Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":May 8, 2026, 6 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
229041 7.5 危険 web-app.org
web-app.net		 - web-app.net WebAPP などの Menu Manager Mod における任意のコマンドを実行される脆弱性 CWE-264
認可・権限・アクセス制御 		CVE-2007-3242 2012-12-20 18:19 2007-06-14 Show GitHub Exploit DB Packet Storm
229042 4.3 警告 WordPress.org - WordPress 用の cordobo-green-park テーマの blogroll.php におけるクロスサイトスクリプティングの脆弱性 - CVE-2007-3241 2012-12-20 18:19 2007-06-14 Show GitHub Exploit DB Packet Storm
229043 4.3 警告 WordPress.org - WordPress 用の Vistered-Little テーマの 404.php におけるクロスサイトスクリプティングの脆弱性 - CVE-2007-3240 2012-12-20 18:19 2007-06-14 Show GitHub Exploit DB Packet Storm
229044 4.3 警告 WordPress.org - WordPress 用の AndyBlue テーマの searchform.php におけるクロスサイトスクリプティングの脆弱性 - CVE-2007-3239 2012-12-20 18:19 2007-06-14 Show GitHub Exploit DB Packet Storm
229045 6 警告 WordPress.org - WordPress のデフォルトテーマの functions.php におけるクロスサイトスクリプティングの脆弱性 - CVE-2007-3238 2012-12-20 18:19 2007-06-14 Show GitHub Exploit DB Packet Storm
229046 6.8 警告 XOOPS - XOOPS 用の TinyContent モジュールにおける PHP リモートファイルインクルージョンの脆弱性 - CVE-2007-3237 2012-12-20 18:19 2007-06-12 Show GitHub Exploit DB Packet Storm
229047 7.5 危険 XOOPS - XOOPS 用の Horoscope モジュールにおける PHP リモートファイルインクルージョンの脆弱性 - CVE-2007-3236 2012-12-20 18:19 2007-06-14 Show GitHub Exploit DB Packet Storm
229048 5 警告 tec-it - TEC-IT TBarCode OCX ActiveX コントロール における任意のファイルを上書きされる脆弱性 - CVE-2007-3233 2012-12-20 18:19 2007-06-14 Show GitHub Exploit DB Packet Storm
229049 6.8 警告 simian systems inc - Idan Sofer PHP::HTML の phphtml.php における PHP リモートファイルインクルージョンの脆弱性 - CVE-2007-3230 2012-12-20 18:19 2007-06-14 Show GitHub Exploit DB Packet Storm
229050 6.8 警告 singapore - Singapore Gallery の index.php における重要な情報を取得される脆弱性 - CVE-2007-3229 2012-12-20 18:19 2007-06-14 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:May 9, 2026, 5:07 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
200571 6.5 MEDIUM
Network 		ovirt
redhat 		ovirt-engine
virtualization 		A flaw was found in ovirt-engine 4.4.3 and earlier allowing an authenticated user to read other users' personal information, including name, email and public SSH key. - CVE-2020-35497 2024-11-21 14:27 2020-12-22 Show GitHub Exploit DB Packet Storm
200572 9.8 CRITICAL
Network 		egavilanmedia ecm_address_book EgavilanMedia ECM Address Book 1.0 is affected by SQL injection. An attacker can bypass the Admin Login panel through SQLi and get Admin access and add or remove any user. CWE-89
SQL Injection 		CVE-2020-35276 2024-11-21 14:27 2020-12-22 Show GitHub Exploit DB Packet Storm
200573 5.4 MEDIUM
Network 		coastercms coastercms Coastercms v5.8.18 is affected by cross-site Scripting (XSS). A user can steal a cookie and make the user redirect to any malicious website because it is trigged on the main home page of the product/… CWE-79
Cross-site Scripting 		CVE-2020-35275 2024-11-21 14:27 2020-12-22 Show GitHub Exploit DB Packet Storm
200574 4.8 MEDIUM
Network 		dotcms dotcms DotCMS Add Template with admin panel 20.11 is affected by cross-site Scripting (XSS) to gain remote privileges. An attacker could compromise the security of a website or web application through a sto… CWE-79
Cross-site Scripting 		CVE-2020-35274 2024-11-21 14:27 2020-12-22 Show GitHub Exploit DB Packet Storm
200575 8.0 HIGH
Network 		egavilanmedia user_registration_\&_login_system_with_admin_panel EgavilanMedia User Registration & Login System with Admin Panel 1.0 is affected by Cross Site Request Forgery (CSRF) to remotely gain privileges in the User Profile panel. An attacker can update any … CWE-352
 Origin Validation Error 		CVE-2020-35273 2024-11-21 14:27 2020-12-22 Show GitHub Exploit DB Packet Storm
200576 9.8 CRITICAL
Network 		limitloginattempts limit_login_attempts_reloaded LimitLoginAttempts.php in the limit-login-attempts-reloaded plugin before 2.17.4 for WordPress allows a bypass of (per IP address) rate limits because the X-Forwarded-For header can be forged. When t… CWE-307
mproper Restriction of Excessive Authentication Attempts 		CVE-2020-35590 2024-11-21 14:27 2020-12-21 Show GitHub Exploit DB Packet Storm
200577 5.4 MEDIUM
Network 		limitloginattempts limit_login_attempts_reloaded The limit-login-attempts-reloaded plugin before 2.17.4 for WordPress allows wp-admin/options-general.php?page=limit-login-attempts&tab= XSS. A malicious user can cause an administrator user to supply… CWE-79
Cross-site Scripting 		CVE-2020-35589 2024-11-21 14:27 2020-12-21 Show GitHub Exploit DB Packet Storm
200578 7.5 HIGH
Network 		subconverter_project subconverter tindy2013 subconverter 0.6.4 has a /sub?target=%TARGET%&url=%URL%&config=%CONFIG% API endpoint that accepts an arbitrary %URL% value and launches a GET request for it, but does not consider that the … NVD-CWE-Other
CVE-2020-35579 2024-11-21 14:27 2020-12-20 Show GitHub Exploit DB Packet Storm
200579 7.5 HIGH
Network 		postsrsd_project
debian 		postsrsd
debian_linux 		srs2.c in PostSRSd before 1.10 allows remote attackers to cause a denial of service (CPU consumption) via a long timestamp tag in an SRS address. CWE-834
 Excessive Iteration 		CVE-2020-35573 2024-11-21 14:27 2020-12-20 Show GitHub Exploit DB Packet Storm
200580 7.8 HIGH
Local 		google android An issue was discovered on LG mobile devices with Android OS 10 software. When a dual-screen configuration is supported, the device does not lock upon disconnection of a call with the cover closed. T… NVD-CWE-noinfo
CVE-2020-35555 2024-11-21 14:27 2020-12-18 Show GitHub Exploit DB Packet Storm