Vulnerability Search Top

Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

Vulnerability Information Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":May 14, 2026, 6:01 p.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
229471	7.5	危険	tlm cms	-	TLM CMS における SQL インジェクションの脆弱性	CWE-89 SQLインジェクション	CVE-2007-4808	2012-12-20 18:33	2007-09-11	Show	GitHub Exploit DB Packet Storm

229472	5	警告	ソフォス	-	Sophos Anti-Virus のウィルス検出エンジンにおけるマルウェアの検出を回避される脆弱性	CWE-20 不適切な入力確認	CVE-2007-4787	2012-12-20 18:33	2007-09-10	Show	GitHub Exploit DB Packet Storm

229473	7.5	危険	tim jackson	-	PHPOF の dbmodules/DB_adodb.class.php における PHP リモートファイルインクルージョンの脆弱性	CWE-94 コード・インジェクション	CVE-2007-4763	2012-12-20 18:33	2007-09-8	Show	GitHub Exploit DB Packet Storm

229474	7.5	危険	phpmytourney	-	phpMytourney の menu.php における PHP リモートファイルインクルージョンの脆弱性	CWE-20 不適切な入力確認	CVE-2007-4757	2012-12-20 18:33	2007-09-8	Show	GitHub Exploit DB Packet Storm

229475	5	警告	Thomson	-	Thomson ST 2030 SIP 電話機におけるサービス運用妨害 (DoS) の脆弱性	CWE-DesignError	CVE-2007-4753	2012-12-20 18:33	2007-09-7	Show	GitHub Exploit DB Packet Storm

229476	6.8	警告	ppstream	-	PPStream の PowerPlayer.dll ActiveX コントロールにおけるバッファオーバーフローの脆弱性	CWE-119 バッファエラー	CVE-2007-4748	2012-12-20 18:33	2007-09-6	Show	GitHub Exploit DB Packet Storm

229477	9.3	危険	telecom italy	-	Telecom Italy Alice Messenger の Hp.Revolution.RegistryManager.dll 1 におけるレジストリキーを作成される脆弱性	CWE-264 認可・権限・アクセス制御	CVE-2007-4740	2012-12-20 18:33	2007-09-6	Show	GitHub Exploit DB Packet Storm

229478	7.5	危険	speedtech	-	SpeedTech PHP Library における PHP リモートファイルインクルージョンの脆弱性	CWE-20 CWE-94	CVE-2007-4738	2012-12-20 18:33	2007-09-6	Show	GitHub Exploit DB Packet Storm

229479	7.5	危険	speedtech	-	STPHPLibrary における PHP リモートファイルインクルージョンの脆弱性	CWE-94 コード・インジェクション	CVE-2007-4737	2012-12-20 18:33	2007-09-6	Show	GitHub Exploit DB Packet Storm

229480	10	危険	トレンドマイクロ	-	Trend Micro ServerProtect の TMReg.dll におけるスタックベースのバッファオーバーフローの脆弱性	CWE-119 バッファエラー	CVE-2007-4731	2012-12-20 18:33	2007-09-11	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:May 15, 2026, 4:28 a.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
209751	7.5	HIGH Network	solarwinds	serv-u	SolarWinds Serv-U File Server before 15.2.1 allows information disclosure via an HTTP response.	NVD-CWE-noinfo	CVE-2020-15576	2024-11-21 14:05	2020-07-7	Show	GitHub Exploit DB Packet Storm

209752	6.1	MEDIUM Network	solarwinds	serv-u	SolarWinds Serv-U File Server before 15.2.1 allows XSS as demonstrated by Tenable Scan, aka Case Number 00484194.	CWE-79 Cross-site Scripting	CVE-2020-15575	2024-11-21 14:05	2020-07-7	Show	GitHub Exploit DB Packet Storm

209753	7.5	HIGH Network	solarwinds	serv-u	SolarWinds Serv-U File Server before 15.2.1 mishandles the Same-Site cookie attribute, aka Case Number 00331893.	NVD-CWE-noinfo	CVE-2020-15574	2024-11-21 14:05	2020-07-7	Show	GitHub Exploit DB Packet Storm

209754	6.1	MEDIUM Network	solarwinds	serv-u	SolarWinds Serv-U File Server before 15.2.1 has a "Cross-script vulnerability," aka Case Numbers 00041778 and 00306421.	CWE-79 Cross-site Scripting	CVE-2020-15573	2024-11-21 14:05	2020-07-7	Show	GitHub Exploit DB Packet Storm

209755	5.3	MEDIUM Network	gitlab	gitlab	GitLab EE 11.3 through 13.1.2 has Incorrect Access Control because of the Maven package upload endpoint.	NVD-CWE-noinfo	CVE-2020-15525	2024-11-21 14:05	2020-07-7	Show	GitHub Exploit DB Packet Storm

209756	5.4	MEDIUM Network	faceted_search_project	faceted_search	The ke_search (aka Faceted Search) extension through 2.8.2, and 3.x through 3.1.3, for TYPO3 allows XSS.	CWE-79 Cross-site Scripting	CVE-2020-15517	2024-11-21 14:05	2020-07-7	Show	GitHub Exploit DB Packet Storm

209757	5.4	MEDIUM Network	mm_forum_project	mm_forum	The mm_forum extension through 1.9.5 for TYPO3 allows XSS that can be exploited via CSRF.	CWE-352 CWE-79 Origin Validation Error Cross-site Scripting	CVE-2020-15516	2024-11-21 14:05	2020-07-7	Show	GitHub Exploit DB Packet Storm

209758	5.4	MEDIUM Network	jh_captcha_project	jh_captcha	The jh_captcha extension through 2.1.3, and 3.x through 3.0.2, for TYPO3 allows XSS.	CWE-79 Cross-site Scripting	CVE-2020-15514	2024-11-21 14:05	2020-07-7	Show	GitHub Exploit DB Packet Storm

209759	5.3	MEDIUM Network	mittwald	typo3_forum	The typo3_forum extension before 1.2.1 for TYPO3 has Incorrect Access Control.	CWE-863 Incorrect Authorization	CVE-2020-15513	2024-11-21 14:05	2020-07-7	Show	GitHub Exploit DB Packet Storm

209760	6.5	MEDIUM Adjacent	nordicsemi	dfu_library android_ble_library	Nordic Semiconductor Android BLE Library through 2.2.1 and DFU Library through 1.10.4 for Android (as used by nRF Connect and other applications) can engage in unencrypted communication while showing…	CWE-319 Cleartext Transmission of Sensitive Information	CVE-2020-15509	2024-11-21 14:05	2020-07-7	Show	GitHub Exploit DB Packet Storm