Vulnerability Search Top

Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

Vulnerability Information Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":May 5, 2026, 6 p.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
228161	2.1	注意	Vtiger	-	vtiger CRM における特定ユーザのカレンダー項目を読まれる脆弱性	-	CVE-2007-3601	2012-12-20 18:33	2007-05-31	Show	GitHub Exploit DB Packet Storm

228162	4	警告	Vtiger	-	vtiger CRM の wordintegration コンポーネントにおけるフィールドレベルのセキュリティパーミッションを回避される脆弱性	-	CVE-2007-3600	2012-12-20 18:33	2007-05-9	Show	GitHub Exploit DB Packet Storm

228163	8.5	危険	Vtiger	-	vtiger CRM における連絡先情報をインポートされるなどの脆弱性	-	CVE-2007-3599	2012-12-20 18:33	2007-02-9	Show	GitHub Exploit DB Packet Storm

228164	5.5	警告	Vtiger	-	index.php の vtiger CRM における全ユーザ名などを取得される脆弱性	-	CVE-2007-3598	2012-12-20 18:33	2007-02-5	Show	GitHub Exploit DB Packet Storm

228165	6.5	警告	Vtiger	-	vtiger CRM の index.php における管理の変更を実行される脆弱性	-	CVE-2007-3616	2012-12-20 18:33	2006-10-24	Show	GitHub Exploit DB Packet Storm

228166	8.5	危険	Zen Cart	-	Zen Cart におけるセッションをハイジャックされる脆弱性	CWE-287 不適切な認証	CVE-2007-3597	2012-12-20 18:33	2007-07-6	Show	GitHub Exploit DB Packet Storm

228167	7.5	危険	vbzoom	-	VBZooM の reply.php における SQL インジェクションの脆弱性	-	CVE-2007-3588	2012-12-20 18:33	2007-07-5	Show	GitHub Exploit DB Packet Storm

228168	7.5	危険	postnuke software foundation	-	PNphpBB2 の viewforum.php における SQL インジェクションの脆弱性	-	CVE-2007-3584	2012-12-20 18:33	2007-07-5	Show	GitHub Exploit DB Packet Storm

228169	4.3	警告	PHPIDS	-	PHPIDS における任意の Web スクリプトを挿入される脆弱性	-	CVE-2007-3580	2012-12-20 18:33	2007-07-2	Show	GitHub Exploit DB Packet Storm

228170	4.3	警告	PHPIDS	-	PHPIDS における任意の Web スクリプトを挿入される脆弱性	-	CVE-2007-3579	2012-12-20 18:33	2007-07-2	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:May 5, 2026, 4:51 a.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
209971	7.5	HIGH Network	wavlink	wl-wn575a3_firmware wl-wn579g3_firmware wn531a6_firmware wn535g3_firmware wn530h4_firmware wn57x93_firmware wn572hg3_firmware wn575a4_firmware wn578a2_firmware wn579g3_firm…	An issue was discovered affecting a backup feature where a crafted POST request returns the current configuration of the device in cleartext, including the administrator password. No authentication i…	CWE-306 Missing Authentication for Critical Function	CVE-2020-10974	2024-11-21 13:56	2020-05-8	Show	GitHub Exploit DB Packet Storm

209972	7.5	HIGH Network	wavlink	wn530hg4_firmware wn531g3_firmware wn533a8_firmware wn551k1_firmware	An issue was discovered in Wavlink WN530HG4, Wavlink WN531G3, Wavlink WN533A8, and Wavlink WN551K1 affecting /cgi-bin/ExportAllSettings.sh where a crafted POST request returns the current configurati…	CWE-306 Missing Authentication for Critical Function	CVE-2020-10973	2024-11-21 13:56	2020-05-8	Show	GitHub Exploit DB Packet Storm

209973	7.5	HIGH Network	wavlink	wn530hg4_firmware wn531g3_firmware wn572hg3_firmware	An issue was discovered where a page is exposed that has the current administrator password in cleartext in the source code of the page. No authentication is required in order to reach the page (a ce…	CWE-306 CWE-522 Missing Authentication for Critical Function Insufficiently Protected Credentials	CVE-2020-10972	2024-11-21 13:56	2020-05-8	Show	GitHub Exploit DB Packet Storm

209974	8.8	HIGH Network	wavlink	wl-wn575a3_firmware wl-wn530hg4_firmware wl-wn579g3_firmware	An issue was discovered on Wavlink Jetstream devices where a crafted POST request can be sent to adm.cgi that will result in the execution of the supplied command if there is an active session at the…	CWE-20 Improper Input Validation	CVE-2020-10971	2024-11-21 13:56	2020-05-8	Show	GitHub Exploit DB Packet Storm

209975	5.4	MEDIUM Network	glpi-project	glpi	In GLPI before version 9.4.6 there are multiple related stored XSS vulnerabilities. The package is vulnerable to Stored XSS in the comments of items in the Knowledge base. Adding a comment with conte…	CWE-79 Cross-site Scripting	CVE-2020-11036	2024-11-21 13:56	2020-05-6	Show	GitHub Exploit DB Packet Storm

209976	9.3	CRITICAL Network	glpi-project fedoraproject	glpi fedora	In GLPI after version 0.83.3 and before version 9.4.6, the CSRF tokens are generated using an insecure algorithm. The implementation uses rand and uniqid and MD5 which does not provide secure values.…	CWE-327 Use of a Broken or Risky Cryptographic Algorithm	CVE-2020-11035	2024-11-21 13:56	2020-05-6	Show	GitHub Exploit DB Packet Storm

209977	6.1	MEDIUM Network	glpi-project	glpi	In GLPI before version 9.4.6, there is a vulnerability that allows bypassing the open redirect protection based which is based on a regexp. This is fixed in version 9.4.6.	CWE-601 Open Redirect	CVE-2020-11034	2024-11-21 13:56	2020-05-6	Show	GitHub Exploit DB Packet Storm

209978	7.2	HIGH Network	glpi-project	glpi	In GLPI before version 9.4.6, there is a SQL injection vulnerability for all helpdesk instances. Exploiting this vulnerability requires a technician account. This is fixed in version 9.4.6.	CWE-89 SQL Injection	CVE-2020-11032	2024-11-21 13:56	2020-05-6	Show	GitHub Exploit DB Packet Storm

209979	6.5	MEDIUM Network	zohocorp	manageengine_desktop_central	Zoho ManageEngine Desktop Central before 10.0.484 allows authenticated arbitrary file writes during ZIP archive extraction via Directory Traversal in a crafted AppDependency API request.	CWE-22 Path Traversal	CVE-2020-10859	2024-11-21 13:56	2020-05-6	Show	GitHub Exploit DB Packet Storm

209980	7.2	HIGH Network	glpi-project fedoraproject	glpi fedora	In GLPI from version 9.1 and before version 9.4.6, any API user with READ right on User itemtype will have access to full list of users when querying apirest.php/User. The response contains: - All ap…	CWE-200 Information Exposure	CVE-2020-11033	2024-11-21 13:56	2020-05-6	Show	GitHub Exploit DB Packet Storm