Vulnerability Search Top

Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

Vulnerability Information Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":May 9, 2026, 6 p.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
228981	7.5	危険	web-app.org	-	web-app.org WebAPP の cgi-bin/cgi-lib/instantmessage.pl における脆弱性	-	CVE-2007-3423	2012-12-20 18:19	2007-06-26	Show	GitHub Exploit DB Packet Storm

228982	7.5	危険	web-app.org	-	web-app.org WebAPP の cgi-bin/cgi-lib/subs.pl における脆弱性	-	CVE-2007-3422	2012-12-20 18:19	2007-06-26	Show	GitHub Exploit DB Packet Storm

228983	7.5	危険	web-app.org	-	web-app.org WebAPP のログイン機能などにおける脆弱性	-	CVE-2007-3421	2012-12-20 18:19	2007-06-26	Show	GitHub Exploit DB Packet Storm

228984	7.5	危険	web-app.org	-	web-app.org WebAPP の cgi-bin/cgi-lib/subs.pl における脆弱性	-	CVE-2007-3420	2012-12-20 18:19	2007-06-26	Show	GitHub Exploit DB Packet Storm

228985	7.5	危険	web-app.org	-	web-app.org WebAPP の cgi-bin/cgi-lib/user.pl における脆弱性	-	CVE-2007-3419	2012-12-20 18:19	2007-06-26	Show	GitHub Exploit DB Packet Storm

228986	6.5	警告	web-app.org	-	web-app.org WebAPP の cgi-bin/cgi-lib/forum_display.pl における他のユーザになりすまされる脆弱性	-	CVE-2007-3418	2012-12-20 18:19	2007-06-26	Show	GitHub Exploit DB Packet Storm

228987	4.3	警告	web-app.org	-	web-app.org WebAPP の cgi-bin/cgi-lib/search.pl におけるクロスサイトスクリプティングの脆弱性	-	CVE-2007-3417	2012-12-20 18:19	2007-06-26	Show	GitHub Exploit DB Packet Storm

228988	5	警告	web-app.org web-app.net	-	web-app.org WebAPP などのプロフィールなどの管理におけるクロスサイトリクエストフォージェリの脆弱性	CWE-352 同一生成元ポリシー違反	CVE-2007-3416	2012-12-20 18:19	2007-06-26	Show	GitHub Exploit DB Packet Storm

228989	7.5	危険	phpraider	-	phpRaider の index.php における SQL インジェクションの脆弱性	-	CVE-2007-3415	2012-12-20 18:19	2007-06-26	Show	GitHub Exploit DB Packet Storm

228990	5	警告	sergey lyubka	-	Sergey Lyubka Simple HTTPD における重要な情報を取得される脆弱性	-	CVE-2007-3407	2012-12-20 18:19	2007-06-26	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:May 9, 2026, 5:07 a.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
200671	7.5	HIGH Network	keysight	keysight_database_connector	An issue was discovered in the Keysight Database Connector plugin before 1.5.0 for Confluence. A malicious user could bypass the access controls for using a saved database connection profile to submi…	CWE-89 SQL Injection	CVE-2020-35122	2024-11-21 14:26	2020-12-16	Show	GitHub Exploit DB Packet Storm

200672	8.8	HIGH Network	keysight	database_connector	An issue was discovered in the Keysight Database Connector plugin before 1.5.0 for Confluence. A malicious user could insert arbitrary JavaScript into saved macro parameters that would execute when a…	NVD-CWE-noinfo	CVE-2020-35121	2024-11-21 14:26	2020-12-16	Show	GitHub Exploit DB Packet Storm

200673	5.7	MEDIUM Physics	logmein	lastpass	An issue was discovered in the LogMein LastPass Password Manager (aka com.lastpass.ilastpass) app 4.8.11.2403 for iOS. The password authentication for unlocking can be bypassed by forcing the authent…	CWE-287 Improper Authentication	CVE-2020-35208	2024-11-21 14:26	2020-12-13	Show	GitHub Exploit DB Packet Storm

200674	5.7	MEDIUM Physics	logmein	lastpass	An issue was discovered in the LogMein LastPass Password Manager (aka com.lastpass.ilastpass) app 4.8.11.2403 for iOS. The PIN authentication for unlocking can be bypassed by forcing the authenticati…	CWE-287 Improper Authentication	CVE-2020-35207	2024-11-21 14:26	2020-12-13	Show	GitHub Exploit DB Packet Storm

200675	5.4	MEDIUM Network	igniterealtime	openfire	Ignite Realtime Openfire 4.6.0 has plugins/dbaccess/db-access.jsp sql Stored XSS.	CWE-79 Cross-site Scripting	CVE-2020-35202	2024-11-21 14:26	2020-12-13	Show	GitHub Exploit DB Packet Storm

200676	5.4	MEDIUM Network	igniterealtime	openfire	Ignite Realtime Openfire 4.6.0 has create-bookmark.jsp users Stored XSS.	CWE-79 Cross-site Scripting	CVE-2020-35201	2024-11-21 14:26	2020-12-13	Show	GitHub Exploit DB Packet Storm

200677	6.1	MEDIUM Network	igniterealtime	openfire	Ignite Realtime Openfire 4.6.0 has plugins/clientcontrol/spark-form.jsp Reflective XSS.	CWE-79 Cross-site Scripting	CVE-2020-35200	2024-11-21 14:26	2020-12-13	Show	GitHub Exploit DB Packet Storm

200678	5.4	MEDIUM Network	igniterealtime	openfire	Ignite Realtime Openfire 4.6.0 has create-bookmark.jsp groupchatJID Stored XSS.	CWE-79 Cross-site Scripting	CVE-2020-35199	2024-11-21 14:26	2020-12-13	Show	GitHub Exploit DB Packet Storm

200679	5.3	MEDIUM Network	awstats debian fedoraproject	awstats debian_linux fedora	In AWStats through 7.8, cgi-bin/awstats.pl?config= accepts a partial absolute pathname (omitting the initial /etc), even though it was intended to only read a file in the /etc/awstats/awstats.conf fo…	CWE-22 Path Traversal	CVE-2020-35176	2024-11-21 14:26	2020-12-12	Show	GitHub Exploit DB Packet Storm

200680	5.3	MEDIUM Network	frappe	frappe	Frappe Framework 12 and 13 does not properly validate the HTTP method for the frappe.client API.	NVD-CWE-noinfo	CVE-2020-35175	2024-11-21 14:26	2020-12-12	Show	GitHub Exploit DB Packet Storm