Vulnerability Search Top

Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

Vulnerability Information Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":May 15, 2026, 6 p.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
230301	7.8	危険	tony cook	-	Imager perl モジュールの BMP リーダにおけるヒープベースのバッファオーバーフローの脆弱性	CWE-119 バッファエラー	CVE-2007-2459	2012-12-20 18:19	2007-05-2	Show	GitHub Exploit DB Packet Storm

230302	7.5	危険	pixaria	-	Pixaria Gallery における PHP リモートファイルインクルージョンの脆弱性	CWE-94 コード・インジェクション	CVE-2007-2458	2012-12-20 18:19	2007-04-15	Show	GitHub Exploit DB Packet Storm

230303	7.5	危険	pixaria	-	Pixaria Gallery の resources/includes/class.Smarty.php における PHP リモートファイルインクルージョンの脆弱性	-	CVE-2007-2457	2012-12-20 18:19	2007-04-15	Show	GitHub Exploit DB Packet Storm

230304	2.1	注意	CollabNet, Inc.	-	Subversion における重要な情報 (プロパティの改定) を取得される脆弱性	-	CVE-2007-2448	2012-12-20 18:19	2007-06-14	Show	GitHub Exploit DB Packet Storm

230305	6.8	警告	tecnick.com	-	TCExam の shared/config/tce_config.php におけるクロスサイトスクリプティング攻撃 (XSS) を実行される脆弱性	-	CVE-2007-2431	2012-12-20 18:19	2007-05-1	Show	GitHub Exploit DB Packet Storm

230306	7.8	危険	tecnick.com	-	TCExam の shared/code/tce_tmx.php における cache/ 配下の任意の PHP ファイルを作成される脆弱性	-	CVE-2007-2430	2012-12-20 18:19	2007-05-1	Show	GitHub Exploit DB Packet Storm

230307	7.5	危険	pnflashgames	-	PostNuke 用の pnFlashGames モジュールの index.php における SQL インジェクションの脆弱性	-	CVE-2007-2427	2012-12-20 18:19	2007-05-1	Show	GitHub Exploit DB Packet Storm

230308	7.5	危険	wildbits	-	WordPress 用の myGallery プラグインにおける PHP リモートファイルインクルージョンの脆弱性	-	CVE-2007-2426	2012-12-20 18:19	2007-05-1	Show	GitHub Exploit DB Packet Storm

230309	7.5	危険	the merchant project	-	themerchant の help/index.php における PHP リモートファイルインクルージョンの脆弱性	-	CVE-2007-2424	2012-12-20 18:19	2007-05-1	Show	GitHub Exploit DB Packet Storm

230310	10	危険	RSAセキュリティ Progress Software Corporation	-	複数の RSA 製品で使用される Progress Software Progress および OpenEdge におけるヒープベースのバッファオーバーフローの脆弱性	-	CVE-2007-2417	2012-12-20 18:19	2007-07-15	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:May 15, 2026, 4:28 a.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
197351	7.5	HIGH Network	bitdefender	engines	Improper Input Validation vulnerability in the cevakrnl.rv0 module as used in the Bitdefender Engines allows an attacker to trigger a denial of service while scanning a specially-crafted sample. This…	CWE-20 Improper Input Validation	CVE-2020-8100	2024-11-21 14:38	2020-05-15	Show	GitHub Exploit DB Packet Storm

197352	6.1	MEDIUM Network	opensuse debian	open_build_service debian_linux	A Improper Neutralization of Input During Web Page Generation vulnerability in open-build-service allows remote attackers to store arbitrary JS code to cause XSS. This issue affects: openSUSE open-bu…	-	CVE-2020-8020	2024-11-21 14:38	2020-05-14	Show	GitHub Exploit DB Packet Storm

197353	9.8	CRITICAL Network	rubyonrails debian	actionpack_page-caching debian_linux	There is a vulnerability in actionpack_page-caching gem < v1.2.1 that allows an attacker to write arbitrary files to a web server, potentially resulting in remote code execution if the attacker can w…	CWE-22 Path Traversal	CVE-2020-8159	2024-11-21 14:38	2020-05-12	Show	GitHub Exploit DB Packet Storm

197354	7.0	HIGH Network	nextcloud fedoraproject	mail fedora	A missing verification of the TLS host in Nextcloud Mail 1.1.3 allowed a man in the middle attack.	CWE-295 Improper Certificate Validation	CVE-2020-8156	2024-11-21 14:38	2020-05-12	Show	GitHub Exploit DB Packet Storm

197355	5.4	MEDIUM Network	nextcloud	nextcloud_server	An outdated 3rd party library in the Files PDF viewer for Nextcloud Server 18.0.2 caused a Cross-site scripting vulnerability when opening a malicious PDF.	CWE-79 Cross-site Scripting	CVE-2020-8155	2024-11-21 14:38	2020-05-12	Show	GitHub Exploit DB Packet Storm

197356	7.7	HIGH Network	nextcloud	nextcloud_server	An Insecure direct object reference vulnerability in Nextcloud Server 18.0.2 allowed an attacker to remote wipe devices of other users when sending a malicious request directly to the endpoint.	CWE-639 Authorization Bypass Through User-Controlled Key	CVE-2020-8154	2024-11-21 14:38	2020-05-12	Show	GitHub Exploit DB Packet Storm

197357	8.1	HIGH Network	nextcloud fedoraproject	group_folders fedora	Improper access control in Groupfolders app 4.0.3 allowed to delete hidden directories when when renaming an accessible item to the same name.	CWE-732 Incorrect Permission Assignment for Critical Resource	CVE-2020-8153	2024-11-21 14:38	2020-05-12	Show	GitHub Exploit DB Packet Storm

197358	7.5	HIGH Network	rubyonrails fedoraproject	active_resource fedora	There is a possible information disclosure issue in Active Resource <v5.1.1 that could allow an attacker to create specially crafted requests to access data in an unexpected way and possibly leak inf…	CWE-863 Incorrect Authorization	CVE-2020-8151	2024-11-21 14:38	2020-05-12	Show	GitHub Exploit DB Packet Storm

197359	5.3	MEDIUM Network	mongodb	mongodb	Improper serialization of internal state in the authorization subsystem in MongoDB Server's authorization subsystem permits a user with valid credentials to bypass IP whitelisting protection mechani…	CWE-863 Incorrect Authorization	CVE-2020-7921	2024-11-21 14:38	2020-05-7	Show	GitHub Exploit DB Packet Storm

197360	6.1	MEDIUM Network	commscope	ruckus_zoneflex_r500_firmware	Ruckus R500 3.4.2.0.384 devices allow XSS via the index.asp Device Name field.	CWE-79 Cross-site Scripting	CVE-2020-8033	2024-11-21 14:38	2020-05-6	Show	GitHub Exploit DB Packet Storm