Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":May 5, 2026, 6 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
228441 7.5 危険 XOOPS - XOOPS 用の wfquotes モジュールにおける SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2007-2571 2012-12-20 18:19 2007-05-9 Show GitHub Exploit DB Packet Storm
228442 7.5 危険 practical creative and code - Friendly における PHP リモートファイルインクルージョンの脆弱性 - CVE-2007-2569 2012-12-20 18:19 2007-05-9 Show GitHub Exploit DB Packet Storm
228443 9.3 危険 vcdgear - VCDGear におけるスタックベースのバッファオーバーフローの脆弱性 - CVE-2007-2568 2012-12-20 18:19 2007-05-16 Show GitHub Exploit DB Packet Storm
228444 9.3 危険 taltech - Taltech Tal Bar Code ActiveX コントロールの SaveBarCode 関数におけるバッファオーバーフローの脆弱性 - CVE-2007-2567 2012-12-20 18:19 2007-05-9 Show GitHub Exploit DB Packet Storm
228445 5 警告 taltech - Taltech Tal Bar Code ActiveX コントロールの SaveBarCode 関数におけるサービス運用妨害 (DoS) の脆弱性 - CVE-2007-2566 2012-12-20 18:19 2007-05-9 Show GitHub Exploit DB Packet Storm
228446 10 危険 sienzo - Sienzo DMM ActiveX コントロール におけるスタックベースのバッファオーバーフローの脆弱性 - CVE-2007-2564 2012-12-20 18:19 2007-05-9 Show GitHub Exploit DB Packet Storm
228447 9.3 危険 versalsoft - VersalSoft HTTP File Upload ActiveX コントロール の AddFile 関数におけるバッファオーバーフローの脆弱性 - CVE-2007-2563 2012-12-20 18:19 2007-05-9 Show GitHub Exploit DB Packet Storm
228448 4.3 警告 podium cms - Podium CMS の Default.aspx におけるセッションをハイジャックされる脆弱性 CWE-287
不適切な認証 		CVE-2007-2555 2012-12-20 18:19 2007-05-9 Show GitHub Exploit DB Packet Storm
228449 5 警告 Wikka Development Team - WikkaWiki の RecentChanges 機能における非公開ページの名前などを取得される脆弱性 CWE-200
情報漏えい 		CVE-2007-2552 2012-12-20 18:19 2007-05-9 Show GitHub Exploit DB Packet Storm
228450 4.3 警告 Wikka Development Team - WikkaWiki の usersettings.php におけるクロスサイトスクリプティングの脆弱性 - CVE-2007-2551 2012-12-20 18:19 2007-05-9 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:May 5, 2026, 4:51 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
196531 6.5 MEDIUM
Network 		vmware spring_cloud_config Spring Cloud Config, versions 2.2.x prior to 2.2.2, versions 2.1.x prior to 2.1.7, and older unsupported versions allow applications to serve arbitrary configuration files through the spring-cloud-co… CWE-22
Path Traversal 		CVE-2020-5405 2024-11-21 14:34 2020-03-6 Show GitHub Exploit DB Packet Storm
196532 8.8 HIGH
Adjacent 		plathome openblocks_iot_vx2_firmware OpenBlocks IoT VX2 prior to Ver.4.0.0 (Ver.3 Series) allows an attacker on the same network segment to bypass authentication and to initialize the device via unspecified vectors. CWE-287
Improper Authentication 		CVE-2020-5536 2024-11-21 14:34 2020-03-4 Show GitHub Exploit DB Packet Storm
196533 8.8 HIGH
Adjacent 		plathome openblocks_iot_vx2_firmware OpenBlocks IoT VX2 prior to Ver.4.0.0 (Ver.3 Series) allows an attacker on the same network segment to execute arbitrary OS commands with root privileges via unspecified vectors. CWE-78
OS Command  		CVE-2020-5535 2024-11-21 14:34 2020-03-4 Show GitHub Exploit DB Packet Storm
196534 7.5 HIGH
Network 		pivotal reactor_netty Reactor Netty HttpServer, versions 0.9.3 and 0.9.4, is exposed to a URISyntaxException that causes the connection to be closed prematurely instead of producing a 400 response. CWE-755
 Improper Handling of Exceptional Conditions 		CVE-2020-5403 2024-11-21 14:34 2020-03-4 Show GitHub Exploit DB Packet Storm
196535 5.9 MEDIUM
Network 		pivotal reactor_netty The HttpClient from Reactor Netty, versions 0.9.x prior to 0.9.5, and versions 0.8.x prior to 0.8.16, may be used incorrectly, leading to a credentials leak during a redirect to a different domain. I… CWE-522
 Insufficiently Protected Credentials 		CVE-2020-5404 2024-11-21 14:34 2020-03-4 Show GitHub Exploit DB Packet Storm
196536 6.5 MEDIUM
Network 		grandit grandit GRANDIT Ver.1.6, Ver.2.0, Ver.2.1, Ver.2.2, Ver.2.3, and Ver.3.0 do not properly manage sessions, which allows remote attackers to impersonate an arbitrary user and then alter or disclose the informa… CWE-639
 Authorization Bypass Through User-Controlled Key 		CVE-2020-5539 2024-11-21 14:34 2020-03-2 Show GitHub Exploit DB Packet Storm
196537 8.8 HIGH
Network 		cloudfoundry cf-deployment
user_account_and_authentication 		In Cloud Foundry UAA, versions prior to 74.14.0, a CSRF vulnerability exists due to the OAuth2 state parameter not being checked in the callback function when authenticating with external identity pr… CWE-352
 Origin Validation Error 		CVE-2020-5402 2024-11-21 14:34 2020-02-28 Show GitHub Exploit DB Packet Storm
196538 5.3 MEDIUM
Network 		cloudfoundry routing_release Cloud Foundry Routing Release, versions prior to 0.197.0, contains GoRouter, which allows malicious clients to send invalid headers, causing caching layers to reject subsequent legitimate clients try… CWE-444
HTTP Request Smuggling 		CVE-2020-5401 2024-11-21 14:34 2020-02-28 Show GitHub Exploit DB Packet Storm
196539 6.5 MEDIUM
Network 		cloudfoundry cf-deployment
capi-release 		Cloud Foundry Cloud Controller (CAPI), versions prior to 1.91.0, logs properties of background jobs when they are run, which may include sensitive information such as credentials if provided to the j… CWE-532
 Inclusion of Sensitive Information in Log Files 		CVE-2020-5400 2024-11-21 14:34 2020-02-28 Show GitHub Exploit DB Packet Storm
196540 8.8 HIGH
Adjacent 		nec aterm_wg2600hs_firmware
aterm_wf1200c_firmware
aterm_wg1200cr_firmware 		Aterm series (Aterm WF1200C firmware Ver1.2.1 and earlier, Aterm WG1200CR firmware Ver1.2.1 and earlier, Aterm WG2600HS firmware Ver1.3.2 and earlier) allows an attacker on the same network segment t… CWE-78
OS Command  		CVE-2020-5524 2024-11-21 14:34 2020-02-21 Show GitHub Exploit DB Packet Storm