Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":May 10, 2026, 6 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
228531 6.8 警告 softpedia - Softonic International SciTE における PHP リモートファイルインクルージョンの脆弱性 CWE-94
コード・インジェクション 		CVE-2007-5315 2012-12-20 18:33 2007-10-9 Show GitHub Exploit DB Packet Storm
228532 6.8 警告 xkiosk - xKiosk WEB の system/funcs/xkurl.php における PHP リモートファイルインクルージョンの脆弱性 CWE-94
コード・インジェクション 		CVE-2007-5314 2012-12-20 18:33 2007-10-9 Show GitHub Exploit DB Packet Storm
228533 7.5 危険 script-solution.de - Picturesolution の install/config.php における PHP リモートファイルインクルージョンの脆弱性 CWE-94
コード・インジェクション 		CVE-2007-5313 2012-12-20 18:33 2007-10-9 Show GitHub Exploit DB Packet Storm
228534 4.3 警告 torrenttrader - TorrentTrader Classic におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2007-5312 2012-12-20 18:33 2007-10-9 Show GitHub Exploit DB Packet Storm
228535 7.5 危険 torrenttrader - TorrentTrader Classic Edition の backend/admin-functions.php におけるディレクトリトラバーサルの脆弱性 CWE-22
パス・トラバーサル 		CVE-2007-5311 2012-12-20 18:33 2007-10-9 Show GitHub Exploit DB Packet Storm
228536 7.5 危険 yannick tanguy - ELSEIF CMS における任意の PHP コードを実行される脆弱性 CWE-94
コード・インジェクション 		CVE-2007-5307 2012-12-20 18:33 2007-10-9 Show GitHub Exploit DB Packet Storm
228537 5 警告 yannick tanguy - ELSEIF CMS における重要な情報を取得される脆弱性 CWE-22
パス・トラバーサル 		CVE-2007-5306 2012-12-20 18:33 2007-10-9 Show GitHub Exploit DB Packet Storm
228538 7.5 危険 yannick tanguy - ELSEIF CMS における PHP リモートファイルインクルージョンの脆弱性 CWE-94
コード・インジェクション 		CVE-2007-5305 2012-12-20 18:33 2007-10-9 Show GitHub Exploit DB Packet Storm
228539 4.3 警告 yannick tanguy - ELSEIF CMS におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2007-5304 2012-12-20 18:33 2007-10-9 Show GitHub Exploit DB Packet Storm
228540 4.3 警告 snewscms - SnewsCMS Rus の news_page.php におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2007-5303 2012-12-20 18:33 2007-10-9 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:May 10, 2026, 4:58 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
209471 7.8 HIGH
Local 		softmaker planmaker_2021 An exploitable heap-based buffer overflow vulnerability exists in the PlanMaker document parsing functionality of SoftMaker Office 2021’s PlanMaker application. A specially crafted document can cause… CWE-787
 Out-of-bounds Write 		CVE-2020-13580 2024-11-21 14:01 2021-02-4 Show GitHub Exploit DB Packet Storm
209472 7.8 HIGH
Local 		softmaker planmaker_2021 An exploitable integer overflow vulnerability exists in the PlanMaker document parsing functionality of SoftMaker Office 2021’s PlanMaker application. A specially crafted document can cause the docum… CWE-787
CWE-190
 Out-of-bounds Write
 Integer Overflow or Wraparound 		CVE-2020-13579 2024-11-21 14:01 2021-02-4 Show GitHub Exploit DB Packet Storm
209473 6.1 MEDIUM
Network 		phpgacl_project
open-emr 		phpgacl
openemr 		A cross-site scripting vulnerability exists in the template functionality of phpGACL 3.3.7. A specially crafted HTTP request can lead to arbitrary JavaScript execution. An attacker can provide a craf… CWE-79
Cross-site Scripting 		CVE-2020-13564 2024-11-21 14:01 2021-02-2 Show GitHub Exploit DB Packet Storm
209474 6.1 MEDIUM
Network 		phpgacl_project
open-emr 		phpgacl
openemr 		A cross-site scripting vulnerability exists in the template functionality of phpGACL 3.3.7. A specially crafted HTTP request can lead to arbitrary JavaScript execution. An attacker can provide a craf… CWE-79
Cross-site Scripting 		CVE-2020-13563 2024-11-21 14:01 2021-02-2 Show GitHub Exploit DB Packet Storm
209475 6.1 MEDIUM
Network 		phpgacl_project
open-emr 		phpgacl
openemr 		A cross-site scripting vulnerability exists in the template functionality of phpGACL 3.3.7. A specially crafted HTTP request can lead to arbitrary JavaScript execution. An attacker can provide a craf… CWE-79
Cross-site Scripting 		CVE-2020-13562 2024-11-21 14:01 2021-02-2 Show GitHub Exploit DB Packet Storm
209476 8.8 HIGH
Network 		open-emr openemr A cross-site request forgery vulnerability exists in the GACL functionality of OpenEMR 5.0.2 and development version 6.0.0 (commit babec93f600ff1394f91ccd512bcad85832eb6ce). A specially crafted HTTP … CWE-352
 Origin Validation Error 		CVE-2020-13569 2024-11-21 14:01 2021-01-28 Show GitHub Exploit DB Packet Storm
209477 7.5 HIGH
Network 		silabs micrium_uc-http A denial-of-service vulnerability exists in the HTTP Server functionality of Micrium uC-HTTP 3.01.00. A specially crafted HTTP request can lead to denial of service. An attacker can send an HTTP requ… CWE-476
 NULL Pointer Dereference 		CVE-2020-13582 2024-11-21 14:01 2021-01-27 Show GitHub Exploit DB Packet Storm
209478 7.5 HIGH
Network 		freyrscada iec-60879-5-104_server_simulator A denial-of-service vulnerability exists in the traffic-logging functionality of FreyrSCADA IEC-60879-5-104 Server Simulator 21.04.028. A specially crafted packet can lead to denial of service. An at… CWE-697
 Incorrect Comparison 		CVE-2020-13559 2024-11-21 14:01 2021-01-12 Show GitHub Exploit DB Packet Storm
209479 9.8 CRITICAL
Network 		thecodingmachine gotenberg In Gotenberg through 6.2.1, insecure permissions for tini (writable by user gotenberg) potentially allow an attacker to overwrite the file, which can lead to denial of service or code execution. CWE-276
Incorrect Default Permissions  		CVE-2020-13452 2024-11-21 14:01 2021-01-8 Show GitHub Exploit DB Packet Storm
209480 9.8 CRITICAL
Network 		thecodingmachine gotenberg An incomplete-cleanup vulnerability in the Office rendering engine of Gotenberg through 6.2.1 allows an attacker to overwrite LibreOffice configuration files and execute arbitrary code via macros. CWE-459
 Incomplete Cleanup 		CVE-2020-13451 2024-11-21 14:01 2021-01-8 Show GitHub Exploit DB Packet Storm