Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":May 7, 2026, 6 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
228281 4.4 警告 PWI, Inc. - Privatefirewall におけるサービス運用妨害 (DoS) の脆弱性 CWE-20
不適切な入力確認 		CVE-2007-4968 2012-12-20 18:33 2007-09-18 Show GitHub Exploit DB Packet Storm
228282 5 警告 Gilles Vollant - WinImage におけるサービス運用妨害 (DoS) の脆弱性 CWE-20
不適切な入力確認 		CVE-2007-4964 2012-12-20 18:33 2007-09-18 Show GitHub Exploit DB Packet Storm
228283 9.3 危険 Gilles Vollant - WinImage におけるコピー先のファイル名を偽造される脆弱性 CWE-Other
その他 		CVE-2007-4963 2012-12-20 18:33 2007-09-18 Show GitHub Exploit DB Packet Storm
228284 9.3 危険 Gilles Vollant - WinImage におけるディレクトリトラバーサルの脆弱性 CWE-22
パス・トラバーサル 		CVE-2007-4962 2012-12-20 18:33 2007-09-18 Show GitHub Exploit DB Packet Storm
228285 4.3 警告 TinyWebGallery - TWG におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2007-4958 2012-12-20 18:33 2007-09-18 Show GitHub Exploit DB Packet Storm
228286 7.5 危険 simpcms - SimpCMS の index.php における SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2007-4953 2012-12-20 18:33 2007-09-18 Show GitHub Exploit DB Packet Storm
228287 5.1 警告 webmedia explorer - webmex における PHP リモートファイルインクルージョンの脆弱性 CWE-94
コード・インジェクション 		CVE-2007-4948 2012-12-20 18:33 2007-09-18 Show GitHub Exploit DB Packet Storm
228288 6.8 警告 phpffl - phpFFL における PHP リモートファイルインクルージョンの脆弱性 CWE-94
コード・インジェクション 		CVE-2007-4935 2012-12-20 18:33 2007-09-18 Show GitHub Exploit DB Packet Storm
228289 4.6 警告 phpffl - phpFFL における PHP リモートファイルインクルージョンの脆弱性 CWE-94
コード・インジェクション 		CVE-2007-4934 2012-12-20 18:33 2007-09-18 Show GitHub Exploit DB Packet Storm
228290 7.5 危険 shop-script - Shop-Script の includes/admin/sub/conf_appearence.php における任意の PHP コードを挿入される脆弱性 CWE-94
コード・インジェクション 		CVE-2007-4933 2012-12-20 18:33 2007-09-18 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:May 7, 2026, 4:22 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
200931 6.1 MEDIUM
Network 		projectworlds travel_management_system XSS in signup form in Project Worlds Online Examination System 1.0 allows remote attacker to inject arbitrary code via the name field CWE-79
Cross-site Scripting 		CVE-2020-29205 2024-11-21 14:23 2021-05-18 Show GitHub Exploit DB Packet Storm
200932 5.4 MEDIUM
Network 		deskpro deskpro Deskpro Cloud Platform and on-premise 2020.2.3.48207 from 2020-07-30 contains a cross-site scripting (XSS) vulnerability that can lead to an account takeover via custom email templates. CWE-79
Cross-site Scripting 		CVE-2020-28722 2024-11-21 14:23 2021-05-13 Show GitHub Exploit DB Packet Storm
200933 6.1 MEDIUM
Network 		open-xchange open-xchange_appsuite OX App Suite 7.10.4 and earlier allows XSS via crafted content to reach an undocumented feature, such as ![](http://onerror=Function.constructor, in a Notes item. CWE-79
Cross-site Scripting 		CVE-2020-28945 2024-11-21 14:23 2021-05-4 Show GitHub Exploit DB Packet Storm
200934 7.5 HIGH
Network 		open-xchange ox_guard OX Guard 2.10.4 and earlier allows a Denial of Service via a WKS server that responds slowly or with a large amount of data. CWE-400
 Uncontrolled Resource Consumption 		CVE-2020-28944 2024-11-21 14:23 2021-05-1 Show GitHub Exploit DB Packet Storm
200935 6.5 MEDIUM
Network 		open-xchange open-xchange_appsuite OX App Suite 7.10.4 and earlier allows SSRF via a snippet. CWE-918
Server-Side Request Forgery (SSRF)  		CVE-2020-28943 2024-11-21 14:23 2021-05-1 Show GitHub Exploit DB Packet Storm
200936 7.5 HIGH
Network 		abus secvest_wireless_alarm_system_fuaa50000_firmware The ABUS Secvest wireless alarm system FUAA50000 (v3.01.17) fails to properly authenticate some requests to its built-in HTTPS interface. Someone can use this vulnerability to obtain sensitive inform… CWE-287
Improper Authentication 		CVE-2020-28973 2024-11-21 14:23 2021-04-22 Show GitHub Exploit DB Packet Storm
200937 5.3 MEDIUM
Network 		resourcexpress resourcexpress In QED ResourceXpress through 4.9k, a large numeric or alphanumeric value submitted in specific URL parameters causes a server error in script execution due to insufficient input validation. CWE-20
 Improper Input Validation  		CVE-2020-28898 2024-11-21 14:23 2021-04-16 Show GitHub Exploit DB Packet Storm
200938 9.8 CRITICAL
Network 		monitorr monitorr An authorization bypass vulnerability in Monitorr v1.7.6m in Monitorr/assets/config/_installation/_register.php allows an unauthorized person to create valid credentials. CWE-863
 Incorrect Authorization 		CVE-2020-28872 2024-11-21 14:23 2021-04-12 Show GitHub Exploit DB Packet Storm
200939 8.8 HIGH
Adjacent 		askey rtf3505vw-n1_br_sv_g000_r3505vwn1001_s32_7_firmware Askey Fiber Router RTF3505VW-N1 BR_SV_g000_R3505VWN1001_s32_7 devices allow Remote Code Execution and retrieval of admin credentials to log into the Dashboard or login via SSH, leading to code execut… CWE-78
OS Command  		CVE-2020-28695 2024-11-21 14:23 2021-03-27 Show GitHub Exploit DB Packet Storm
200940 7.5 HIGH
Network 		fluxbb fluxbb Fluxbb 1.5.11 is affected by a denial of service (DoS) vulnerability by sending an extremely long password via the user login form. When a long password is sent, the password hashing process will res… CWE-916
 Use of Password Hash With Insufficient Computational Effort 		CVE-2020-28873 2024-11-21 14:23 2021-03-17 Show GitHub Exploit DB Packet Storm