Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":May 13, 2026, 6 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
230211 6.8 警告 spoonlabs - SpoonLabs Vivvo Article Management CMS の include/db_conn.php におけるディレクトリトラバーサルの脆弱性 CWE-22
パス・トラバーサル 		CVE-2007-1031 2012-12-20 18:19 2007-02-21 Show GitHub Exploit DB Packet Storm
230212 7.6 危険 quicksoft - Quiksoft EasyMail Objects の IMAP4 コンポーネントにおけるスタックベースのバッファオーバーフローの脆弱性 - CVE-2007-1029 2012-12-20 18:19 2007-02-21 Show GitHub Exploit DB Packet Storm
230213 7.5 危険 scriptdungeon - XLAtunes の view.php における SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2007-1026 2012-12-20 18:19 2007-02-21 Show GitHub Exploit DB Packet Storm
230214 7.5 危険 virtualsystem - VS-Link-Partner の inc/functions_inc.php における PHP リモートファイルインクルージョンの脆弱性 - CVE-2007-1025 2012-12-20 18:19 2007-02-21 Show GitHub Exploit DB Packet Storm
230215 7.5 危険 Snitz - Snitz Forums 2000 の pop_profile.asp における SQL インジェクションの脆弱性 - CVE-2007-1023 2012-12-20 18:19 2007-02-21 Show GitHub Exploit DB Packet Storm
230216 7.5 危険 turuncu portal - Turuncu Portal の h_goster.asp における SQL インジェクションの脆弱性 - CVE-2007-1022 2012-12-20 18:19 2007-02-21 Show GitHub Exploit DB Packet Storm
230217 10 危険 xfairguy - CodeAvalanche News の inc_listnews.asp における SQL インジェクションの脆弱性 - CVE-2007-1021 2012-12-20 18:19 2007-02-21 Show GitHub Exploit DB Packet Storm
230218 6.8 警告 webSPELL - webSPELL の news.php における SQL インジェクションの脆弱性 - CVE-2007-1019 2012-12-20 18:19 2007-02-21 Show GitHub Exploit DB Packet Storm
230219 9.3 危険 virtualsystem - VirtualSystem VS-News-System の tpl/header.php における PHP リモートファイルインクルージョンの脆弱性 - CVE-2007-1018 2012-12-20 18:19 2007-02-21 Show GitHub Exploit DB Packet Storm
230220 9.3 危険 virtualsystem - VirtualSystem VS-News-System の show_news_inc.php における PHP リモートファイルインクルージョンの脆弱性 - CVE-2007-1017 2012-12-20 18:19 2007-02-21 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:May 13, 2026, 5:05 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
210651 7.4 HIGH
Network 		em-http-request_project
fedoraproject 		em-http-request
fedora 		EM-HTTP-Request 1.1.5 uses the library eventmachine in an insecure way that allows an attacker to perform a man-in-the-middle attack against users of the library. The hostname in a TLS server certifi… CWE-295
Improper Certificate Validation  		CVE-2020-13482 2024-11-21 14:01 2020-05-26 Show GitHub Exploit DB Packet Storm
210652 5.4 MEDIUM
Network 		verbb image_resizer An issue was discovered in the Image Resizer plugin before 2.0.9 for Craft CMS. There is stored XSS in the Bulk Resize action. CWE-79
Cross-site Scripting 		CVE-2020-13459 2024-11-21 14:01 2020-05-26 Show GitHub Exploit DB Packet Storm
210653 8.8 HIGH
Network 		verbb image_resizer An issue was discovered in the Image Resizer plugin before 2.0.9 for Craft CMS. There are CSRF issues with the log-clear controller action. CWE-352
 Origin Validation Error 		CVE-2020-13458 2024-11-21 14:01 2020-05-26 Show GitHub Exploit DB Packet Storm
210654 9.8 CRITICAL
Network 		dext5 dext5 A Remote code execution vulnerability exists in DEXT5Upload in DEXT5 through 2.7.1402870. An attacker can upload a PHP file via dext5handler.jsp handler because the uploaded file is stored under dext… CWE-434
 Unrestricted Upload of File with Dangerous Type  		CVE-2020-13442 2024-11-21 14:01 2020-05-26 Show GitHub Exploit DB Packet Storm
210655 6.5 MEDIUM
Network 		rockcarry ffjpeg ffjpeg through 2020-02-24 has an invalid write in bmp_load in bmp.c. CWE-787
 Out-of-bounds Write 		CVE-2020-13440 2024-11-21 14:01 2020-05-25 Show GitHub Exploit DB Packet Storm
210656 6.5 MEDIUM
Network 		rockcarry ffjpeg ffjpeg through 2020-02-24 has a heap-based buffer over-read in jfif_decode in jfif.c. CWE-125
Out-of-bounds Read 		CVE-2020-13439 2024-11-21 14:01 2020-05-25 Show GitHub Exploit DB Packet Storm
210657 6.5 MEDIUM
Network 		rockcarry ffjpeg ffjpeg through 2020-02-24 has an invalid read in jfif_encode in jfif.c. CWE-125
Out-of-bounds Read 		CVE-2020-13438 2024-11-21 14:01 2020-05-25 Show GitHub Exploit DB Packet Storm
210658 5.5 MEDIUM
Local 		sqlite
fedoraproject 		sqlite
fedora 		SQLite through 3.32.0 has a segmentation fault in sqlite3ExprCodeTarget in expr.c. CWE-476
 NULL Pointer Dereference 		CVE-2020-13435 2024-11-21 14:01 2020-05-25 Show GitHub Exploit DB Packet Storm
210659 5.5 MEDIUM
Local 		sqlite
debian
fedoraproject
canonical
freebsd
oracle
apple 		sqlite
debian_linux
fedora
ubuntu_linux
freebsd
outside_in_technology
communications_network_charging_and_control
communications_cloud_native_core_policy
iphone_os
watchos<… 		SQLite through 3.32.0 has an integer overflow in sqlite3_str_vappendf in printf.c. CWE-190
 Integer Overflow or Wraparound 		CVE-2020-13434 2024-11-21 14:01 2020-05-25 Show GitHub Exploit DB Packet Storm
210660 9.8 CRITICAL
Network 		adminpanel_project adminpanel Jason2605 AdminPanel 4.0 allows SQL Injection via the editPlayer.php hidden parameter. CWE-89
SQL Injection 		CVE-2020-13433 2024-11-21 14:01 2020-05-25 Show GitHub Exploit DB Packet Storm