Vulnerability Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":May 10, 2026, 2 p.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
228311	4.3	警告	Real Time Logic	-	BarracudaDrive Web Server におけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2007-6316	2012-12-20 18:34	2007-12-11	Show	GitHub Exploit DB Packet Storm

228312	4	警告	Real Time Logic	-	Group Chat の BarracudaDrive Web Server におけるサービス運用妨害 (DoS) の脆弱性	CWE-119 バッファエラー	CVE-2007-6315	2012-12-20 18:34	2007-12-11	Show	GitHub Exploit DB Packet Storm

228313	5	警告	Real Time Logic	-	BarracudaDrive Web Server における Web スクリプトに対するソースコードを読まれる脆弱性	CWE-20 不適切な入力確認	CVE-2007-6314	2012-12-20 18:34	2007-12-11	Show	GitHub Exploit DB Packet Storm

228314	4.3	警告	ウェブセンス	-	Websense Enterprise および Web Security Suite の Web Reporting Tools portal におけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2007-6312	2012-12-20 18:34	2007-12-11	Show	GitHub Exploit DB Packet Storm

228315	4.3	警告	webSPELL	-	webSPELL の index.php におけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2007-6309	2012-12-20 18:34	2007-12-11	Show	GitHub Exploit DB Packet Storm

228316	5	警告	phpmychat	-	phpMyChat の users_popupL.php3 における PHP リモートファイルインクルージョンの脆弱性	CWE-94 コード・インジェクション	CVE-2007-6296	2012-12-20 18:34	2007-12-10	Show	GitHub Exploit DB Packet Storm

228317	7.5	危険	xigla	-	Xigla Absolute Banner Manager .NET の abm.aspx における SQL インジェクションの脆弱性	CWE-89 SQLインジェクション	CVE-2007-6291	2012-12-20 18:34	2007-12-10	Show	GitHub Exploit DB Packet Storm

228318	7.5	危険	tecnick.com	-	TCExam における SQL インジェクションの脆弱性	CWE-89 SQLインジェクション	CVE-2007-6288	2012-12-20 18:34	2007-12-10	Show	GitHub Exploit DB Packet Storm

228319	10	危険	stbernard	-	St. Bernard Open File Manager の Open File Manager service におけるヒープベースのバッファオーバーフローの脆弱性	CWE-119 バッファエラー	CVE-2007-6281	2012-12-20 18:34	2007-12-19	Show	GitHub Exploit DB Packet Storm

228320	9.3	危険	SonicWALL	-	SonicWALL GLobal VPN Client のコンフィギュレーションファイルにおけるフォーマットストリングの脆弱性	CWE-134 書式文字列の問題	CVE-2007-6273	2012-12-20 18:34	2007-12-7	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:May 10, 2026, 4:58 a.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
196151	9.8	CRITICAL Network	nodemailer	nodemailer	This affects the package nodemailer before 6.4.16. Use of crafted recipient email addresses may result in arbitrary command flag injection in sendmail transport for sending mails.	CWE-88 Argument Injection	CVE-2020-7769	2024-11-21 14:37	2020-11-12	Show	GitHub Exploit DB Packet Storm

196152	9.8	CRITICAL Network	grpc	grpc	The package grpc before 1.24.4; the package @grpc/grpc-js before 1.1.8 are vulnerable to Prototype Pollution via loadPackageDefinition.	CWE-1321 Improperly Controlled Modification of Object Prototype Attributes ('Prototype Pollution')	CVE-2020-7768	2024-11-21 14:37	2020-11-11	Show	GitHub Exploit DB Packet Storm

196153	5.3	MEDIUM Network	express-validators_project	express-validators	All versions of package express-validators are vulnerable to Regular Expression Denial of Service (ReDoS) when validating specifically-crafted invalid urls.	CWE-400 Uncontrolled Resource Consumption	CVE-2020-7767	2024-11-21 14:37	2020-11-11	Show	GitHub Exploit DB Packet Storm

196154	7.2	HIGH Network	mcafee	mvision_endpoint	Server-side request forgery vulnerability in the ePO extension in McAfee MVISION Endpoint prior to 20.11 allows remote attackers trigger server-side DNS requests to arbitrary domains via carefully co…	CWE-918 Server-Side Request Forgery (SSRF)	CVE-2020-7329	2024-11-21 14:37	2020-11-11	Show	GitHub Exploit DB Packet Storm

196155	7.2	HIGH Network	mcafee	mvision_endpoint	External entity attack vulnerability in the ePO extension in McAfee MVISION Endpoint prior to 20.11 allows remote attackers to gain control of a resource or trigger arbitrary code execution via impro…	CWE-918 Server-Side Request Forgery (SSRF)	CVE-2020-7328	2024-11-21 14:37	2020-11-11	Show	GitHub Exploit DB Packet Storm

196156	9.8	CRITICAL Network	json-ptr_project	json-ptr	This affects all versions of package json-ptr. The issue occurs in the set operation (https://flitbit.github.io/json-ptr/classes/_src_pointer_.jsonpointer.htmlset) when the force flag is set to true.…	CWE-1321 Improperly Controlled Modification of Object Prototype Attributes ('Prototype Pollution')	CVE-2020-7766	2024-11-21 14:37	2020-11-11	Show	GitHub Exploit DB Packet Storm

196157	7.5	HIGH Network	find-my-way_project	find-my-way	This affects the package find-my-way before 2.2.5, from 3.0.0 and before 3.0.5. It accepts the Accept-Version' header by default, and if versioned routes are not being used, this could lead to a deni…	CWE-444 HTTP Request Smuggling	CVE-2020-7764	2024-11-21 14:37	2020-11-9	Show	GitHub Exploit DB Packet Storm

196158	7.5	HIGH Network	jsreport	phantom-html-to-pdf	This affects the package phantom-html-to-pdf before 0.6.1.	CWE-22 Path Traversal	CVE-2020-7763	2024-11-21 14:37	2020-11-5	Show	GitHub Exploit DB Packet Storm

196159	6.5	MEDIUM Network	jsreport	jsreport-chrome-pdf	This affects the package jsreport-chrome-pdf before 1.10.0.	CWE-22 Path Traversal	CVE-2020-7762	2024-11-21 14:37	2020-11-5	Show	GitHub Exploit DB Packet Storm

196160	5.3	MEDIUM Network	absolunet	kafe	This affects the package @absolunet/kafe before 3.2.10. It allows cause a denial of service when validating crafted invalid emails.	NVD-CWE-noinfo	CVE-2020-7761	2024-11-21 14:37	2020-11-5	Show	GitHub Exploit DB Packet Storm

Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed