Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":May 18, 2026, 6 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
229771 7.5 危険 phpcredo - PHCDownload の search.php における SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2007-6670 2012-12-20 18:34 2008-01-7 Show GitHub Exploit DB Packet Storm
229772 4.3 警告 phpcredo - PHCDownload の search.php におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2007-6669 2012-12-20 18:34 2008-01-7 Show GitHub Exploit DB Packet Storm
229773 7.5 危険 Zenphoto - Zenphoto の rss.php における SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2007-6666 2012-12-20 18:34 2008-01-4 Show GitHub Exploit DB Packet Storm
229774 7.5 危険 webportal - WebPortal CMS の index.php における SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2007-6664 2012-12-20 18:34 2008-01-4 Show GitHub Exploit DB Packet Storm
229775 7.5 危険 pragmaticutopia - Joomla! 用の Pragmatic Utopia PU Arcade コンポーネントにおける SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2007-6663 2012-12-20 18:34 2008-01-4 Show GitHub Exploit DB Packet Storm
229776 7.5 危険 xcms - XCMS の cpie.php における静的コードを直接挿入する攻撃を実行される脆弱性 CWE-94
コード・インジェクション 		CVE-2007-6652 2012-12-20 18:34 2008-01-4 Show GitHub Exploit DB Packet Storm
229777 5 警告 sanybee gallery - SanyBee Gallery の index.php におけるディレクトリトラバーサルの脆弱性 CWE-22
パス・トラバーサル 		CVE-2007-6648 2012-12-20 18:34 2008-01-4 Show GitHub Exploit DB Packet Storm
229778 7.5 危険 W-Agora - w-Agora の index.php における SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2007-6647 2012-12-20 18:34 2008-01-4 Show GitHub Exploit DB Packet Storm
229779 6.8 警告 xml2owl - xml2owl の showCode.php における任意のコマンドを実行される脆弱性 CWE-94
コード・インジェクション 		CVE-2007-6632 2012-12-20 18:34 2008-01-3 Show GitHub Exploit DB Packet Storm
229780 6.8 警告 pnphpbb - PNphpBB2 の printview.php におけるディレクトリトラバーサルの脆弱性 CWE-22
パス・トラバーサル 		CVE-2007-6624 2012-12-20 18:34 2008-01-3 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:May 19, 2026, 4:16 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
196481 7.1 HIGH
Local 		apple mac_os_x An out-of-bounds read was addressed with improved input validation. This issue is fixed in macOS Catalina 10.15.6, Security Update 2020-004 Mojave, Security Update 2020-004 High Sierra. A local user … CWE-125
Out-of-bounds Read 		CVE-2020-9930 2024-11-21 14:41 2021-04-3 Show GitHub Exploit DB Packet Storm
196482 7.8 HIGH
Local 		apple mac_os_x
tvos
iphone_os
icloud
watchos
ipados 		A use after free issue was addressed with improved memory management. This issue is fixed in iOS 13.6 and iPadOS 13.6, tvOS 13.4.8, watchOS 6.2.8, iCloud for Windows 7.20, macOS Catalina 10.15.6, Sec… CWE-416
 Use After Free 		CVE-2020-9926 2024-11-21 14:41 2021-04-3 Show GitHub Exploit DB Packet Storm
196483 7.8 HIGH
Local 		intel compute_stick_stk1a32sc_firmware Insecure inherited permissions for the Intel(R) SOC driver package for STK1A32SC before version 604 may allow an authenticated user to potentially enable escalation of privilege via local access. CWE-732
 Incorrect Permission Assignment for Critical Resource 		CVE-2021-0109 2024-11-21 14:41 2021-02-17 Show GitHub Exploit DB Packet Storm
196484 7.5 HIGH
Network 		apple iphone_os
watchos
icloud
tvos
ipados
mac_os_x 		This issue was addressed with improved checks. This issue is fixed in macOS Big Sur 11.0.1, watchOS 7.0, iOS 14.0 and iPadOS 14.0, iCloud for Windows 7.21, tvOS 14.0. A remote attacker may be able to… NVD-CWE-noinfo
CVE-2020-9991 2024-11-21 14:41 2020-12-9 Show GitHub Exploit DB Packet Storm
196485 7.8 HIGH
Local 		apple iphone_os
watchos
tvos
ipados
mac_os_x
itunes
icloud 		A memory corruption issue was addressed with improved state management. This issue is fixed in macOS Big Sur 11.0.1, iTunes for Windows 12.10.9. Processing a maliciously crafted text file may lead to… CWE-787
 Out-of-bounds Write 		CVE-2020-9999 2024-11-21 14:41 2020-12-9 Show GitHub Exploit DB Packet Storm
196486 7.8 HIGH
Local 		apple iphone_os
ipados
mac_os_x 		A use after free issue was addressed with improved memory management. This issue is fixed in macOS Big Sur 11.0.1, iOS 14.0 and iPadOS 14.0. A malicious application may be able to elevate privileges. CWE-416
 Use After Free 		CVE-2020-9996 2024-11-21 14:41 2020-12-9 Show GitHub Exploit DB Packet Storm
196487 4.3 MEDIUM
Network 		apple iphone_os
watchos
ipados
safari 		The issue was addressed with improved UI handling. This issue is fixed in watchOS 7.0, Safari 14.0, iOS 14.0 and iPadOS 14.0. Visiting a malicious website may lead to address bar spoofing. CWE-1021
 Improper Restriction of Rendered UI Layers or Frames 		CVE-2020-9993 2024-11-21 14:41 2020-12-9 Show GitHub Exploit DB Packet Storm
196488 5.5 MEDIUM
Local 		apple iphone_os
watchos
ipados
mac_os_x 		The issue was addressed with improved deletion. This issue is fixed in macOS Big Sur 11.0.1, watchOS 7.0, iOS 14.0 and iPadOS 14.0. A local user may be able to discover a user’s deleted messages. NVD-CWE-noinfo
CVE-2020-9989 2024-11-21 14:41 2020-12-9 Show GitHub Exploit DB Packet Storm
196489 5.5 MEDIUM
Local 		apple iphone_os
ipados
mac_os_x 		The issue was addressed with improved deletion. This issue is fixed in macOS Big Sur 11.0.1, iOS 14.0 and iPadOS 14.0. A local user may be able to discover a user’s deleted messages. NVD-CWE-noinfo
CVE-2020-9988 2024-11-21 14:41 2020-12-9 Show GitHub Exploit DB Packet Storm
196490 4.3 MEDIUM
Network 		apple safari An inconsistent user interface issue was addressed with improved state management. This issue is fixed in Safari 14.0. Visiting a malicious website may lead to address bar spoofing. CWE-1021
 Improper Restriction of Rendered UI Layers or Frames 		CVE-2020-9987 2024-11-21 14:41 2020-12-9 Show GitHub Exploit DB Packet Storm