Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":May 11, 2026, 6:01 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
228691 7.5 危険 xecms - xeCMS の view.php におけるディレクトリトラバーサルの脆弱性 CWE-22
パス・トラバーサル 		CVE-2007-6508 2012-12-20 18:34 2007-12-21 Show GitHub Exploit DB Packet Storm
228692 10 危険 トレンドマイクロ - Windows 用の Trend Micro ServerProtect における "ファイルシステムの全アクセス権限" を取得される脆弱性 CWE-264
認可・権限・アクセス制御 		CVE-2007-6507 2012-12-20 18:34 2007-07-27 Show GitHub Exploit DB Packet Storm
228693 4.9 警告 plain black - Plain Black WebGUI における管理アカウントを作成される脆弱性 CWE-264
認可・権限・アクセス制御 		CVE-2007-6487 2012-12-20 18:34 2007-12-20 Show GitHub Exploit DB Packet Storm
228694 6.8 警告 phprpg - phpRPG の index.php における SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2007-6484 2012-12-20 18:34 2007-12-20 Show GitHub Exploit DB Packet Storm
228695 7.8 危険 サン・マイクロシステムズ - Sun Ray Server Software の utdevmgrd におけるサービス運用妨害 (DoS) の脆弱性 CWE-noinfo
情報不足 		CVE-2007-6482 2012-12-20 18:34 2007-12-18 Show GitHub Exploit DB Packet Storm
228696 6.4 警告 サン・マイクロシステムズ - Sun Ray Server Software の utdevmgrd における任意のディレクトリを削除される脆弱性 CWE-DesignError
CVE-2007-6481 2012-12-20 18:34 2007-12-18 Show GitHub Exploit DB Packet Storm
228697 9.4 危険 サン・マイクロシステムズ - Sun MC の Oracle データベースコンポーネントにおける任意のコードを実行される脆弱性 CWE-DesignError
CVE-2007-6480 2012-12-20 18:34 2007-12-18 Show GitHub Exploit DB Packet Storm
228698 6.8 警告 rosoftengineering - Rosoft Media Player におけるスタックベースのバッファオーバーフローの脆弱性 CWE-119
バッファエラー 		CVE-2007-6478 2012-12-20 18:34 2007-12-20 Show GitHub Exploit DB Packet Storm
228699 5.8 警告 texas imperial software - Texas Imperial Software WFTPD Pro Explorer におけるヒープベースのバッファオーバーフローの脆弱性 CWE-119
バッファエラー 		CVE-2007-6473 2012-12-20 18:34 2007-12-20 Show GitHub Exploit DB Packet Storm
228700 7.5 危険 phpmyrealty - PMR における SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2007-6472 2012-12-20 18:34 2007-12-20 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:May 11, 2026, 4:09 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
196081 9.8 CRITICAL
Network 		ossec ossec In OSSEC-HIDS 2.7 through 3.5.0, the server component responsible for log analysis (ossec-analysisd) is vulnerable to an off-by-one heap-based buffer overflow during the cleaning of crafted syslog ms… CWE-787
CWE-193
 Out-of-bounds Write
 Off-by-one Error 		CVE-2020-8443 2024-11-21 14:38 2020-01-30 Show GitHub Exploit DB Packet Storm
196082 8.8 HIGH
Network 		ossec ossec In OSSEC-HIDS 2.7 through 3.5.0, the server component responsible for log analysis (ossec-analysisd) is vulnerable to a heap-based buffer overflow in the rootcheck decoder component via an authentica… CWE-787
 Out-of-bounds Write 		CVE-2020-8442 2024-11-21 14:38 2020-01-30 Show GitHub Exploit DB Packet Storm
196083 7.2 HIGH
Network 		arris ruckus_zoneflex_r500_firmware Ruckus ZoneFlex R500 104.0.0.0.1347 devices allow an authenticated attacker to execute arbitrary OS commands via the hidden /forms/nslookupHandler form, as demonstrated by the nslookuptarget=|cat${IF… CWE-78
OS Command  		CVE-2020-8438 2024-11-21 14:38 2020-01-30 Show GitHub Exploit DB Packet Storm
196084 9.8 CRITICAL
Network 		denx
opensuse 		u-boot
leap 		In Das U-Boot through 2020.01, a double free has been found in the cmd/gpt.c do_rename_gpt_parts() function. Double freeing may result in a write-what-where condition, allowing an attacker to execute… CWE-787
CWE-415
 Out-of-bounds Write
 Double Free 		CVE-2020-8432 2024-11-21 14:38 2020-01-30 Show GitHub Exploit DB Packet Storm
196085 7.5 HIGH
Network 		iktm bearftp IKTeam BearFTP before 0.2.0 allows remote attackers to achieve denial of service via a large volume of connections to the PASV mode port. CWE-770
 Allocation of Resources Without Limits or Throttling 		CVE-2020-8416 2024-11-21 14:38 2020-01-30 Show GitHub Exploit DB Packet Storm
196086 8.8 HIGH
Network 		webargs_project webargs flaskparser.py in Webargs 5.x through 5.5.2 doesn't check that the Content-Type header is application/json when receiving JSON input. If the request body is valid JSON, it will accept it even if the … CWE-352
 Origin Validation Error 		CVE-2020-7965 2024-11-21 14:38 2020-01-30 Show GitHub Exploit DB Packet Storm
196087 7.1 HIGH
Local 		linux linux_kernel fs/namei.c in the Linux kernel before 5.5 has a may_create_in_sticky use-after-free, which allows local users to cause a denial of service (OOPS) or possibly obtain sensitive information from kernel … CWE-416
 Use After Free 		CVE-2020-8428 2024-11-21 14:38 2020-01-29 Show GitHub Exploit DB Packet Storm
196088 5.4 MEDIUM
Network 		elementor website_builder The Elementor plugin before 2.8.5 for WordPress suffers from a reflected XSS vulnerability on the elementor-system-info page. These can be exploited by targeting an authenticated user. CWE-79
Cross-site Scripting 		CVE-2020-8426 2024-11-21 14:38 2020-01-29 Show GitHub Exploit DB Packet Storm
196089 6.5 MEDIUM
Network 		cups_easy_\(purchase_\&_inventory\)_project cups_easy_\(purchase_\&_inventory\) Cups Easy (Purchase & Inventory) 1.0 is vulnerable to CSRF that leads to admin account deletion via userdelete.php. CWE-352
 Origin Validation Error 		CVE-2020-8425 2024-11-21 14:38 2020-01-29 Show GitHub Exploit DB Packet Storm
196090 8.8 HIGH
Network 		cups_easy_project cups_easy Cups Easy (Purchase & Inventory) 1.0 is vulnerable to CSRF that leads to admin account takeover via passwordmychange.php. CWE-352
 Origin Validation Error 		CVE-2020-8424 2024-11-21 14:38 2020-01-29 Show GitHub Exploit DB Packet Storm