Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":May 17, 2026, noon

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
230071 5 警告 stphp - STphp EasyNews におけるクロスサイトリクエストフォージェリの脆弱性 - CVE-2007-3331 2012-12-20 18:19 2007-06-21 Show GitHub Exploit DB Packet Storm
230072 4.3 警告 stphp - STphp EasyNews におけるクロスサイトスクリプティングの脆弱性 - CVE-2007-3330 2012-12-20 18:19 2007-06-21 Show GitHub Exploit DB Packet Storm
230073 6.8 警告 xvid - Xvid の src/bitstream/mbcoding.c における任意のコードを実行される脆弱性 CWE-DesignError
CVE-2007-3329 2012-12-20 18:19 2007-04-28 Show GitHub Exploit DB Packet Storm
230074 9.3 危険 VideoLAN - VideoLAN VLC Media Player のプラグインにおけるフォーマットストリングの脆弱性 - CVE-2007-3316 2012-12-20 18:19 2007-06-12 Show GitHub Exploit DB Packet Storm
230075 6.8 警告 yourfreescreamer - YourFreeScreamer における PHP リモートファイルインクルージョンの脆弱性 - CVE-2007-3315 2012-12-20 18:19 2007-06-21 Show GitHub Exploit DB Packet Storm
230076 7.5 危険 XOOPS - Xoops 用の Articles モジュールにおける SQL インジェクションの脆弱性 - CVE-2007-3311 2012-12-20 18:19 2007-06-21 Show GitHub Exploit DB Packet Storm
230077 4.3 警告 tdizin - TDizin の arama.asp におけるクロスサイトスクリプティングの脆弱性 - CVE-2007-3310 2012-12-20 18:19 2007-06-20 Show GitHub Exploit DB Packet Storm
230078 7.5 危険 Simple Machines - SMF におけるメッセージの作成時に任意の PHP コードを実行され脆弱性 - CVE-2007-3309 2012-12-20 18:19 2007-06-20 Show GitHub Exploit DB Packet Storm
230079 7.5 危険 Simple Machines - SMF における CAPTCHA テストを通過される脆弱性 - CVE-2007-3308 2012-12-20 18:19 2007-06-20 Show GitHub Exploit DB Packet Storm
230080 7.5 危険 solar empire - Solar Empire の game_listing.php における SQL インジェクションの脆弱性 - CVE-2007-3307 2012-12-20 18:19 2007-06-20 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:May 17, 2026, 4:15 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
210181 6.1 MEDIUM
Network 		online_hotel_booking_system_project online_hotel_booking_system An issue was discovered in the bestsoftinc Hotel Booking System Pro plugin through 1.1 for WordPress. Persistent XSS can occur via any of the registration fields. CWE-79
Cross-site Scripting 		CVE-2020-15536 2024-11-21 14:05 2020-07-6 Show GitHub Exploit DB Packet Storm
210182 6.1 MEDIUM
Network 		bestsoftinc car_rental_system An issue was discovered in the bestsoftinc Car Rental System plugin through 1.3 for WordPress. Persistent XSS can occur via any of the registration fields. CWE-79
Cross-site Scripting 		CVE-2020-15535 2024-11-21 14:05 2020-07-6 Show GitHub Exploit DB Packet Storm
210183 7.5 HIGH
Network 		wireshark
opensuse
debian 		wireshark
leap
debian_linux 		In Wireshark 3.2.0 to 3.2.4, the GVCP dissector could go into an infinite loop. This was addressed in epan/dissectors/packet-gvcp.c by ensuring that an offset increases in all situations. CWE-835
 Loop with Unreachable Exit Condition ('Infinite Loop') 		CVE-2020-15466 2024-11-21 14:05 2020-07-5 Show GitHub Exploit DB Packet Storm
210184 7.8 HIGH
Local 		valvesoftware steam_client An issue was discovered in Valve Steam Client 2.10.91.91. The installer allows local users to gain NT AUTHORITY\SYSTEM privileges because some parts of %PROGRAMFILES(X86)%\Steam and/or %COMMONPROGRAM… CWE-362
Race Condition 		CVE-2020-15530 2024-11-21 14:05 2020-07-5 Show GitHub Exploit DB Packet Storm
210185 7.8 HIGH
Local 		gog galaxy An issue was discovered in GOG Galaxy Client 2.0.17. Local escalation of privileges is possible when a user installs a game or performs a verify/repair operation. The issue exists because of weak fil… CWE-667
CWE-732
 Improper Locking
 Incorrect Permission Assignment for Critical Resource 		CVE-2020-15529 2024-11-21 14:05 2020-07-5 Show GitHub Exploit DB Packet Storm
210186 7.8 HIGH
Local 		gog galaxy An issue was discovered in GOG Galaxy Client 2.0.17. Local escalation of privileges is possible when a user starts or uninstalls a game because of weak file permissions and missing file integrity che… CWE-732
 Incorrect Permission Assignment for Critical Resource 		CVE-2020-15528 2024-11-21 14:05 2020-07-5 Show GitHub Exploit DB Packet Storm
210187 7.8 HIGH
Local 		python
netapp 		python
snapcenter 		In Python 3.6 through 3.6.10, 3.7 through 3.7.8, 3.8 through 3.8.4rc1, and 3.9 through 3.9.0b4 on Windows, a Trojan horse python3.dll might be used in cases where CPython is embedded in a native appl… CWE-427
CWE-908
 Uncontrolled Search Path Element
 Use of Uninitialized Resource 		CVE-2020-15523 2024-11-21 14:05 2020-07-5 Show GitHub Exploit DB Packet Storm
210188 8.8 HIGH
Network 		veeam veeam_availability_suite
veeam_backup_\&_replication 		VeeamFSR.sys in Veeam Availability Suite before 10 and Veeam Backup & Replication before 10 has no device object DACL, which allows unprivileged users to achieve total control over filesystem I/O req… CWE-862
 Missing Authorization 		CVE-2020-15518 2024-11-21 14:05 2020-07-3 Show GitHub Exploit DB Packet Storm
210189 2.3 LOW
Local 		qemu
debian 		qemu
debian_linux 		In QEMU 4.2.0, a MemoryRegionOps object may lack read/write callback methods, leading to a NULL pointer dereference. CWE-476
 NULL Pointer Dereference 		CVE-2020-15469 2024-11-21 14:05 2020-07-3 Show GitHub Exploit DB Packet Storm
210190 7.5 HIGH
Network 		libraw
fedoraproject
debian 		libraw
fedora
debian_linux 		LibRaw before 0.20-RC1 lacks a thumbnail size range check. This affects decoders/unpack_thumb.cpp, postprocessing/mem_image.cpp, and utils/thumb_utils.cpp. For example, malloc(sizeof(libraw_processed… CWE-20
 Improper Input Validation  		CVE-2020-15503 2024-11-21 14:05 2020-07-2 Show GitHub Exploit DB Packet Storm