Vulnerability Search Top

Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

Vulnerability Information Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":May 16, 2026, 6 p.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
229971	7.5	危険	Vastal I-Tech & Co.	-	phpVID の categories_type.php における SQL インジェクションの脆弱性	-	CVE-2007-3610	2012-12-20 18:33	2007-07-6	Show	GitHub Exploit DB Packet Storm

229972	5	警告	SAP	-	EnjoySAP SAP GUI の ActiveX コントロールにおける特定のファイルを作成される脆弱性	-	CVE-2007-3608	2012-12-20 18:33	2007-07-6	Show	GitHub Exploit DB Packet Storm

229973	5	警告	SAP	-	EnjoySAP SAP GUI の ActiveX コントロールにおけるサービス運用妨害 (DoS) の脆弱性	-	CVE-2007-3607	2012-12-20 18:33	2007-07-6	Show	GitHub Exploit DB Packet Storm

229974	7.6	危険	SAP	-	EnjoySAP SAP GUI の rfcguisink.rfcguisink.1 ActiveX コントロールにおけるヒープベースのバッファオーバーフローの脆弱性	-	CVE-2007-3606	2012-12-20 18:33	2007-07-6	Show	GitHub Exploit DB Packet Storm

229975	7.6	危険	SAP	-	EnjoySAP SAP GUI の FrontEnd\SapGui\kwedit.dll におけるスタックベースのバッファオーバーフローの脆弱性	-	CVE-2007-3605	2012-12-20 18:33	2007-07-6	Show	GitHub Exploit DB Packet Storm

229976	4	警告	Vtiger	-	vtiger CRM におけるデータ制限を回避される脆弱性	-	CVE-2007-3604	2012-12-20 18:33	2007-03-7	Show	GitHub Exploit DB Packet Storm

229977	6.5	警告	Vtiger	-	vtiger CRM の dashboard における SQL インジェクションの脆弱性	-	CVE-2007-3603	2012-12-20 18:33	2007-03-7	Show	GitHub Exploit DB Packet Storm

229978	5.5	警告	Vtiger	-	vtiger CRM の SOAP Web サービスにおけるデータをアクセスされる脆弱性	-	CVE-2007-3602	2012-12-20 18:33	2007-02-26	Show	GitHub Exploit DB Packet Storm

229979	2.1	注意	Vtiger	-	vtiger CRM における特定ユーザのカレンダー項目を読まれる脆弱性	-	CVE-2007-3601	2012-12-20 18:33	2007-05-31	Show	GitHub Exploit DB Packet Storm

229980	4	警告	Vtiger	-	vtiger CRM の wordintegration コンポーネントにおけるフィールドレベルのセキュリティパーミッションを回避される脆弱性	-	CVE-2007-3600	2012-12-20 18:33	2007-05-9	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:May 16, 2026, 4 a.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
210021	5.4	MEDIUM Network	prestashop	prestashop	In PrestaShop from version 1.5.0.0 and before version 1.7.6.8, users are allowed to send compromised files. These attachments allowed people to input malicious JavaScript which triggered an XSS paylo…	-	CVE-2020-15162	2024-11-21 14:04	2020-09-25	Show	GitHub Exploit DB Packet Storm

210022	9.8	CRITICAL Network	prestashop	prestashop	PrestaShop from version 1.7.5.0 and before version 1.7.6.8 is vulnerable to a blind SQL Injection attack in the Catalog Product edition page with location parameter. The problem is fixed in 1.7.6.8	CWE-89 SQL Injection	CVE-2020-15160	2024-11-21 14:04	2020-09-25	Show	GitHub Exploit DB Packet Storm

210023	6.1	MEDIUM Network	prestashop	prestashop	In PrestaShop from version 1.6.0.4 and before version 1.7.6.8 an attacker is able to inject javascript while using the contact form. The problem is fixed in 1.7.6.8	-	CVE-2020-15161	2024-11-21 14:04	2020-09-25	Show	GitHub Exploit DB Packet Storm

210024	10.0	CRITICAL Network	yiiframework	yii	Yii 2 (yiisoft/yii2) before version 2.0.38 is vulnerable to remote code execution if the application calls `unserialize()` on arbitrary user input. This is fixed in version 2.0.38. A possible workaro…	-	CVE-2020-15148	2024-11-21 14:04	2020-09-16	Show	GitHub Exploit DB Packet Storm

210025	6.6	MEDIUM Network	xwiki	xwiki	In XWiki before versions 11.10.5 or 12.2.1, any user with SCRIPT right (EDIT right before XWiki 7.4) can gain access to the application server Servlet context which contains tools allowing to instant…	CWE-74 Injection	CVE-2020-15171	2024-11-21 14:04	2020-09-11	Show	GitHub Exploit DB Packet Storm

210026	5.5	MEDIUM Local	avast	antivirus	An issue was discovered in the Login Password feature of the Password Manager component in Avast Antivirus 20.1.5069.562. An entered password continues to be stored in Windows main memory after a log…	CWE-212 CWE-459 Improper Removal of Sensitive Information Before Storage or Transfer Incomplete Cleanup	CVE-2020-15024	2024-11-21 14:04	2020-09-11	Show	GitHub Exploit DB Packet Storm

210027	6.1	MEDIUM Network	action_view_project debian fedoraproject	action_view debian_linux fedora	In Action View before versions 5.2.4.4 and 6.0.3.3 there is a potential Cross-Site Scripting (XSS) vulnerability in Action View's translation helpers. Views that allow the user to control the default…	-	CVE-2020-15169	2024-11-21 14:04	2020-09-12	Show	GitHub Exploit DB Packet Storm

210028	7.5	HIGH Network	zeromq fedoraproject debian	libzmq fedora debian_linux	In ZeroMQ before version 4.3.3, there is a denial-of-service vulnerability. Users with TCP transport public endpoints, even with CURVE/ZAP enabled, are impacted. If a raw TCP socket is opened and con…	-	CVE-2020-15166	2024-11-21 14:04	2020-09-12	Show	GitHub Exploit DB Packet Storm

210029	7.0	HIGH Network	ctrip	apollo	apollo-adminservice before version 1.7.1 does not implement access controls. If users expose apollo-adminservice to internet(which is not recommended), there are potential security issues since apoll…	NVD-CWE-Other	CVE-2020-15170	2024-11-21 14:04	2020-09-11	Show	GitHub Exploit DB Packet Storm

210030	5.3	MEDIUM Network	node-fetch_project	node-fetch	node-fetch before versions 2.6.1 and 3.0.0-beta.9 did not honor the size option after following a redirect, which means that when a content size was over the limit, a FetchError would never get throw…	CWE-770 Allocation of Resources Without Limits or Throttling	CVE-2020-15168	2024-11-21 14:04	2020-09-11	Show	GitHub Exploit DB Packet Storm