Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":May 10, 2026, 6 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
228281 6.5 警告 TYPO3 Association - TYPO3 用の indexed_search システムエクステンションにおける SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2007-6381 2012-12-20 18:34 2007-12-14 Show GitHub Exploit DB Packet Storm
228282 5 警告 WordPress.org - WordPress 用の PictPress プラグインにおけるディレクトリトラバーサルの脆弱性 CWE-22
パス・トラバーサル 		CVE-2007-6369 2012-12-20 18:34 2007-12-14 Show GitHub Exploit DB Packet Storm
228283 4.3 警告 sinecms - SineCMS の guestbook におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2007-6367 2012-12-20 18:34 2007-12-14 Show GitHub Exploit DB Packet Storm
228284 7.5 危険 sinecms - SineCMS における SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2007-6366 2012-12-20 18:34 2007-12-14 Show GitHub Exploit DB Packet Storm
228285 7.8 危険 サン・マイクロシステムズ - Sun XSCF XCP におけるサービス運用妨害 (DoS) の脆弱性 CWE-noinfo
情報不足 		CVE-2007-6360 2012-12-20 18:34 2007-12-4 Show GitHub Exploit DB Packet Storm
228286 8.5 危険 scponly - scponly におけるコードを実行される脆弱性 CWE-264
認可・権限・アクセス制御 		CVE-2007-6350 2012-12-20 18:34 2007-12-14 Show GitHub Exploit DB Packet Storm
228287 6.8 警告 SquirrelMail Project - SquirrelMail における任意のコードを実行される脆弱性 CWE-94
コード・インジェクション 		CVE-2007-6348 2012-12-20 18:34 2007-12-14 Show GitHub Exploit DB Packet Storm
228288 6.8 警告 prowizard - prowiz におけるスタックベースのバッファオーバーフローの脆弱性 CWE-119
バッファエラー 		CVE-2007-6510 2012-12-20 18:34 2007-12-21 Show GitHub Exploit DB Packet Storm
228289 7.5 危険 xecms - xeCMS の view.php におけるディレクトリトラバーサルの脆弱性 CWE-22
パス・トラバーサル 		CVE-2007-6508 2012-12-20 18:34 2007-12-21 Show GitHub Exploit DB Packet Storm
228290 10 危険 トレンドマイクロ - Windows 用の Trend Micro ServerProtect における "ファイルシステムの全アクセス権限" を取得される脆弱性 CWE-264
認可・権限・アクセス制御 		CVE-2007-6507 2012-12-20 18:34 2007-07-27 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:May 11, 2026, 4:09 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
196051 6.1 MEDIUM
Network 		revive-adserver revive_adserver A reflected XSS vulnerability has been discovered in the publicly accessible afr.php delivery script of Revive Adserver <= 5.0.3 by Jacopo Tediosi. There are currently no known exploits: the session … CWE-79
Cross-site Scripting 		CVE-2020-8115 2024-11-21 14:38 2020-02-5 Show GitHub Exploit DB Packet Storm
196052 9.8 CRITICAL
Network 		phpabook_project phpabook An issue was discovered in phpABook 0.9 Intermediate. On the login page, if one sets a userInfo cookie with the value of admin+1+en (user+perms+lang), one can login as any user without a password. CWE-287
Improper Authentication 		CVE-2020-8510 2024-11-21 14:38 2020-02-4 Show GitHub Exploit DB Packet Storm
196053 4.3 MEDIUM
Network 		prototypejs prototype Prototype 1.6.0.1 allows remote authenticated users to forge ticket creation (on behalf of other user accounts) via a modified email ID field. CWE-862
 Missing Authorization 		CVE-2020-7993 2024-11-21 14:38 2020-02-4 Show GitHub Exploit DB Packet Storm
196054 9.8 CRITICAL
Network 		norman malware_cleaner nsak64.sys in Norman Malware Cleaner 2.08.08 allows users to call arbitrary kernel functions because the passing of function pointers between user and kernel mode is mishandled. CWE-787
 Out-of-bounds Write 		CVE-2020-8508 2024-11-21 14:38 2020-02-3 Show GitHub Exploit DB Packet Storm
196055 6.1 MEDIUM
Network 		maxum rumpus An issue was discovered in Rumpus 8.2.10 on macOS. By crafting a directory name, it is possible to activate JavaScript in the context of the web application after invoking the rename folder functiona… CWE-79
Cross-site Scripting 		CVE-2020-8514 2024-11-21 14:38 2020-02-3 Show GitHub Exploit DB Packet Storm
196056 5.3 MEDIUM
Network 		torproject tor The daemon in Tor through 0.4.1.8 and 0.4.2.x through 0.4.2.6 does not verify that a rendezvous node is known before attempting to connect to it, which might make it easier for remote attackers to di… NVD-CWE-noinfo
CVE-2020-8516 2024-11-21 14:38 2020-02-2 Show GitHub Exploit DB Packet Storm
196057 9.8 CRITICAL
Network 		draytek vigor2960_firmware
vigor300b_firmware
vigor3900_firmware 		DrayTek Vigor2960 1.3.1_Beta, Vigor3900 1.4.4_Beta, and Vigor300B 1.3.3_Beta, 1.4.2.1_Beta, and 1.4.4_Beta devices allow remote code execution as root (without authentication) via shell metacharacter… CWE-78
OS Command  		CVE-2020-8515 2024-11-21 14:38 2020-02-1 Show GitHub Exploit DB Packet Storm
196058 6.1 MEDIUM
Network 		icewarp icewarp_server In IceWarp Webmail Server through 11.4.4.1, there is XSS in the /webmail/ color parameter. CWE-79
Cross-site Scripting 		CVE-2020-8512 2024-11-21 14:38 2020-02-1 Show GitHub Exploit DB Packet Storm
196059 6.5 MEDIUM
Network 		arox school_management_software_php\/mysql School Management Software PHP/mySQL through 2019-03-14 allows office_admin/?action=deleteadmin CSRF to delete a user. CWE-352
 Origin Validation Error 		CVE-2020-8505 2024-11-21 14:38 2020-02-1 Show GitHub Exploit DB Packet Storm
196060 6.5 MEDIUM
Network 		arox school_management_software_php\/mysql School Management Software PHP/mySQL through 2019-03-14 allows office_admin/?action=addadmin CSRF to add an administrative user. CWE-352
 Origin Validation Error 		CVE-2020-8504 2024-11-21 14:38 2020-02-1 Show GitHub Exploit DB Packet Storm