Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":May 15, 2026, 12:10 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
230231 7.5 危険 tomasz rekawek - Yaap の includes/common.php における PHP リモートファイルインクルージョンの脆弱性 - CVE-2007-2664 2012-12-20 18:19 2007-05-14 Show GitHub Exploit DB Packet Storm
230232 7.8 危険 precisionid barcode - PrecisionID_DataMatrix.DLL の PrecisionID Barcode ActiveX コントロールにおけるサービス運用妨害 (DoS) の脆弱性 - CVE-2007-2657 2012-12-20 18:19 2007-05-14 Show GitHub Exploit DB Packet Storm
230233 4.4 警告 SUSE
xfsdump		 - xfsdump の xfs_fsr における xfs ファイルシステム上で任意のファイルを上書きされる脆弱性 CWE-362
CWE-Other
CVE-2007-2654 2012-12-20 18:19 2007-05-11 Show GitHub Exploit DB Packet Storm
230234 7.5 危険 voodoo circle - VooDoo cIRCle におけるサービス運用妨害 (DoS) の脆弱性 - CVE-2007-2651 2012-12-20 18:19 2007-05-14 Show GitHub Exploit DB Packet Storm
230235 7.8 危険 t-com - T-com Speedport W 700v における遅延を回避される脆弱性 - CVE-2007-2649 2012-12-20 18:19 2007-05-14 Show GitHub Exploit DB Packet Storm
230236 6.8 警告 yenc32 - yEnc32 におけるヒープベースのバッファオーバーフローの脆弱性 - CVE-2007-2646 2012-12-20 18:19 2007-05-14 Show GitHub Exploit DB Packet Storm
230237 5 警告 pinkcrow designs - PinkCrow Designs Gallery または maGAZIn の phpThumb.php におけるディレクトリトラバーサルの脆弱性 - CVE-2007-2643 2012-12-20 18:19 2007-05-13 Show GitHub Exploit DB Packet Storm
230238 7.8 危険 r2k - R2K Gallery の galeria.php におけるディレクトリトラバーサルの脆弱性 - CVE-2007-2642 2012-12-20 18:19 2007-05-13 Show GitHub Exploit DB Packet Storm
230239 7.5 危険 w1l3d4 - W1L3D4 Philboard の W1L3D4_bolum.asp における SQL インジェクションの脆弱性 - CVE-2007-2641 2012-12-20 18:19 2007-05-13 Show GitHub Exploit DB Packet Storm
230240 10 危険 prosysinfo - TFTPdWin におけるディレクトリトラバーサルの脆弱性 - CVE-2007-2639 2012-12-20 18:19 2007-05-13 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:May 15, 2026, 4:28 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
200041 8.4 HIGH
Local 		vmware vsphere_esxi
fusion
workstation 		VMware ESXi (6.7 before ESXi670-202006401-SG and 6.5 before ESXi650-202005401-SG), Workstation (15.x before 15.5.5), and Fusion (11.x before 11.5.5) contain an out-of-bounds read vulnerability in NVM… CWE-125
Out-of-bounds Read 		CVE-2020-3960 2024-11-21 14:32 2021-09-15 Show GitHub Exploit DB Packet Storm
200042 7.8 HIGH
Local 		ibm security_verify_privilege_manager IBM Security Secret Server (IBM Security Verify Privilege Manager 10.8.2 ) could allow a local user to execute code due to improper integrity checks. IBM X-Force ID: 184919. CWE-354
 Improper Validation of Integrity Check Value 		CVE-2020-4610 2024-11-21 14:32 2021-06-26 Show GitHub Exploit DB Packet Storm
200043 7.8 HIGH
Local 		ibm security_verify_privilege_manager IBM Security Sevret Server (IBM Security Verify Privilege Manager 10.8.2) is vulnerable to a buffer overflow, caused by improper bounds checking. A local attacker could overflow a buffer and execute … CWE-120
Classic Buffer Overflow 		CVE-2020-4609 2024-11-21 14:32 2021-06-26 Show GitHub Exploit DB Packet Storm
200044 8.8 HIGH
Network 		ibm rational_doors_next_generation
rational_quality_manager
collaborative_lifecycle_management
engineering_test_management
rational_engineering_lifecycle_manager
engineering_lifecycle_mana… 		IBM Jazz Foundation and IBM Engineering products could allow a remote attacker to bypass security restrictions, caused by improper access control. By sending a specially-crafted request to the REST A… NVD-CWE-Other
CVE-2020-4495 2024-11-21 14:32 2021-06-3 Show GitHub Exploit DB Packet Storm
200045 10.0 CRITICAL
Network 		ibm
netapp 		cognos_analytics
oncommand_insight 		IBM Cognos Analytics 11.0 and 11.1 DQM API allows submitting of all control requests in unauthenticated sessions. This allows a remote attacker who can access a valid CA endpoint to read and write fi… CWE-829
 Inclusion of Functionality from Untrusted Control Sphere 		CVE-2020-4561 2024-11-21 14:32 2021-06-1 Show GitHub Exploit DB Packet Storm
200046 8.8 HIGH
Network 		ibm
netapp 		cognos_analytics
oncommand_insight 		IBM Cognos Analytics 11.0 and 11.1 could allow a remote attacker to inject malicious HTML code that when viewed by the authenticated victim would execute the code. IBM X-Force ID: 182395. CWE-79
Cross-site Scripting 		CVE-2020-4520 2024-11-21 14:32 2021-06-1 Show GitHub Exploit DB Packet Storm
200047 5.4 MEDIUM
Network 		ibm
netapp 		cognos_analytics
oncommand_insight 		IBM Cognos Analytics 11.0 and 11.1 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality pot… CWE-79
Cross-site Scripting 		CVE-2020-4354 2024-11-21 14:32 2021-06-1 Show GitHub Exploit DB Packet Storm
200048 8.2 HIGH
Network 		ibm
netapp 		cognos_analytics
oncommand_insight 		IBM Cognos Analytics 11.0 and 11.1 is vulnerable to an XML External Entity Injection (XXE) attack when processing XML data. A remote attacker could exploit this vulnerability to expose sensitive info… CWE-611
XXE 		CVE-2020-4300 2024-11-21 14:32 2021-06-1 Show GitHub Exploit DB Packet Storm
200049 4.3 MEDIUM
Network 		ibm openpages_grc_platform IBM OpenPages GRC Platform 8.1 could allow a remote attacker to obtain sensitive information when a detailed technical error message is returned in the browser. This information could be used in furt… CWE-209
Information Exposure Through an Error Message 		CVE-2020-4536 2024-11-21 14:32 2021-05-12 Show GitHub Exploit DB Packet Storm
200050 5.4 MEDIUM
Network 		ibm openpages_grc_platform IBM OpenPages GRC Platform 8.1 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potenti… CWE-79
Cross-site Scripting 		CVE-2020-4535 2024-11-21 14:32 2021-05-12 Show GitHub Exploit DB Packet Storm