Vulnerability Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":May 12, 2026, 10 a.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
229881	6.8	警告	PHPNUKE	-	PHP-Nuke における CSRF 攻撃を実行される脆弱性	CWE-352 同一生成元ポリシー違反	CVE-2007-1520	2012-12-20 18:19	2007-03-20	Show	GitHub Exploit DB Packet Storm

229882	4.3	警告	PHPNUKE	-	PHP-Nuke の modules.php におけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2007-1519	2012-12-20 18:19	2007-03-20	Show	GitHub Exploit DB Packet Storm

229883	7.5	危険	woltlab	-	wBB の usergroups.php における SQL インジェクションの脆弱性	-	CVE-2007-1518	2012-12-20 18:19	2007-03-20	Show	GitHub Exploit DB Packet Storm

229884	6.8	警告	viperweb	-	ViperWeb Portal の index.php における PHP リモートファイルインクルージョンの脆弱性	-	CVE-2007-1514	2012-12-20 18:19	2007-03-20	Show	GitHub Exploit DB Packet Storm

229885	7.5	危険	rhapsody irc	-	Rhapsody IRC の comm.c におけるフォーマットストリングの脆弱性	-	CVE-2007-1503	2012-12-20 18:19	2007-03-19	Show	GitHub Exploit DB Packet Storm

229886	6.8	警告	rhapsody irc	-	Rhapsody IRC におけるバッファオーバーフローの脆弱性	-	CVE-2007-1502	2012-12-20 18:19	2007-03-19	Show	GitHub Exploit DB Packet Storm

229887	4.9	警告	シマンテック	-	Symantec Norton Personal Firewall などの \Device\SymEvent ドライバにおけるサービス運用妨害 (DoS) の脆弱性	-	CVE-2007-1495	2012-12-20 18:19	2007-03-16	Show	GitHub Exploit DB Packet Storm

229888	6.8	警告	web-app.org	-	web-app.org WebAPP における管理アクセス権限を取得される脆弱性	CWE-352 同一生成元ポリシー違反	CVE-2007-1489	2012-12-20 18:19	2007-03-16	Show	GitHub Exploit DB Packet Storm

229889	7.5	危険	wbblog	-	WBBlog の index.php における SQL インジェクションの脆弱性	-	CVE-2007-1481	2012-12-20 18:19	2007-03-16	Show	GitHub Exploit DB Packet Storm

229890	1.9	注意	シマンテック	-	Symantec Norton Personal Firewall などの SYMTDI.SYS におけるサービス運用妨害 (DoS) の脆弱性	CWE-20 不適切な入力確認	CVE-2007-1476	2012-12-20 18:19	2007-03-16	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:May 12, 2026, 5:06 a.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
210451	7.8	HIGH Local	json-c fedoraproject debian canonical siemens	json-c fedora debian_linux ubuntu_linux sinec_ins	json-c through 0.14 has an integer overflow and out-of-bounds write via a large JSON file, as demonstrated by printbuf_memappend.	CWE-787 CWE-190 Out-of-bounds Write Integer Overflow or Wraparound	CVE-2020-12762	2024-11-21 14:00	2020-05-10	Show	GitHub Exploit DB Packet Storm

210452	9.1	CRITICAL Network	enlightenment	imlib2	modules/loaders/loader_ico.c in imlib2 1.6.0 has an integer overflow (with resultant invalid memory allocations and out-of-bounds reads) via an icon with many colors in its color map.	CWE-125 CWE-190 Out-of-bounds Read Integer Overflow or Wraparound	CVE-2020-12761	2024-11-21 14:00	2020-05-10	Show	GitHub Exploit DB Packet Storm

210453	3.3	LOW Local	kde	kio-extras	fishProtocol::establishConnection in fish/fish.cpp in KDE kio-extras through 20.04.0 makes a cacheAuthentication call even if the user had not set the keepPassword option. This may lead to unintended…	NVD-CWE-noinfo	CVE-2020-12755	2024-11-21 14:00	2020-05-10	Show	GitHub Exploit DB Packet Storm

210454	9.1	CRITICAL Network	broadcom fedoraproject	tcpreplay fedora	tcprewrite in Tcpreplay through 4.3.2 has a heap-based buffer over-read during a get_c operation. The issue is being triggered in the function get_ipv6_next() at common/get.c.	CWE-125 Out-of-bounds Read	CVE-2020-12740	2024-11-21 14:00	2020-05-9	Show	GitHub Exploit DB Packet Storm

210455	6.5	MEDIUM Network	maxum	rumpus	An issue was discovered in Maxum Rumpus before 8.2.12 on macOS. Authenticated users can perform a path traversal using double escaped characters, enabling read access to arbitrary files on the server.	CWE-22 Path Traversal	CVE-2020-12737	2024-11-21 14:00	2020-05-9	Show	GitHub Exploit DB Packet Storm

210456	5.5	MEDIUM Local	avira	free_antivirus	Avira Free Antivirus through 15.0.2005.1866 allows local users to discover user credentials. The functions of the executable file Avira.PWM.NativeMessaging.exe are aimed at collecting credentials sto…	NVD-CWE-noinfo	CVE-2020-12680	2024-11-21 14:00	2020-05-8	Show	GitHub Exploit DB Packet Storm

210457	9.8	CRITICAL Network	domainmod	domainmod	reset.php in DomainMOD 4.13.0 uses insufficient entropy for password reset requests, leading to account takeover.	CWE-331 Insufficient Entropy	CVE-2020-12735	2024-11-21 14:00	2020-05-8	Show	GitHub Exploit DB Packet Storm

210458	9.8	CRITICAL Network	vbulletin	vbulletin	vBulletin before 5.5.6pl1, 5.6.0 before 5.6.0pl1, and 5.6.1 before 5.6.1pl1 has incorrect access control.	CWE-89 CWE-306 SQL Injection Missing Authentication for Critical Function	CVE-2020-12720	2024-11-21 14:00	2020-05-8	Show	GitHub Exploit DB Packet Storm

210459	7.2	HIGH Network	wso2	identity_server_analytics identity_server identity_server_as_key_manager enterprise_integrator api_microgateway api_manager_analytics api_manager	XXE during an EventPublisher update can occur in Management Console in WSO2 API Manager 3.0.0 and earlier, API Manager Analytics 2.5.0 and earlier, API Microgateway 2.2.0, Enterprise Integrator 6.4.0…	CWE-611 XXE	CVE-2020-12719	2024-11-21 14:00	2020-05-8	Show	GitHub Exploit DB Packet Storm

210460	5.4	MEDIUM Network	php-fusion	php-fusion	In administration/comments.php in PHP-Fusion 9.03.50, an authenticated attacker can take advantage of a stored XSS vulnerability in the Preview Comment feature. The protection mechanism can be bypass…	CWE-79 Cross-site Scripting	CVE-2020-12718	2024-11-21 14:00	2020-05-8	Show	GitHub Exploit DB Packet Storm

Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed