Vulnerability Search Top

Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

Vulnerability Information Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":May 4, 2026, 6 p.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
228981	6.8	警告	phpxmldom	-	phpXD における PHP リモートファイルインクルージョンの脆弱性	-	CVE-2007-0511	2012-12-20 18:19	2007-01-25	Show	GitHub Exploit DB Packet Storm

228982	10	危険	vote pro	-	Vote! Pro の poll_frame.php における任意の PHP コードを実行される脆弱性	-	CVE-2007-0504	2012-12-20 18:19	2007-01-25	Show	GitHub Exploit DB Packet Storm

228983	7.5	危険	webSPELL	-	webSPELL の gallery.php における SQL インジェクションの脆弱性	-	CVE-2007-0502	2012-12-20 18:19	2007-01-25	Show	GitHub Exploit DB Packet Storm

228984	6.8	警告	sangwan kim	-	Sangwan Kim phpIndexPage の config.php における PHP リモートファイルインクルージョンの脆弱性	CWE-94 コード・インジェクション	CVE-2007-0499	2012-12-20 18:19	2007-01-25	Show	GitHub Exploit DB Packet Storm

228985	7.5	危険	sky gunning	-	MySpeach の up.php における PHP リモートファイルインクルージョンの脆弱性	-	CVE-2007-0498	2012-12-20 18:19	2007-01-25	Show	GitHub Exploit DB Packet Storm

228986	6.8	警告	upload-service	-	Upload-Service の upload/top.php における PHP リモートファイルインクルージョンの脆弱性	-	CVE-2007-0497	2012-12-20 18:19	2007-01-25	Show	GitHub Exploit DB Packet Storm

228987	10	危険	phpsherpa	-	PhpSherpa の include/config.inc.php における PHP リモートファイルインクルージョンの脆弱性	-	CVE-2007-0495	2012-12-20 18:19	2007-01-25	Show	GitHub Exploit DB Packet Storm

228988	7.5	危険	webSPELL	-	webSPELL の gallery.php における SQL インジェクションの脆弱性	-	CVE-2007-0492	2012-12-20 18:19	2007-01-24	Show	GitHub Exploit DB Packet Storm

228989	6.8	警告	sky gunning	-	Sky GUNNING MySpeach の up.php における PHP リモートファイルインクルージョンの脆弱性	-	CVE-2007-0491	2012-12-20 18:19	2007-01-24	Show	GitHub Exploit DB Packet Storm

228990	6.8	警告	visohotlink	-	VisoHotlink の includes/functions.visohotlink.php における PHP リモートファイルインクルージョンの脆弱性	-	CVE-2007-0489	2012-12-20 18:19	2007-01-24	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:May 5, 2026, 4:51 a.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
197211	5.4	MEDIUM Network	ibm	rational_quality_manager rational_team_concert rational_collaborative_lifecycle_management rational_doors_next_generation rational_engineering_lifecycle_manager doors_next engineeri…	IBM Jazz Team Server based Applications are vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionali…	CWE-79 Cross-site Scripting	CVE-2020-4546	2024-11-21 14:32	2020-09-3	Show	GitHub Exploit DB Packet Storm

197212	5.4	MEDIUM Network	ibm	rational_quality_manager rational_team_concert rational_collaborative_lifecycle_management rational_doors_next_generation rational_engineering_lifecycle_manager doors_next engineeri…	IBM Jazz Team Server based Applications are vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionali…	CWE-79 Cross-site Scripting	CVE-2020-4522	2024-11-21 14:32	2020-09-3	Show	GitHub Exploit DB Packet Storm

197213	5.4	MEDIUM Network	ibm	rational_quality_manager rational_team_concert rational_collaborative_lifecycle_management rational_doors_next_generation rational_engineering_lifecycle_manager doors_next engineeri…	IBM Jazz Team Server based Applications are vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionali…	CWE-79 Cross-site Scripting	CVE-2020-4445	2024-11-21 14:32	2020-09-3	Show	GitHub Exploit DB Packet Storm

197214	5.5	MEDIUM Local	ibm	spectrum_scale	IBM Spectrum Scale V5.0.0.0 through V5.0.4.3 and V4.2.0.0 through V4.2.3.21 could allow a local attacker to cause a denial of service crashing the kernel by sending a subset of ioctls on the device w…	CWE-88 Argument Injection	CVE-2020-4492	2024-11-21 14:32	2020-08-31	Show	GitHub Exploit DB Packet Storm

197215	3.3	LOW Local	ibm	spectrum_protect_server	IBM Spectrum Protect Server 8.1.0.000 through 8.1.10.000 could disclose sensitive information in nondefault settings due to occasionally not encrypting the second chunk of an object in an encrypted c…	CWE-311 Missing Encryption of Sensitive Data	CVE-2020-4591	2024-11-21 14:32	2020-08-29	Show	GitHub Exploit DB Packet Storm

197216	7.5	HIGH Network	ibm	spectrum_protect	IBM Spectrum Protect 7.1 and 8.1 could allow an attacker to cause a denial of service due ti improper validation of user-supplied input. IBM X-Force ID: 183613.	CWE-20 Improper Input Validation	CVE-2020-4559	2024-11-21 14:32	2020-08-29	Show	GitHub Exploit DB Packet Storm

197217	7.2	HIGH Network	ibm	security_guardium_insights	IBM Security Guardium Insights 2.0.1 performs an operation at a privilege level that is higher than the minimum level required, which creates new weaknesses or amplifies the consequences of other wea…	CWE-269 Improper Privilege Management	CVE-2020-4603	2024-11-21 14:32	2020-08-27	Show	GitHub Exploit DB Packet Storm

197218	6.1	MEDIUM Network	ibm	websphere_virtual_enterprise websphere_application_server	IBM WebSphere Application Server ND 8.5 and 9.0, and IBM WebSphere Virtual Enterprise 7.0 and 8.0 are vulnerable to cross-site scripting when High Availability Deployment Manager is configured.	CWE-79 Cross-site Scripting	CVE-2020-4575	2024-11-21 14:32	2020-08-27	Show	GitHub Exploit DB Packet Storm

197219	5.9	MEDIUM Network	ibm	security_guardium_insights	IBM Security Guardium Insights 2.0.1 could allow a remote attacker to obtain sensitive information, caused by the failure to properly enable HTTP Strict Transport Security. An attacker could exploit …	CWE-862 Missing Authorization	CVE-2020-4175	2024-11-21 14:32	2020-08-27	Show	GitHub Exploit DB Packet Storm

197220	7.5	HIGH Network	ibm	security_guardium_insights	IBM Security Guardium Insights 2.0.1 uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive information. IBM X-Force ID: 174683.	CWE-327 Use of a Broken or Risky Cryptographic Algorithm	CVE-2020-4174	2024-11-21 14:32	2020-08-27	Show	GitHub Exploit DB Packet Storm