Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":May 12, 2026, 6 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
229931 5 警告 zomplog - Zomplog の themes/default/ におけるディレクトリトラバーサルの脆弱性 - CVE-2007-1524 2012-12-20 18:19 2007-03-20 Show GitHub Exploit DB Packet Storm
229932 6.8 警告 PHPNUKE - PHP-Nuke における CSRF 攻撃を実行される脆弱性 CWE-352
同一生成元ポリシー違反 		CVE-2007-1520 2012-12-20 18:19 2007-03-20 Show GitHub Exploit DB Packet Storm
229933 4.3 警告 PHPNUKE - PHP-Nuke の modules.php におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2007-1519 2012-12-20 18:19 2007-03-20 Show GitHub Exploit DB Packet Storm
229934 7.5 危険 woltlab - wBB の usergroups.php における SQL インジェクションの脆弱性 - CVE-2007-1518 2012-12-20 18:19 2007-03-20 Show GitHub Exploit DB Packet Storm
229935 6.8 警告 viperweb - ViperWeb Portal の index.php における PHP リモートファイルインクルージョンの脆弱性 - CVE-2007-1514 2012-12-20 18:19 2007-03-20 Show GitHub Exploit DB Packet Storm
229936 7.5 危険 rhapsody irc - Rhapsody IRC の comm.c におけるフォーマットストリングの脆弱性 - CVE-2007-1503 2012-12-20 18:19 2007-03-19 Show GitHub Exploit DB Packet Storm
229937 6.8 警告 rhapsody irc - Rhapsody IRC におけるバッファオーバーフローの脆弱性 - CVE-2007-1502 2012-12-20 18:19 2007-03-19 Show GitHub Exploit DB Packet Storm
229938 4.9 警告 シマンテック - Symantec Norton Personal Firewall などの \Device\SymEvent ドライバにおけるサービス運用妨害 (DoS) の脆弱性 - CVE-2007-1495 2012-12-20 18:19 2007-03-16 Show GitHub Exploit DB Packet Storm
229939 6.8 警告 web-app.org - web-app.org WebAPP における管理アクセス権限を取得される脆弱性 CWE-352
同一生成元ポリシー違反 		CVE-2007-1489 2012-12-20 18:19 2007-03-16 Show GitHub Exploit DB Packet Storm
229940 7.5 危険 wbblog - WBBlog の index.php における SQL インジェクションの脆弱性 - CVE-2007-1481 2012-12-20 18:19 2007-03-16 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:May 13, 2026, 5:05 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
197191 9.8 CRITICAL
Network 		mock2easy_project mock2easy This affects all versions of package mock2easy. a malicious user could inject commands through the _data variable: Affected Area require('../server/getJsonByCurl')(mock2easy, function (error, stdout)… CWE-77
Command Injection 		CVE-2020-7697 2024-11-21 14:37 2020-07-29 Show GitHub Exploit DB Packet Storm
197192 7.5 HIGH
Network 		umbraco umbraco_forms This affects all versions of package UmbracoForms. When using the default configuration for upload forms, it is possible to upload arbitrary file types. The package offers a way for users to mitigate… CWE-1188
 Insecure Default Initialization of Resource 		CVE-2020-7685 2024-11-21 14:37 2020-07-29 Show GitHub Exploit DB Packet Storm
197193 5.3 MEDIUM
Network 		encode uvicorn Uvicorn before 0.11.7 is vulnerable to HTTP response splitting. CRLF sequences are not escaped in the value of HTTP headers. Attackers can exploit this to add arbitrary headers to HTTP responses, or … CWE-74
Injection 		CVE-2020-7695 2024-11-21 14:37 2020-07-27 Show GitHub Exploit DB Packet Storm
197194 7.5 HIGH
Network 		encode uvicorn This affects all versions of package uvicorn. The request logger provided by the package is vulnerable to ASNI escape sequence injection. Whenever any HTTP request is received, the default behaviour … CWE-94
CWE-116
Code Injection
 Improper Encoding or Escaping of Output 		CVE-2020-7694 2024-11-21 14:37 2020-07-27 Show GitHub Exploit DB Packet Storm
197195 7.5 HIGH
Network 		fast-http_project fast-http This affects all versions of package fast-http. There is no path sanitization in the path provided at fs.readFile in index.js. CWE-22
Path Traversal 		CVE-2020-7687 2024-11-21 14:37 2020-07-25 Show GitHub Exploit DB Packet Storm
197196 7.5 HIGH
Network 		rollup-plugin-dev-server_project rollup-plugin-dev-server This affects all versions of package rollup-plugin-dev-server. There is no path sanitization in readFile operation inside the readFileFromContentBase function. CWE-22
Path Traversal 		CVE-2020-7686 2024-11-21 14:37 2020-07-25 Show GitHub Exploit DB Packet Storm
197197 7.5 HIGH
Network 		rollup-plugin-server_project rollup-plugin-server This affects all versions of package rollup-plugin-server. There is no path sanitization in readFile operation performed inside the readFileFromContentBase function. CWE-22
Path Traversal 		CVE-2020-7683 2024-11-21 14:37 2020-07-25 Show GitHub Exploit DB Packet Storm
197198 7.5 HIGH
Network 		marked-tree_project marked-tree This affects all versions of package marked-tree. There is no path sanitization in the path provided at fs.readFile in index.js. CWE-22
Path Traversal 		CVE-2020-7682 2024-11-21 14:37 2020-07-25 Show GitHub Exploit DB Packet Storm
197199 7.5 HIGH
Network 		indo-mars marscode This affects all versions of package marscode. There is no path sanitization in the path provided at fs.readFile in index.js. CWE-22
Path Traversal 		CVE-2020-7681 2024-11-21 14:37 2020-07-25 Show GitHub Exploit DB Packet Storm
197200 4.7 MEDIUM
Network 		schneider-electric software_update_utility A CWE-601: URL Redirection to Untrusted Site ('Open Redirect') vulnerability exists in Schneider Electric Software Update (SESU), V2.4.0 and prior, which could cause execution of malicious code on th… CWE-601
Open Redirect 		CVE-2020-7520 2024-11-21 14:37 2020-07-24 Show GitHub Exploit DB Packet Storm