Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":May 9, 2026, 6 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
228231 7.5 危険 W-Agora - w-Agora の index.php における SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2007-6647 2012-12-20 18:34 2008-01-4 Show GitHub Exploit DB Packet Storm
228232 6.8 警告 xml2owl - xml2owl の showCode.php における任意のコマンドを実行される脆弱性 CWE-94
コード・インジェクション 		CVE-2007-6632 2012-12-20 18:34 2008-01-3 Show GitHub Exploit DB Packet Storm
228233 6.8 警告 pnphpbb - PNphpBB2 の printview.php におけるディレクトリトラバーサルの脆弱性 CWE-22
パス・トラバーサル 		CVE-2007-6624 2012-12-20 18:34 2008-01-3 Show GitHub Exploit DB Packet Storm
228234 5 警告 zeuscms - ZeusCMS における絶対パストラバーサルの脆弱性 CWE-22
パス・トラバーサル 		CVE-2007-6623 2012-12-20 18:34 2008-01-3 Show GitHub Exploit DB Packet Storm
228235 7.5 危険 zeuscms - ZeusCMS の security.php における SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2007-6622 2012-12-20 18:34 2008-01-3 Show GitHub Exploit DB Packet Storm
228236 4.3 警告 simpleforum - SimpleForum の simpleforum.cgi におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2007-6616 2012-12-20 18:34 2008-01-3 Show GitHub Exploit DB Packet Storm
228237 5.8 警告 skyfex - SkyFex Client の SkyFexClient.ocx におけるバッファオーバーフローの脆弱性 CWE-119
バッファエラー 		CVE-2007-6605 2012-12-20 18:34 2007-12-31 Show GitHub Exploit DB Packet Storm
228238 5 警告 xcms - XCMS の index.php におけるディレクトリトラバーサルの脆弱性 CWE-22
パス・トラバーサル 		CVE-2007-6604 2012-12-20 18:34 2007-12-31 Show GitHub Exploit DB Packet Storm
228239 4.3 警告 phpcredo - PHCDownload におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2007-6588 2012-12-20 18:34 2007-12-28 Show GitHub Exploit DB Packet Storm
228240 7.5 危険 Plogger Project - Plogger の plog-rss.php における SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2007-6587 2012-12-20 18:34 2007-11-3 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:May 9, 2026, 5:07 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
209511 4.6 MEDIUM
Physics 		apexmic apm32f103_firmware The flash memory readout protection in Apex Microelectronics APM32F103 devices allows physical attackers to extract firmware via the debug interface and exception handling. CWE-755
 Improper Handling of Exceptional Conditions 		CVE-2020-13463 2024-11-21 14:01 2020-09-1 Show GitHub Exploit DB Packet Storm
209512 6.1 MEDIUM
Network 		o-dyn collabtive An issue was discovered in Collabtive 3.0 and later. managefile.php is vulnerable to XSS: when the action parameter is set to movefile and the id parameter corresponds to a project the current user h… CWE-79
Cross-site Scripting 		CVE-2020-13655 2024-11-21 14:01 2020-09-1 Show GitHub Exploit DB Packet Storm
209513 6.5 MEDIUM
Adjacent 		espressif esp-idf The Bluetooth Low Energy (BLE) controller implementation in Espressif ESP-IDF 4.0 through 4.2 (for ESP32 devices) returns the wrong number of completed BLE packets and triggers a reachable assertion … CWE-617
 Reachable Assertion 		CVE-2020-13595 2024-11-21 14:01 2020-09-1 Show GitHub Exploit DB Packet Storm
209514 6.5 MEDIUM
Adjacent 		espressif esp-idf The Bluetooth Low Energy (BLE) controller implementation in Espressif ESP-IDF 4.2 and earlier (for ESP32 devices) does not properly restrict the channel map field of the connection request packet on … CWE-20
 Improper Input Validation  		CVE-2020-13594 2024-11-21 14:01 2020-09-1 Show GitHub Exploit DB Packet Storm
209515 8.8 HIGH
Adjacent 		ti simplelink-cc2640r2_software_development_kit The Bluetooth Low Energy Secure Manager Protocol (SMP) implementation in Texas Instruments SimpleLink SIMPLELINK-CC2640R2-SDK through 2.2.3 allows the Diffie-Hellman check during the Secure Connectio… CWE-347
 Improper Verification of Cryptographic Signature 		CVE-2020-13593 2024-11-21 14:01 2020-09-1 Show GitHub Exploit DB Packet Storm
209516 5.9 MEDIUM
Network 		mitel micollab The Mitel MiCollab application before 9.1.332 for iOS could allow an unauthorized user to access restricted files and folders due to insufficient access control. An exploit requires a rooted iOS devi… NVD-CWE-noinfo
CVE-2020-13767 2024-11-21 14:01 2020-08-27 Show GitHub Exploit DB Packet Storm
209517 7.5 HIGH
Network 		mitel 6863_firmware
6865_firmware
6867_firmware
6869_firmware
6873_firmware
6940_firmware
6970_firmware
6930_firmware
6920_firmware
6905_firmware
6910_firmware 		The Web UI component of Mitel MiVoice 6800 and 6900 series SIP Phones with firmware before 5.1.0.SP5 could allow an unauthenticated attacker to expose sensitive information due to improper memory han… CWE-307
mproper Restriction of Excessive Authentication Attempts 		CVE-2020-13617 2024-11-21 14:01 2020-08-27 Show GitHub Exploit DB Packet Storm
209518 5.4 MEDIUM
Network 		hivemq broker_control_center An issue was discovered in HiveMQ Broker Control Center 4.3.2. A crafted clientid parameter in an MQTT packet (sent to the Broker) is reflected in the client section of the management console. The at… CWE-79
Cross-site Scripting 		CVE-2020-13821 2024-11-21 14:01 2020-08-27 Show GitHub Exploit DB Packet Storm
209519 7.5 HIGH
Network 		aedes_project aedes An issue was discovered in MoscaJS Aedes 0.42.0. lib/write.js does not properly consider exceptions during the writing of an invalid packet to a stream. CWE-755
 Improper Handling of Exceptional Conditions 		CVE-2020-13410 2024-11-21 14:01 2020-08-27 Show GitHub Exploit DB Packet Storm
209520 8.8 HIGH
Network 		i-doit i-doit A CSV injection (aka Excel Macro Injection or Formula Injection) issue in i-doit 1.14.2 allows an attacker to execute arbitrary commands via a Title parameter that is mishandled in a CSV export. CWE-1236
 Improper Neutralization of Formula Elements in a CSV File 		CVE-2020-13826 2024-11-21 14:01 2020-08-20 Show GitHub Exploit DB Packet Storm