub Exploit DB Packet Storm

228010	5	警告	wengo	-	WengoPhone におけるサービス運用妨害 (DoS) の脆弱性	-	CVE-2007-4366	2012-12-20 18:33	2007-08-15	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:May 2, 2026, 4:08 a.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
200211	5.3	MEDIUM Network	p11-kit_project	p11-kit	An issue was discovered in p11-kit 0.21.1 through 0.23.21. A heap-based buffer over-read has been discovered in the RPC protocol used by thep11-kit server/remote commands and the client library. When…	CWE-125 Out-of-bounds Read	CVE-2020-29362	2024-11-21 14:23	2020-12-16	Show	GitHub Exploit DB Packet Storm

200212	7.5	HIGH Network	p11-kit_project debian	p11-kit debian_linux	An issue was discovered in p11-kit 0.21.1 through 0.23.21. Multiple integer overflows have been discovered in the array allocations in the p11-kit library and the p11-kit list command, where overflow…	CWE-190 Integer Overflow or Wraparound	CVE-2020-29361	2024-11-21 14:23	2020-12-16	Show	GitHub Exploit DB Packet Storm

200213	6.1	MEDIUM Network	directoriespro	directories_pro	A cross-site scripting (XSS) vulnerability exists in the SabaiApps WordPress Directories Pro plugin version 1.3.45 and previous, allows attackers who have convinced a site administrator to import a s…	CWE-79 Cross-site Scripting	CVE-2020-29304	2024-11-21 14:23	2020-12-15	Show	GitHub Exploit DB Packet Storm

200214	6.1	MEDIUM Network	directoriespro	directories_pro	A cross-site scripting (XSS) vulnerability in the SabaiApp Directories Pro plugin 1.3.45 for WordPress allows remote attackers to inject arbitrary web script or HTML via a POST to /wp-admin/admin.php…	CWE-79 Cross-site Scripting	CVE-2020-29303	2024-11-21 14:23	2020-12-15	Show	GitHub Exploit DB Packet Storm

200215	5.3	MEDIUM Network	openasset	digital_asset_management	OpenAsset Digital Asset Management (DAM) 12.0.19 and earlier failed to implement access controls on /Stream/ProjectsCSV endpoint, allowing unauthenticated attackers to gain access to potentially sens…	CWE-1236 Improper Neutralization of Formula Elements in a CSV File	CVE-2020-28861	2024-11-21 14:23	2020-12-15	Show	GitHub Exploit DB Packet Storm

200216	8.8	HIGH Network	openasset	digital_asset_management	OpenAssetDigital Asset Management (DAM) through 12.0.19 does not correctly sanitize user supplied input, incorporating it into its SQL queries, allowing for authenticated blind SQL injection.	CWE-89 SQL Injection	CVE-2020-28860	2024-11-21 14:23	2020-12-15	Show	GitHub Exploit DB Packet Storm

200217	6.1	MEDIUM Network	openasset	digital_asset_management	OpenAsset Digital Asset Management (DAM) through 12.0.19 does not correctly sanitize user supplied input in multiple parameters and endpoints, allowing for reflected cross-site scripting attacks.	CWE-79 Cross-site Scripting	CVE-2020-28859	2024-11-21 14:23	2020-12-15	Show	GitHub Exploit DB Packet Storm

200218	8.8	HIGH Network	openasset	digital_asset_management	OpenAsset Digital Asset Management (DAM) through 12.0.19 does not correctly verify whether a request made to the application was intentionally made by the user, allowing for cross-site request forger…	CWE-352 Origin Validation Error	CVE-2020-28858	2024-11-21 14:23	2020-12-15	Show	GitHub Exploit DB Packet Storm

200219	6.1	MEDIUM Network	openasset	digital_asset_management	OpenAsset Digital Asset Management (DAM) through 12.0.19, does not correctly sanitize user supplied input in multiple parameters and endpoints, allowing for stored cross-site scripting attacks.	CWE-79 Cross-site Scripting	CVE-2020-28857	2024-11-21 14:23	2020-12-15	Show	GitHub Exploit DB Packet Storm

200220	7.5	HIGH Network	openasset	digital_asset_management	OpenAsset Digital Asset Management (DAM) through 12.0.19 does not correctly determine the HTTP request's originating IP address, allowing attackers to spoof it using X-Forwarded-For in the header, by…	CWE-290 Authentication Bypass by Spoofing	CVE-2020-28856	2024-11-21 14:23	2020-12-15	Show	GitHub Exploit DB Packet Storm