Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":May 12, 2026, 6 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
229131 4.3 警告 xigla - Absolute Poll Manager XE の xlaapmview.asp におけるクロスサイトスクリプティングの脆弱性 - CVE-2007-4630 2012-12-20 18:33 2007-08-30 Show GitHub Exploit DB Packet Storm
229132 7.5 危険 university of minnesota - MapServer の maptemplate.c におけるバッファオーバーフローの脆弱性 - CVE-2007-4629 2012-12-20 18:33 2007-08-30 Show GitHub Exploit DB Packet Storm
229133 7.5 危険 phpns - phpns の shownews.php における SQL インジェクションの脆弱性 - CVE-2007-4628 2012-12-20 18:33 2007-08-30 Show GitHub Exploit DB Packet Storm
229134 5 警告 polipo - Polipo におけるサービス運用妨害 (DoS) の脆弱性 - CVE-2007-4626 2012-12-20 18:33 2007-08-30 Show GitHub Exploit DB Packet Storm
229135 4.3 警告 polipo - Polipo におけるサービス運用妨害 (DoS) の脆弱性 - CVE-2007-4625 2012-12-20 18:33 2007-08-30 Show GitHub Exploit DB Packet Storm
229136 7.5 危険 winterburns.co.uk - ePersonnel の protection.php における PHP リモートファイルインクルージョンの脆弱性 CWE-94
コード・インジェクション 		CVE-2007-4608 2012-12-20 18:33 2007-08-30 Show GitHub Exploit DB Packet Storm
229137 7.5 危険 phpnuke-clan - PHP-Nuke 用の VWar モジュールにおける PHP リモートファイルインクルージョンの脆弱性 CWE-94
コード・インジェクション 		CVE-2007-4606 2012-12-20 18:33 2007-08-30 Show GitHub Exploit DB Packet Storm
229138 7.5 危険 VWar - VWar の convert/mvcw.php における PHP リモートファイルインクルージョンの脆弱性 CWE-94
コード・インジェクション 		CVE-2007-4605 2012-12-20 18:33 2007-08-30 Show GitHub Exploit DB Packet Storm
229139 5 警告 Canonical - tcp-wrappers のリグレッションエラーにおけるアクセス制限を回避される脆弱性 CWE-264
認可・権限・アクセス制御 		CVE-2007-4601 2012-12-20 18:33 2007-08-29 Show GitHub Exploit DB Packet Storm
229140 4.6 警告 PTC Inc. - Mathsoft Mathcad および PTC Mathcad の "ワークシート保護" 機能における制限を回避される脆弱性 CWE-264
認可・権限・アクセス制御 		CVE-2007-4600 2012-12-20 18:33 2007-10-18 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:May 12, 2026, 5:06 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
209651 9.8 CRITICAL
Network 		trendnet tew-827dru_firmware TRENDnet TEW-827DRU devices through 2.06B04 contain a stack-based buffer overflow in the ssi binary. The overflow allows an unauthenticated user to execute arbitrary code by POSTing to apply_sec.cgi … CWE-787
 Out-of-bounds Write 		CVE-2020-14080 2024-11-21 14:02 2020-06-15 Show GitHub Exploit DB Packet Storm
209652 8.8 HIGH
Network 		trendnet tew-827dru_firmware TRENDnet TEW-827DRU devices through 2.06B04 contain a stack-based buffer overflow in the ssi binary. The overflow allows an authenticated user to execute arbitrary code by POSTing to apply.cgi via th… CWE-787
 Out-of-bounds Write 		CVE-2020-14079 2024-11-21 14:02 2020-06-15 Show GitHub Exploit DB Packet Storm
209653 8.8 HIGH
Network 		trendnet tew-827dru_firmware TRENDnet TEW-827DRU devices through 2.06B04 contain a stack-based buffer overflow in the ssi binary. The overflow allows an authenticated user to execute arbitrary code by POSTing to apply.cgi via th… CWE-787
 Out-of-bounds Write 		CVE-2020-14078 2024-11-21 14:02 2020-06-15 Show GitHub Exploit DB Packet Storm
209654 8.8 HIGH
Network 		trendnet tew-827dru_firmware TRENDnet TEW-827DRU devices through 2.06B04 contain a stack-based buffer overflow in the ssi binary. The overflow allows an authenticated user to execute arbitrary code by POSTing to apply.cgi via th… CWE-787
 Out-of-bounds Write 		CVE-2020-14077 2024-11-21 14:02 2020-06-15 Show GitHub Exploit DB Packet Storm
209655 8.8 HIGH
Network 		trendnet tew-827dru_firmware TRENDnet TEW-827DRU devices through 2.06B04 contain multiple command injections in apply.cgi via the action pppoe_connect, ru_pppoe_connect, or dhcp_connect with the key wan_ifname (or wan0_dns), all… CWE-78
OS Command  		CVE-2020-14075 2024-11-21 14:02 2020-06-15 Show GitHub Exploit DB Packet Storm
209656 8.8 HIGH
Network 		trendnet tew-827dru_firmware TRENDnet TEW-827DRU devices through 2.06B04 contain a stack-based buffer overflow in the ssi binary. The overflow allows an authenticated user to execute arbitrary code by POSTing to apply.cgi via th… CWE-787
 Out-of-bounds Write 		CVE-2020-14074 2024-11-21 14:02 2020-06-15 Show GitHub Exploit DB Packet Storm
209657 9.8 CRITICAL
Network 		naviwebs navigatecms The install_from_hash functionality in Navigate CMS 2.9 does not consider the .phtml extension when examining files within a ZIP archive that may contain PHP code, in check_upload in lib/packages/ext… CWE-434
 Unrestricted Upload of File with Dangerous Type  		CVE-2020-14067 2024-11-21 14:02 2020-06-15 Show GitHub Exploit DB Packet Storm
209658 8.1 HIGH
Network 		fasterxml
netapp
oracle 		jackson-databind
steelstore_cloud_integrated_storage
active_iq_unified_manager
agile_plm
banking_digital_experience
communications_diameter_signaling_router
communications_evolved_c… 		FasterXML jackson-databind 2.x before 2.9.10.5 mishandles the interaction between serialization gadgets and typing, related to oadd.org.apache.xalan.lib.sql.JNDIConnectionPool (aka apache/drill). CWE-502
 Deserialization of Untrusted Data 		CVE-2020-14060 2024-11-21 14:02 2020-06-15 Show GitHub Exploit DB Packet Storm
209659 8.1 HIGH
Network 		fasterxml
netapp
debian
oracle 		jackson-databind
steelstore_cloud_integrated_storage
active_iq_unified_manager
debian_linux
agile_plm
banking_digital_experience
communications_diameter_signaling_router
communic… 		FasterXML jackson-databind 2.x before 2.9.10.5 mishandles the interaction between serialization gadgets and typing, related to com.sun.org.apache.xalan.internal.lib.sql.JNDIConnectionPool (aka xalan2… CWE-502
 Deserialization of Untrusted Data 		CVE-2020-14062 2024-11-21 14:02 2020-06-15 Show GitHub Exploit DB Packet Storm
209660 8.1 HIGH
Network 		fasterxml
netapp
debian
oracle 		jackson-databind
steelstore_cloud_integrated_storage
active_iq_unified_manager
debian_linux
agile_plm
banking_digital_experience
communications_instant_messaging_server
communica… 		FasterXML jackson-databind 2.x before 2.9.10.5 mishandles the interaction between serialization gadgets and typing, related to oracle.jms.AQjmsQueueConnectionFactory, oracle.jms.AQjmsXATopicConnectio… CWE-502
 Deserialization of Untrusted Data 		CVE-2020-14061 2024-11-21 14:02 2020-06-15 Show GitHub Exploit DB Packet Storm