Vulnerability Search Top

Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

Vulnerability Information Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":April 30, 2026, 6 p.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
228881	6.8	警告	sweetphp	-	TotalCalendar の index.php における PHP リモートファイルインクルージョンの脆弱性	-	CVE-2006-7055	2012-12-20 18:18	2007-02-23	Show	GitHub Exploit DB Packet Storm

228882	6.8	警告	Wikka Development Team	-	WikkaWiki におけるクロスサイトスクリプティングの脆弱性	-	CVE-2006-7050	2012-12-20 18:18	2007-02-23	Show	GitHub Exploit DB Packet Storm

228883	7.5	危険	Wikka Development Team	-	WikkaWiki の Method メソッドにおけるアクセス制限を回避される脆弱性	-	CVE-2006-7049	2012-12-20 18:18	2007-02-23	Show	GitHub Exploit DB Packet Storm

228884	5	警告	shoutpro	-	Shoutpro の include.php における禁止 IP 制限を回避される脆弱性	CWE-264 認可・権限・アクセス制御	CVE-2006-7047	2012-12-20 18:18	2007-02-23	Show	GitHub Exploit DB Packet Storm

228885	7.8	危険	super link exchange script	-	Super Link Exchange Script の make_thumbnail.php におけるディレクトリトラバーサルの脆弱性	-	CVE-2006-7035	2012-12-20 18:18	2007-02-22	Show	GitHub Exploit DB Packet Storm

228886	7.5	危険	super link exchange script	-	Super Link Exchange Script の directory.php における SQL インジェクションの脆弱性	-	CVE-2006-7034	2012-12-20 18:18	2007-02-22	Show	GitHub Exploit DB Packet Storm

228887	6.8	警告	super link exchange script	-	Super Link Exchange Script におけるクロスサイトスクリプティングの脆弱性	-	CVE-2006-7033	2012-12-20 18:18	2007-02-22	Show	GitHub Exploit DB Packet Storm

228888	10	危険	tufat	-	FlashBB の phpbb/getmsg.php における PHP リモートファイルインクルージョンの脆弱性	-	CVE-2006-7032	2012-12-20 18:18	2007-02-22	Show	GitHub Exploit DB Packet Storm

228889	7.8	危険	サン・マイクロシステムズ	-	Netra など Solaris が稼動しているシングル CPU Sun システムにおけるサービス運用妨害 (DoS) の脆弱性	-	CVE-2006-7028	2012-12-20 18:18	2007-02-22	Show	GitHub Exploit DB Packet Storm

228890	7.5	危険	sangwan kim	-	Bookmark4U の admin/config.php における SQL インジェクションの脆弱性	-	CVE-2006-7025	2012-12-20 18:18	2007-02-22	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:April 30, 2026, 4:58 a.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
197821	5.4	MEDIUM Network	lavalite	lavalite	A stored cross site scripting (XSS) vulnerability in the /admin/roles/role component of LavaLite 5.8.0 allows authenticated attackers to execute arbitrary web scripts or HTML via a crafted payload en…	CWE-79 Cross-site Scripting	CVE-2020-36396	2024-11-21 14:29	2021-07-3	Show	GitHub Exploit DB Packet Storm

197822	5.4	MEDIUM Network	lavalite	lavalite	A stored cross site scripting (XSS) vulnerability in the /admin/user/team component of LavaLite 5.8.0 allows authenticated attackers to execute arbitrary web scripts or HTML via a crafted payload ent…	CWE-79 Cross-site Scripting	CVE-2020-36395	2024-11-21 14:29	2021-07-3	Show	GitHub Exploit DB Packet Storm

197823	8.8	HIGH Network	aomedia	libavif	libavif 0.8.0 and 0.8.1 has an out-of-bounds write in avifDecoderDataFillImageGrid.	CWE-787 Out-of-bounds Write	CVE-2020-36407	2024-11-21 14:29	2021-07-1	Show	GitHub Exploit DB Packet Storm

197824	8.8	HIGH Network	uwebsockets_project	uwebsockets	uWebSockets 18.11.0 and 18.12.0 has a stack-based buffer overflow in uWS::TopicTree::trimTree (called from uWS::TopicTree::unsubscribeAll). NOTE: the vendor's position is that this is "a minor issue …	CWE-787 Out-of-bounds Write	CVE-2020-36406	2024-11-21 14:29	2021-07-1	Show	GitHub Exploit DB Packet Storm

197825	7.8	HIGH Local	keystone-engine	keystone_engine	Keystone Engine 0.9.2 has a use-after-free in llvm_ks::X86Operand::getToken.	CWE-416 Use After Free	CVE-2020-36405	2024-11-21 14:29	2021-07-1	Show	GitHub Exploit DB Packet Storm

197826	7.8	HIGH Local	keystone-engine	keystone	Keystone Engine 0.9.2 has an invalid free in llvm_ks::SmallVectorImpl<llvm_ks::MCFixup>::~SmallVectorImpl.	CWE-763 Release of Invalid Pointer or Reference	CVE-2020-36404	2024-11-21 14:29	2021-07-1	Show	GitHub Exploit DB Packet Storm

197827	8.8	HIGH Network	htslib	htslib	HTSlib through 1.10.2 allows out-of-bounds write access in vcf_parse_format (called from vcf_parse and vcf_read).	CWE-787 Out-of-bounds Write	CVE-2020-36403	2024-11-21 14:29	2021-07-1	Show	GitHub Exploit DB Packet Storm

197828	7.8	HIGH Local	soliditylang	solidity	Solidity 0.7.5 has a stack-use-after-return issue in smtutil::CHCSmtLib2Interface::querySolver. NOTE: c39a5e2b7a3fabbf687f53a2823fc087be6c1a7e is cited in the OSV "fixed" field but does not have a co…	CWE-787 Out-of-bounds Write	CVE-2020-36402	2024-11-21 14:29	2021-07-1	Show	GitHub Exploit DB Packet Storm

197829	7.8	HIGH Local	mruby	mruby	mruby 2.1.2 has a double free in mrb_default_allocf (called from mrb_free and obj_free).	CWE-415 Double Free	CVE-2020-36401	2024-11-21 14:29	2021-07-1	Show	GitHub Exploit DB Packet Storm

197830	9.8	CRITICAL Network	zeromq	libzmq	ZeroMQ libzmq 4.3.3 has a heap-based buffer overflow in zmq::tcp_read, a different vulnerability than CVE-2021-20235.	CWE-787 Out-of-bounds Write	CVE-2020-36400	2024-11-21 14:29	2021-07-1	Show	GitHub Exploit DB Packet Storm