Vulnerability Search Top

Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

Vulnerability Information Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":May 1, 2026, 6 p.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
228111	6	警告	TortoiseSVN CollabNet, Inc.	-	TortoiseSVN で使用されている Subversion におけるディレクトリトラバーサルの脆弱性	CWE-22 パス・トラバーサル	CVE-2007-3846	2012-12-20 18:33	2007-08-27	Show	GitHub Exploit DB Packet Storm

228112	9	危険	Pidgin	-	Linux 用の Pidgin における特定のコマンドを実行される脆弱性	-	CVE-2007-3841	2012-12-20 18:33	2007-07-17	Show	GitHub Exploit DB Packet Storm

228113	7.5	危険	sitetrafficstats	-	Traffic Stats の referralUrl.php における SQL インジェクションの脆弱性	-	CVE-2007-3840	2012-12-20 18:33	2007-07-17	Show	GitHub Exploit DB Packet Storm

228114	4	警告	tbdev.net	-	TBDev.NET の takeprofedit.php におけるクロスサイトスクリプティングの脆弱性	-	CVE-2007-3839	2012-12-20 18:33	2007-07-17	Show	GitHub Exploit DB Packet Storm

228115	2.6	注意	tbdev.net	-	takeprofedit.php の takeprofedit.php におけるクロスサイトスクリプティングの脆弱性	-	CVE-2007-3838	2012-12-20 18:33	2007-07-17	Show	GitHub Exploit DB Packet Storm

228116	4.9	警告	republike slovenije	-	PIRS の pirs32.exe におけるバッファオーバーフローの脆弱性	-	CVE-2007-3815	2012-12-20 18:33	2007-07-16	Show	GitHub Exploit DB Packet Storm

228117	7.5	危険	prozilla	-	Prozilla Directory Script における SQL インジェクションの脆弱性	-	CVE-2007-3809	2012-12-20 18:33	2007-07-16	Show	GitHub Exploit DB Packet Storm

228118	2.6	注意	sitescape	-	SiteScape Forum におけるクロスサイトスクリプティングの脆弱性	-	CVE-2007-3807	2012-12-20 18:33	2007-07-16	Show	GitHub Exploit DB Packet Storm

228119	6	警告	シマンテック	-	Symantec AntiVirus Corporate Edition および Client Security の RTVScan コンポーネントにおける権限を取得される脆弱性	-	CVE-2007-3800	2012-12-20 18:33	2007-07-11	Show	GitHub Exploit DB Packet Storm

228120	7.5	危険	policyd	-	Postfix 用の Cami Sardinha などの sockets.c の w_read 関数におけるバッファオーバーフローの脆弱性	-	CVE-2007-3791	2012-12-20 18:33	2007-07-15	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:May 2, 2026, 4:08 a.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
210661	7.5	HIGH Network	yubico	yubikey_one_time_password_validation_server	The verify endpoint in YubiKey Validation Server before 2.40 does not check the length of SQL queries, which allows remote attackers to cause a denial of service, aka SQL injection. NOTE: this issue …	CWE-89 SQL Injection	CVE-2020-10184	2024-11-21 13:54	2020-03-6	Show	GitHub Exploit DB Packet Storm

210662	9.8	CRITICAL Network	eset	nod32_antivirus smart_security mobile_security smart_tv_security cyber_security	The ESET AV parsing engine allows virus-detection bypass via a crafted BZ2 Checksum field in an archive. This affects versions before 1294 of Smart Security Premium, Internet Security, NOD32 Antiviru…	CWE-436 Interpretation Conflict	CVE-2020-10180	2024-11-21 13:54	2020-03-6	Show	GitHub Exploit DB Packet Storm

210663	7.0	HIGH Local	timeshift_project fedoraproject canonical	timeshift fedora ubuntu_linux	init_tmp in TeeJee.FileSystem.vala in Timeshift before 20.03 unsafely reuses a preexisting temporary directory in the predictable location /tmp/timeshift. It follows symlinks in this location or uses…	CWE-362 CWE-59 Race Condition Link Following	CVE-2020-10174	2024-11-21 13:54	2020-03-6	Show	GitHub Exploit DB Packet Storm

210664	8.8	HIGH Network	comtrend	vr-3033_firmware	Comtrend VR-3033 DE11-416SSG-C01_R02.A2pvI042j1.d26m devices have Multiple Authenticated Command Injection vulnerabilities via the ping and traceroute diagnostic pages, as demonstrated by shell metac…	CWE-78 OS Command	CVE-2020-10173	2024-11-21 13:54	2020-03-6	Show	GitHub Exploit DB Packet Storm

210665	5.4	MEDIUM Network	phpgurukul	daily_expense_tracker_system	PHPGurukul Daily Expense Tracker System 1.0 is vulnerable to stored XSS, as demonstrated by the ExpenseItem or ExpenseCost parameter in manage-expense.php.	CWE-79 Cross-site Scripting	CVE-2020-10107	2024-11-21 13:54	2020-03-5	Show	GitHub Exploit DB Packet Storm

210666	9.8	CRITICAL Network	phpgurukul	daily_expense_tracker_system	PHPGurukul Daily Expense Tracker System 1.0 is vulnerable to SQL injection, as demonstrated by the email parameter in index.php or register.php. The SQL injection allows to dump the MySQL database an…	CWE-89 SQL Injection	CVE-2020-10106	2024-11-21 13:54	2020-03-5	Show	GitHub Exploit DB Packet Storm

210667	5.3	MEDIUM Network	zammad	zammad	An issue was discovered in Zammad 3.0 through 3.2. It returns source code of static resources when submitting an OPTIONS request, rather than a GET request. Disclosure of source code allows for an at…	CWE-552 Files or Directories Accessible to External Parties	CVE-2020-10105	2024-11-21 13:54	2020-03-5	Show	GitHub Exploit DB Packet Storm

210668	4.3	MEDIUM Network	zammad	zammad	An issue was discovered in Zammad 3.0 through 3.2. After authentication, it transmits sensitive information to the user that may be compromised and used by an attacker to gain unauthorized access. Ha…	CWE-200 Information Exposure	CVE-2020-10104	2024-11-21 13:54	2020-03-5	Show	GitHub Exploit DB Packet Storm

210669	5.4	MEDIUM Network	zammad	zammad	An XSS issue was discovered in Zammad 3.0 through 3.2. Malicious code can be provided by a low-privileged user through the File Upload functionality in Zammad. The malicious JavaScript will execute w…	CWE-79 Cross-site Scripting	CVE-2020-10103	2024-11-21 13:54	2020-03-5	Show	GitHub Exploit DB Packet Storm

210670	7.5	HIGH Network	zammad	zammad	An issue was discovered in Zammad 3.0 through 3.2. The WebSocket server crashes when messages in non-JSON format are sent by an attacker. The message format is not properly checked and parsing errors…	CWE-20 CWE-755 Improper Input Validation Improper Handling of Exceptional Conditions	CVE-2020-10101	2024-11-21 13:54	2020-03-5	Show	GitHub Exploit DB Packet Storm