Vulnerability Search Top

Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

Vulnerability Information Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":May 17, 2026, 6 p.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
229981	8.5	危険	Vtiger	-	vtiger CRM における連絡先情報をインポートされるなどの脆弱性	-	CVE-2007-3599	2012-12-20 18:33	2007-02-9	Show	GitHub Exploit DB Packet Storm

229982	5.5	警告	Vtiger	-	index.php の vtiger CRM における全ユーザ名などを取得される脆弱性	-	CVE-2007-3598	2012-12-20 18:33	2007-02-5	Show	GitHub Exploit DB Packet Storm

229983	6.5	警告	Vtiger	-	vtiger CRM の index.php における管理の変更を実行される脆弱性	-	CVE-2007-3616	2012-12-20 18:33	2006-10-24	Show	GitHub Exploit DB Packet Storm

229984	8.5	危険	Zen Cart	-	Zen Cart におけるセッションをハイジャックされる脆弱性	CWE-287 不適切な認証	CVE-2007-3597	2012-12-20 18:33	2007-07-6	Show	GitHub Exploit DB Packet Storm

229985	7.5	危険	vbzoom	-	VBZooM の reply.php における SQL インジェクションの脆弱性	-	CVE-2007-3588	2012-12-20 18:33	2007-07-5	Show	GitHub Exploit DB Packet Storm

229986	7.5	危険	postnuke software foundation	-	PNphpBB2 の viewforum.php における SQL インジェクションの脆弱性	-	CVE-2007-3584	2012-12-20 18:33	2007-07-5	Show	GitHub Exploit DB Packet Storm

229987	4.3	警告	PHPIDS	-	PHPIDS における任意の Web スクリプトを挿入される脆弱性	-	CVE-2007-3580	2012-12-20 18:33	2007-07-2	Show	GitHub Exploit DB Packet Storm

229988	4.3	警告	PHPIDS	-	PHPIDS における任意の Web スクリプトを挿入される脆弱性	-	CVE-2007-3579	2012-12-20 18:33	2007-07-2	Show	GitHub Exploit DB Packet Storm

229989	4.3	警告	PHPIDS	-	PHPIDS における任意の Web スクリプトを挿入される脆弱性	-	CVE-2007-3578	2012-12-20 18:33	2007-07-2	Show	GitHub Exploit DB Packet Storm

229990	4.3	警告	PHPIDS	-	PHP iCalendar の print.php における任意の Web スクリプトを挿入される脆弱性	-	CVE-2007-3577	2012-12-20 18:19	2007-07-2	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:May 18, 2026, 4:12 a.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
209971	7.5	HIGH Network	google	tensorflow	In Tensorflow before version 2.4.0, an attacker can pass an invalid `axis` value to `tf.quantization.quantize_and_dequantize`. This results in accessing a dimension outside the rank of the input tens…	-	CVE-2020-15265	2024-11-21 14:05	2020-10-22	Show	GitHub Exploit DB Packet Storm

209972	7.2	HIGH Network	openmage	magento	In Magento (rubygems openmage/magento-lts package) before versions 19.4.8 and 20.0.4, an admin user can generate soap credentials that can be used to trigger RCE via PHP Object Injection through prod…	CWE-502 Deserialization of Untrusted Data	CVE-2020-15244	2024-11-21 14:05	2020-10-22	Show	GitHub Exploit DB Packet Storm

209973	9.1	CRITICAL Network	sparksolutions	spree	In Spree before versions 3.7.11, 4.0.4, or 4.1.11, expired user tokens could be used to access Storefront API v2 endpoints. The issue is patched in versions 3.7.11, 4.0.4 and 4.1.11. A workaround wit…	CWE-613 Insufficient Session Expiration	CVE-2020-15269	2024-11-21 14:05	2020-10-21	Show	GitHub Exploit DB Packet Storm

209974	9.1	CRITICAL Network	auth0	omniauth-auth0	omniauth-auth0 (rubygems) versions >= 2.3.0 and < 2.4.1 improperly validate the JWT token signature when using the `jwt_validator.verify` method. Improper validation of the JWT token signature can al…	CWE-347 Improper Verification of Cryptographic Signature	CVE-2020-15240	2024-11-21 14:05	2020-10-22	Show	GitHub Exploit DB Packet Storm

209975	6.1	MEDIUM Network	orchid	platform	In platform before version 9.4.4, inline attributes are not properly escaped. If the data that came from users was not escaped, then an XSS vulnerability is possible. The issue was introduced in 9.0.…	-	CVE-2020-15263	2024-11-21 14:05	2020-10-20	Show	GitHub Exploit DB Packet Storm

209976	3.7	LOW Network	webpack-subresource-integrity_project	webpack-subresource-integrity	In webpack-subresource-integrity before version 1.5.1, all dynamically loaded chunks receive an invalid integrity hash that is ignored by the browser, and therefore the browser cannot validate their …	CWE-345 Insufficient Verification of Data Authenticity	CVE-2020-15262	2024-11-21 14:05	2020-10-20	Show	GitHub Exploit DB Packet Storm

209977	7.8	HIGH Local	chocolatey	boxstarter	The Boxstarter installer before version 2.13.0 configures C:\ProgramData\Boxstarter to be in the system-wide PATH environment variable. However, this directory is writable by normal, unprivileged use…	-	CVE-2020-15264	2024-11-21 14:05	2020-10-21	Show	GitHub Exploit DB Packet Storm

209978	6.7	MEDIUM Local	veyon	veyon	On Windows the Veyon Service before version 4.4.2 contains an unquoted service path vulnerability, allowing locally authenticated users with administrative privileges to run malicious executables wit…	-	CVE-2020-15261	2024-11-21 14:05	2020-10-20	Show	GitHub Exploit DB Packet Storm

209979	9.8	CRITICAL Network	object-path_project	object-path	A prototype pollution vulnerability has been found in `object-path` <= 0.11.4 affecting the `set()` method. The vulnerability is limited to the `includeInheritedProps` mode (if version >= 0.11.0 is u…	NVD-CWE-Other	CVE-2020-15256	2024-11-21 14:05	2020-10-20	Show	GitHub Exploit DB Packet Storm

209980	4.3	MEDIUM Network	sylius	sylius	In Sylius before versions 1.6.9, 1.7.9 and 1.8.3, the user may register in a shop by email mail@example.com, verify it, change it to the mail another@domain.com and stay verified and enabled. This ma…	CWE-862 Missing Authorization	CVE-2020-15245	2024-11-21 14:05	2020-10-20	Show	GitHub Exploit DB Packet Storm