Vulnerability Search Top

Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

Vulnerability Information Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":May 15, 2026, 6 p.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
230071	5	警告	stphp	-	STphp EasyNews におけるクロスサイトリクエストフォージェリの脆弱性	-	CVE-2007-3331	2012-12-20 18:19	2007-06-21	Show	GitHub Exploit DB Packet Storm

230072	4.3	警告	stphp	-	STphp EasyNews におけるクロスサイトスクリプティングの脆弱性	-	CVE-2007-3330	2012-12-20 18:19	2007-06-21	Show	GitHub Exploit DB Packet Storm

230073	6.8	警告	xvid	-	Xvid の src/bitstream/mbcoding.c における任意のコードを実行される脆弱性	CWE-DesignError	CVE-2007-3329	2012-12-20 18:19	2007-04-28	Show	GitHub Exploit DB Packet Storm

230074	9.3	危険	VideoLAN	-	VideoLAN VLC Media Player のプラグインにおけるフォーマットストリングの脆弱性	-	CVE-2007-3316	2012-12-20 18:19	2007-06-12	Show	GitHub Exploit DB Packet Storm

230075	6.8	警告	yourfreescreamer	-	YourFreeScreamer における PHP リモートファイルインクルージョンの脆弱性	-	CVE-2007-3315	2012-12-20 18:19	2007-06-21	Show	GitHub Exploit DB Packet Storm

230076	7.5	危険	XOOPS	-	Xoops 用の Articles モジュールにおける SQL インジェクションの脆弱性	-	CVE-2007-3311	2012-12-20 18:19	2007-06-21	Show	GitHub Exploit DB Packet Storm

230077	4.3	警告	tdizin	-	TDizin の arama.asp におけるクロスサイトスクリプティングの脆弱性	-	CVE-2007-3310	2012-12-20 18:19	2007-06-20	Show	GitHub Exploit DB Packet Storm

230078	7.5	危険	Simple Machines	-	SMF におけるメッセージの作成時に任意の PHP コードを実行され脆弱性	-	CVE-2007-3309	2012-12-20 18:19	2007-06-20	Show	GitHub Exploit DB Packet Storm

230079	7.5	危険	Simple Machines	-	SMF における CAPTCHA テストを通過される脆弱性	-	CVE-2007-3308	2012-12-20 18:19	2007-06-20	Show	GitHub Exploit DB Packet Storm

230080	7.5	危険	solar empire	-	Solar Empire の game_listing.php における SQL インジェクションの脆弱性	-	CVE-2007-3307	2012-12-20 18:19	2007-06-20	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:May 15, 2026, 4:28 a.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
197101	9.8	CRITICAL Network	eyesofnetwork	eyesofnetwork	An issue was discovered in EyesOfNetwork 5.3. The EyesOfNetwork API 2.4.2 is prone to SQL injection, allowing an unauthenticated attacker to perform various tasks such as authentication bypass via th…	CWE-89 SQL Injection	CVE-2020-8656	2024-11-21 14:39	2020-02-7	Show	GitHub Exploit DB Packet Storm

197102	8.8	HIGH Network	eyesofnetwork	eyesofnetwork	An issue was discovered in EyesOfNetwork 5.3. An authenticated web user with sufficient privileges could abuse the AutoDiscovery module to run arbitrary OS commands via the /module/module_frame/index…	CWE-78 OS Command	CVE-2020-8654	2024-11-21 14:39	2020-02-7	Show	GitHub Exploit DB Packet Storm

197103	9.8	CRITICAL Network	simplejobscript	simplejobscript	An issue was discovered in Simplejobscript.com SJS through 1.66. There is an unauthenticated SQL injection via the job applications search function. The vulnerable parameter is job_id. The function i…	CWE-89 SQL Injection	CVE-2020-8645	2024-11-21 14:39	2020-02-7	Show	GitHub Exploit DB Packet Storm

197104	9.8	CRITICAL Network	revmakx	infinitewp_client	The InfiniteWP Client plugin before 1.9.4.5 for WordPress has a missing authorization check in iwp_mmb_set_request in init.php. Any attacker who knows the username of an administrator can log in.	CWE-862 Missing Authorization	CVE-2020-8772	2024-11-21 14:39	2020-02-7	Show	GitHub Exploit DB Packet Storm

197105	9.8	CRITICAL Network	wptimecapsule	wp_time_capsule	The Time Capsule plugin before 1.21.16 for WordPress has an authentication bypass. Any request containing IWP_JSON_PREFIX causes the client to be logged in as the first account on the list of adminis…	CWE-287 Improper Authentication	CVE-2020-8771	2024-11-21 14:39	2020-02-7	Show	GitHub Exploit DB Packet Storm

197106	9.8	CRITICAL Network	opservices	opmon	An issue was discovered in OpServices OpMon 9.3.2 that allows Remote Code Execution .	CWE-306 Missing Authentication for Critical Function	CVE-2020-8636	2024-11-21 14:39	2020-02-7	Show	GitHub Exploit DB Packet Storm

197107	5.6	MEDIUM Network	libslirp_project debian opensuse	libslirp debian_linux leap	In libslirp 4.1.0, as used in QEMU 4.2.0, tcp_subr.c misuses snprintf return values, leading to a buffer overflow in later code.	CWE-120 Classic Buffer Overflow	CVE-2020-8608	2024-11-21 14:39	2020-02-7	Show	GitHub Exploit DB Packet Storm

197108	8.8	HIGH Network	bestwebsoft	htaccess	The BestWebSoft Htaccess plugin through 1.8.1 for WordPress allows wp-admin/admin.php?page=htaccess.php&action=htaccess_editor CSRF. The flag htccss_nonce_name passes the nonce to WordPress but the p…	CWE-352 Origin Validation Error	CVE-2020-8658	2024-11-21 14:39	2020-02-6	Show	GitHub Exploit DB Packet Storm

197109	5.9	MEDIUM Physics	linux opensuse debian	linux_kernel leap debian_linux	There is a use-after-free vulnerability in the Linux kernel through 5.5.2 in the vgacon_invert_region function in drivers/video/console/vgacon.c.	CWE-416 Use After Free	CVE-2020-8649	2024-11-21 14:39	2020-02-6	Show	GitHub Exploit DB Packet Storm

197110	7.1	HIGH Local	linux debian opensuse netapp broadcom canonical	linux_kernel debian_linux leap cloud_backup active_iq_unified_manager solidfire_baseboard_management_controller brocade_fabric_operating_system_firmware hci_baseboard_management_…	There is a use-after-free vulnerability in the Linux kernel through 5.5.2 in the n_tty_receive_buf_common function in drivers/tty/n_tty.c.	CWE-416 Use After Free	CVE-2020-8648	2024-11-21 14:39	2020-02-6	Show	GitHub Exploit DB Packet Storm