Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":May 15, 2026, 6 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
229591 2.6 注意 サン・マイクロシステムズ - Sun JVM におけるマルチピン DNS リバインド攻撃を実行される脆弱性 CWE-16
CWE-20
CVE-2007-5375 2012-12-20 18:33 2007-10-11 Show GitHub Exploit DB Packet Storm
229592 6.8 警告 verlihub-project - VHCP の index.php におけるディレクトリトラバーサルの脆弱性 CWE-22
CWE-94
CVE-2007-5321 2012-12-20 18:33 2007-10-9 Show GitHub Exploit DB Packet Storm
229593 5 警告 typolight - TYPOlight webCMS の preview.php における任意のファイルをダウンロードされる脆弱性 CWE-20
不適切な入力確認 		CVE-2007-5318 2012-12-20 18:33 2007-10-9 Show GitHub Exploit DB Packet Storm
229594 5 警告 SoftbizScripts - Softbiz Jobs and Recruitment Script の browsecats.php における SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2007-5316 2012-12-20 18:33 2007-10-9 Show GitHub Exploit DB Packet Storm
229595 6.8 警告 softpedia - Softonic International SciTE における PHP リモートファイルインクルージョンの脆弱性 CWE-94
コード・インジェクション 		CVE-2007-5315 2012-12-20 18:33 2007-10-9 Show GitHub Exploit DB Packet Storm
229596 6.8 警告 xkiosk - xKiosk WEB の system/funcs/xkurl.php における PHP リモートファイルインクルージョンの脆弱性 CWE-94
コード・インジェクション 		CVE-2007-5314 2012-12-20 18:33 2007-10-9 Show GitHub Exploit DB Packet Storm
229597 7.5 危険 script-solution.de - Picturesolution の install/config.php における PHP リモートファイルインクルージョンの脆弱性 CWE-94
コード・インジェクション 		CVE-2007-5313 2012-12-20 18:33 2007-10-9 Show GitHub Exploit DB Packet Storm
229598 4.3 警告 torrenttrader - TorrentTrader Classic におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2007-5312 2012-12-20 18:33 2007-10-9 Show GitHub Exploit DB Packet Storm
229599 7.5 危険 torrenttrader - TorrentTrader Classic Edition の backend/admin-functions.php におけるディレクトリトラバーサルの脆弱性 CWE-22
パス・トラバーサル 		CVE-2007-5311 2012-12-20 18:33 2007-10-9 Show GitHub Exploit DB Packet Storm
229600 7.5 危険 yannick tanguy - ELSEIF CMS における任意の PHP コードを実行される脆弱性 CWE-94
コード・インジェクション 		CVE-2007-5307 2012-12-20 18:33 2007-10-9 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:May 15, 2026, 4:28 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
196581 6.1 MEDIUM
Network 		ckeditor
fedoraproject
drupal
oracle 		ckeditor
fedora
drupal
peoplesoft_enterprise_peopletools
webcenter_portal
agile_plm
application_express
jd_edwards_enterpriseone_tools
siebel_apps_-_customer_order_management<… 		A cross-site scripting (XSS) vulnerability in the HTML Data Processor for CKEditor 4.0 before 4.14 allows remote attackers to inject arbitrary web script through a crafted "protected" comment (with t… CWE-79
Cross-site Scripting 		CVE-2020-9281 2024-11-21 14:40 2020-03-7 Show GitHub Exploit DB Packet Storm
196582 8.8 HIGH
Network 		metagauss registrationmagic In the RegistrationMagic plugin through 4.6.0.3 for WordPress, the export function allows remote authenticated users (with minimal privileges) to export submitted form data and settings via class_rm_… CWE-862
 Missing Authorization 		CVE-2020-9458 2024-11-21 14:40 2020-03-7 Show GitHub Exploit DB Packet Storm
196583 8.8 HIGH
Network 		metagauss registrationmagic The RegistrationMagic plugin through 4.6.0.3 for WordPress allows remote authenticated users (with minimal privileges) to import custom vulnerable forms and change form settings via class_rm_form_set… CWE-862
 Missing Authorization 		CVE-2020-9457 2024-11-21 14:40 2020-03-7 Show GitHub Exploit DB Packet Storm
196584 8.8 HIGH
Network 		metagauss registrationmagic In the RegistrationMagic plugin through 4.6.0.3 for WordPress, the user controller allows remote authenticated users (with minimal privileges) to elevate their privileges to administrator via class_r… CWE-862
 Missing Authorization 		CVE-2020-9456 2024-11-21 14:40 2020-03-7 Show GitHub Exploit DB Packet Storm
196585 4.3 MEDIUM
Network 		metagauss registrationmagic The RegistrationMagic plugin through 4.6.0.3 for WordPress allows remote authenticated users (with minimal privileges) to send arbitrary emails on behalf of the site via class_rm_user_services.php se… CWE-862
 Missing Authorization 		CVE-2020-9455 2024-11-21 14:40 2020-03-7 Show GitHub Exploit DB Packet Storm
196586 8.8 HIGH
Network 		metagauss registrationmagic A CSRF vulnerability in the RegistrationMagic plugin through 4.6.0.3 for WordPress allows remote attackers to forge requests on behalf of a site administrator to change all settings for the plugin, i… CWE-352
 Origin Validation Error 		CVE-2020-9454 2024-11-21 14:40 2020-03-7 Show GitHub Exploit DB Packet Storm
196587 6.5 MEDIUM
Network 		mi miui_firmware An issue was discovered on Xiaomi MIUI V11.0.5.0.QFAEUXM devices. The export component of GetApps(com.xiaomi.mipicks) mishandles the functionality of opening other components. Attackers need to induc… CWE-94
Code Injection 		CVE-2020-9530 2024-11-21 14:40 2020-03-7 Show GitHub Exploit DB Packet Storm
196588 7.3 HIGH
Adjacent 		mi miui_firmware An issue was discovered on Xiaomi MIUI V11.0.5.0.QFAEUXM devices. In the Web resources of GetApps(com.xiaomi.mipicks), the parameters passed in are read and executed. After reading the resource files… NVD-CWE-noinfo
CVE-2020-9531 2024-11-21 14:40 2020-03-7 Show GitHub Exploit DB Packet Storm
196589 7.8 HIGH
Local 		redsoftware pdfescape An untrusted search path vulnerability in the installer of PDFescape Desktop version 4.0.22 and earlier allows an attacker to gain privileges and execute code via DLL hijacking. CWE-426
 Untrusted Search Path 		CVE-2020-9418 2024-11-21 14:40 2020-03-6 Show GitHub Exploit DB Packet Storm
196590 7.5 HIGH
Network 		d-link dsl-2640b_firmware An issue was discovered on D-Link DSL-2640B E1 EU_1.01 devices. The administrative interface doesn't perform authentication checks for a firmware-update POST request. Any attacker that can access the… CWE-306
Missing Authentication for Critical Function 		CVE-2020-9544 2024-11-21 14:40 2020-03-6 Show GitHub Exploit DB Packet Storm