Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":May 1, 2026, 2 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
228381 6.8 警告 vpasp - VP-ASP Shopping Cart の shopcontent.asp におけるクロスサイトスクリプティングの脆弱性 - CVE-2007-2790 2012-12-20 18:19 2007-05-21 Show GitHub Exploit DB Packet Storm
228382 10 危険 rational software - Rational Soft Hidden Administrator における認証を回避される脆弱性 - CVE-2007-2783 2012-12-20 18:19 2007-05-21 Show GitHub Exploit DB Packet Storm
228383 6.8 警告 wikyblog - WikyBlog の include/sessionRegister.php におけるクロスサイトスクリプティングの脆弱性 - CVE-2007-2781 2012-12-20 18:19 2007-05-21 Show GitHub Exploit DB Packet Storm
228384 7.8 危険 psychostats - PsychoStats における重要な情報を取得される脆弱性 - CVE-2007-2780 2012-12-20 18:19 2007-05-21 Show GitHub Exploit DB Packet Storm
228385 7.5 危険 sunlight cms - SunLight CMS における PHP リモートファイルインクルージョンの脆弱性 - CVE-2007-2774 2012-12-20 18:19 2007-05-21 Show GitHub Exploit DB Packet Storm
228386 7.5 危険 zomplog - Zomplog の plugins/mp3playlist/mp3playlist.php における SQL インジェクションの脆弱性 - CVE-2007-2773 2012-12-20 18:19 2007-05-21 Show GitHub Exploit DB Packet Storm
228387 9.3 危険 クアルコム - Eudora におけるスタックベースのバッファオーバーフローの脆弱性 - CVE-2007-2770 2012-12-20 18:19 2007-05-21 Show GitHub Exploit DB Packet Storm
228388 10 危険 sienzo - Sienzo DMM ActiveX コントロール におけるバッファオーバーフローの脆弱性 - CVE-2007-2763 2012-12-20 18:19 2007-05-18 Show GitHub Exploit DB Packet Storm
228389 9.3 危険 Gilles Vollant - WinImage におけるバッファオーバーフローの脆弱性 - CVE-2007-2758 2012-12-20 18:19 2007-05-18 Show GitHub Exploit DB Packet Storm
228390 10 危険 precisionid barcode - PrecisionID_Barcode.dll の PrecisionID Barcode ActiveX コントロールにおける任意のファイルを上書きされる脆弱性 - CVE-2007-2755 2012-12-20 18:19 2007-05-17 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:May 1, 2026, 4:54 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
199921 3.5 LOW
Network 		opencart opencart Cross Site Request Forgery (CSRF) in CART option in OpenCart Ltd. Opencart CMS 3.0.3.6 allows attacker to add cart items via Add to cart. CWE-352
 Origin Validation Error 		CVE-2020-28838 2024-11-21 14:23 2020-12-12 Show GitHub Exploit DB Packet Storm
199922 9.8 CRITICAL
Network 		ubilling ubilling Ubilling v1.0.9 allows Remote Command Execution as Root user by executing a malicious command that is injected inside the config file and being triggered by another part of the software. CWE-78
CWE-306
OS Command 
Missing Authentication for Critical Function 		CVE-2020-29311 2024-11-21 14:23 2020-12-11 Show GitHub Exploit DB Packet Storm
199923 5.4 MEDIUM
Network 		online_examination_system_project online_examination_system Cross-site scripting (XSS) vulnerability in Online Examination System 1.0 via the subject or feedback parameter to feedback.php. CWE-79
Cross-site Scripting 		CVE-2020-29259 2024-11-21 14:23 2020-12-10 Show GitHub Exploit DB Packet Storm
199924 6.1 MEDIUM
Network 		online_examination_system_project online_examination_system Cross-site scripting (XSS) vulnerability in Online Examination System 1.0 via the w parameter to index.php. CWE-79
Cross-site Scripting 		CVE-2020-29258 2024-11-21 14:23 2020-12-10 Show GitHub Exploit DB Packet Storm
199925 6.1 MEDIUM
Network 		online_examination_system_project online_examination_system Cross-site scripting (XSS) vulnerability in Online Examination System 1.0 via the q parameter to feedback.php. CWE-79
Cross-site Scripting 		CVE-2020-29257 2024-11-21 14:23 2020-12-10 Show GitHub Exploit DB Packet Storm
199926 7.5 HIGH
Network 		plummac ik-401_firmware An improper webserver configuration on Plum IK-401 devices with firmware before 1.02 allows an attacker (with network access to the device) to obtain the configuration file, including hashed credenti… CWE-306
Missing Authentication for Critical Function 		CVE-2020-28946 2024-11-21 14:23 2020-12-9 Show GitHub Exploit DB Packet Storm
199927 5.5 MEDIUM
Local 		nlnetlabs
debian 		unbound
name_server_daemon
debian_linux 		NLnet Labs Unbound, up to and including version 1.12.0, and NLnet Labs NSD, up to and including version 4.3.3, contain a local vulnerability that would allow for a local symlink attack. When writing … CWE-59
Link Following 		CVE-2020-28935 2024-11-21 14:23 2020-12-8 Show GitHub Exploit DB Packet Storm
199928 6.1 MEDIUM
Network 		seeddms seeddms Cross-site scripting (XSS) exists in SeedDMS 6.0.13 via the folderid parameter to views/bootstrap/class.DropFolderChooser.php. CWE-79
Cross-site Scripting 		CVE-2020-28727 2024-11-21 14:23 2020-12-7 Show GitHub Exploit DB Packet Storm
199929 7.8 HIGH
Local 		kaspersky anti-ransomware_tool The installer of Kaspersky Anti-Ransomware Tool (KART) prior to KART 4.0 Patch C was vulnerable to a DLL hijacking attack that allowed an attacker to elevate privileges during installation process. CWE-427
 Uncontrolled Search Path Element 		CVE-2020-28950 2024-11-21 14:23 2020-12-5 Show GitHub Exploit DB Packet Storm
199930 5.5 MEDIUM
Local 		qemu
debian 		qemu
debian_linux 		hw/net/e1000e_core.c in QEMU 5.0.0 has an infinite loop via an RX descriptor with a NULL buffer address. CWE-835
 Loop with Unreachable Exit Condition ('Infinite Loop') 		CVE-2020-28916 2024-11-21 14:23 2020-12-4 Show GitHub Exploit DB Packet Storm