Vulnerability Search Top

Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

Vulnerability Information Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":May 4, 2026, 2 p.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
228021	4.3	警告	ZyXEL	-	Zyxel Zywall 2 デバイス上で稼動する ZyNOS の管理インターフェースにおけるクロスサイトスクリプティングの脆弱性	-	CVE-2007-4318	2012-12-20 18:33	2007-08-13	Show	GitHub Exploit DB Packet Storm

228022	4.3	警告	ZyXEL	-	Zyxel Zywall 2 デバイス上で稼動する ZyNOS の管理インターフェースにおけるクロスサイトリクエストフォージェリの脆弱性	-	CVE-2007-4317	2012-12-20 18:33	2007-08-13	Show	GitHub Exploit DB Packet Storm

228023	4.3	警告	ZyXEL	-	Zyxel Zywall 2 上で稼動する ZyNOS の管理インターフェースにおける管理アクションを実行される脆弱性	-	CVE-2007-4316	2012-12-20 18:33	2007-08-13	Show	GitHub Exploit DB Packet Storm

228024	6.8	警告	pixlie	-	Pixlie の pixlie.php におけるリモートディレクトリツリーのファイルを読み込まれる脆弱性	-	CVE-2007-4314	2012-12-20 18:33	2007-08-13	Show	GitHub Exploit DB Packet Storm

228025	4.3	警告	サン・マイクロシステムズ	-	Sun Solaris の finger デーモンにおける特定の非標準 GECOS フィールドを伴うアカウントを全てリスト化される脆弱性	-	CVE-2007-4310	2012-12-20 18:33	2007-08-13	Show	GitHub Exploit DB Packet Storm

228026	4.3	警告	Lamp Design	-	Storesprite におけるクロスサイトスクリプティングの脆弱性	-	CVE-2007-4307	2012-12-20 18:33	2007-08-13	Show	GitHub Exploit DB Packet Storm

228027	4.3	警告	The phpMyAdmin Project	-	phpMyAdmin におけるクロスサイトスクリプティングの脆弱性	-	CVE-2007-4306	2012-12-20 18:33	2007-08-13	Show	GitHub Exploit DB Packet Storm

228028	6.2	警告	systrace Todd C. Miller sysjail	-	NetBSD および OpenBSD 上で稼動している Systrace の Sudo monitor mode などにおけるシステムコール割り込みを無効にされる脆弱性	-	CVE-2007-4305	2012-12-20 18:33	2007-08-13	Show	GitHub Exploit DB Packet Storm

228029	6.8	警告	サン・マイクロシステムズ	-	Sun Java System Portal Server における任意の Java メソッドを実行される脆弱性	-	CVE-2007-4289	2012-12-20 18:33	2007-08-3	Show	GitHub Exploit DB Packet Storm

228030	5	警告	s9y	-	Serendipity の entryproperties プラグインにおけるパスワード保護を回避される脆弱性	-	CVE-2007-4282	2012-12-20 18:33	2007-08-8	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:May 4, 2026, 4:06 a.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
210271	7.8	HIGH Local	freebsd	freebsd	grub2-bhyve, as used in FreeBSD bhyve before revision 525916 2020-02-12, mishandles font loading by a guest through a grub2.cfg file, leading to a buffer overflow.	CWE-120 Classic Buffer Overflow	CVE-2020-10566	2024-11-21 13:55	2020-03-14	Show	GitHub Exploit DB Packet Storm

210272	7.8	HIGH Local	freebsd	freebsd	grub2-bhyve, as used in FreeBSD bhyve before revision 525916 2020-02-12, does not validate the address provided as part of a memrw command (read_* or write_*) by a guest through a grub2.cfg file. Thi…	CWE-119 Incorrect Access of Indexable Resource ('Range Error')	CVE-2020-10565	2024-11-21 13:55	2020-03-14	Show	GitHub Exploit DB Packet Storm

210273	9.8	CRITICAL Network	iptanus	wordpress_file_upload	An issue was discovered in the File Upload plugin before 4.13.0 for WordPress. A directory traversal can lead to remote code execution by uploading a crafted txt file into the lib directory, because …	CWE-22 Path Traversal	CVE-2020-10564	2024-11-21 13:55	2020-03-14	Show	GitHub Exploit DB Packet Storm

210274	9.8	CRITICAL Network	devome	grr	An issue was discovered in DEVOME GRR before 3.4.1c. frmcontactlist.php mishandles a SQL query.	CWE-89 SQL Injection	CVE-2020-10563	2024-11-21 13:55	2020-03-14	Show	GitHub Exploit DB Packet Storm

210275	7.2	HIGH Network	devome	grr	An issue was discovered in DEVOME GRR before 3.4.1c. admin_edit_room.php mishandles file uploads.	CWE-434 Unrestricted Upload of File with Dangerous Type	CVE-2020-10562	2024-11-21 13:55	2020-03-14	Show	GitHub Exploit DB Packet Storm

210276	6.1	MEDIUM Network	primetek	primefaces	An XSS issue was discovered in tooltip/tooltip.js in PrimeTek PrimeFaces 7.0.11. In a web application using PrimeFaces, an attacker can provide JavaScript code in an input field whose data is later u…	CWE-79 Cross-site Scripting	CVE-2020-10544	2024-11-21 13:55	2020-03-14	Show	GitHub Exploit DB Packet Storm

210277	9.8	CRITICAL Network	zohocorp	manageengine_opmanager	Zoho ManageEngine OpManager before 12.4.179 allows remote code execution via a specially crafted Mail Server Settings v1 API request. This was fixed in 12.5.108.	NVD-CWE-noinfo	CVE-2020-10541	2024-11-21 13:55	2020-03-13	Show	GitHub Exploit DB Packet Storm

210278	8.8	HIGH Network	untis	webuntis	Untis WebUntis before 2020.9.6 allows CSRF for certain combinations of rights and modules.	CWE-352 Origin Validation Error	CVE-2020-10540	2024-11-21 13:55	2020-03-13	Show	GitHub Exploit DB Packet Storm

210279	5.3	MEDIUM Network	gitlab	gitlab	GitLab 12.8.x before 12.8.6, when sign-up is enabled, allows remote attackers to bypass email domain restrictions within the two-day grace period for an unconfirmed email address.	NVD-CWE-noinfo	CVE-2020-10535	2024-11-21 13:55	2020-03-13	Show	GitHub Exploit DB Packet Storm

210280	9.8	CRITICAL Network	mediawiki	mediawiki	In the GlobalBlocking extension before 2020-03-10 for MediaWiki through 1.34.0, an issue related to IP range evaluation resulted in blocked users re-gaining escalated privileges. This is related to t…	CWE-863 Incorrect Authorization	CVE-2020-10534	2024-11-21 13:55	2020-03-13	Show	GitHub Exploit DB Packet Storm