Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":May 12, 2026, 6 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
230311 6.8 警告 phpBB - phpBB Import Tools Mod の includes/functions_mod_user.php における PHP リモートファイルインクルージョンの脆弱性 CWE-94
コード・インジェクション 		CVE-2006-7147 2012-12-20 18:18 2007-03-7 Show GitHub Exploit DB Packet Storm
230312 4.1 警告 utimaco safeware - Utimaco Safeguard の集中管理機能における設定ファイルから暗号鍵を復元される脆弱性 CWE-310
暗号の問題 		CVE-2006-7142 2012-12-20 18:18 2007-03-7 Show GitHub Exploit DB Packet Storm
230313 4.3 警告 tinyportal - TinyPortal におけるクロスサイトスクリプティングの脆弱性 - CVE-2006-7137 2012-12-20 18:18 2007-03-6 Show GitHub Exploit DB Packet Storm
230314 10 危険 phppc - phpPC における PHP リモートファイルインクルージョンの脆弱性 - CVE-2006-7136 2012-12-20 18:18 2007-03-6 Show GitHub Exploit DB Packet Storm
230315 7.5 危険 salims softhouse - forum/forum.php JAF CMS における PHP リモートファイルインクルージョンの脆弱性 - CVE-2006-7128 2012-12-20 18:18 2007-03-5 Show GitHub Exploit DB Packet Storm
230316 6.8 警告 salims softhouse - JAF CMS における PHP リモートファイルインクルージョンの脆弱性 CWE-94
コード・インジェクション 		CVE-2006-7127 2012-12-20 18:18 2007-03-5 Show GitHub Exploit DB Packet Storm
230317 7.5 危険 phpgiggle - comscripts.com 上で配布されている J. He PHPGiggle における PHP リモートファイルインクルージョンの脆弱性 - CVE-2006-7119 2012-12-20 18:18 2007-03-5 Show GitHub Exploit DB Packet Storm
230318 7.5 危険 PHPKIT - PHPKit における SQL インジェクションの脆弱性 - CVE-2006-7115 2012-12-20 18:18 2007-03-5 Show GitHub Exploit DB Packet Storm
230319 5 警告 planerd.net - P-News における重要な情報を取得される脆弱性 CWE-264
認可・権限・アクセス制御 		CVE-2006-7114 2012-12-20 18:18 2007-03-5 Show GitHub Exploit DB Packet Storm
230320 7.5 危険 planerd.net - P-News における任意のコードをアップロードおよび実行される脆弱性 CWE-20
不適切な入力確認 		CVE-2006-7113 2012-12-20 18:18 2007-03-5 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:May 13, 2026, 5:05 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
210821 9.6 CRITICAL
Network 		gitlab gitlab In GitLab before 13.0.12, 13.1.6 and 13.2.3, it is possible to bypass E-mail verification which is required for OAuth Flow. CWE-287
Improper Authentication 		CVE-2020-13292 2024-11-21 14:00 2020-08-10 Show GitHub Exploit DB Packet Storm
210822 8.8 HIGH
Network 		combodo itop Combodo iTop contains a cross-site request forgery (CSRF) vulnerability, attackers can execute specific commands via malicious site request forgery. CWE-352
 Origin Validation Error 		CVE-2020-12781 2024-11-21 14:00 2020-08-10 Show GitHub Exploit DB Packet Storm
210823 7.5 HIGH
Network 		combodo itop A security misconfiguration exists in Combodo iTop, which can expose sensitive information. CWE-863
 Incorrect Authorization 		CVE-2020-12780 2024-11-21 14:00 2020-08-10 Show GitHub Exploit DB Packet Storm
210824 5.4 MEDIUM
Network 		combodo itop Combodo iTop contains a stored Cross-site Scripting vulnerability, which can be attacked by uploading file with malicious script. CWE-79
Cross-site Scripting 		CVE-2020-12779 2024-11-21 14:00 2020-08-10 Show GitHub Exploit DB Packet Storm
210825 6.1 MEDIUM
Network 		combodo itop Combodo iTop does not validate inputted parameters, attackers can inject malicious commands and launch XSS attack. CWE-79
Cross-site Scripting 		CVE-2020-12778 2024-11-21 14:00 2020-08-10 Show GitHub Exploit DB Packet Storm
210826 7.5 HIGH
Network 		combodo itop A function in Combodo iTop contains a vulnerability of Broken Access Control, which allows unauthorized attacker to inject command and disclose system information. CWE-200
Information Exposure 		CVE-2020-12777 2024-11-21 14:00 2020-08-10 Show GitHub Exploit DB Packet Storm
210827 9.8 CRITICAL
Network 		aerospike aerospike_server Aerospike Community Edition 4.9.0.5 allows for unauthenticated submission and execution of user-defined functions (UDFs), written in Lua, as part of a database query. It attempts to restrict code exe… CWE-78
OS Command  		CVE-2020-13151 2024-11-21 14:00 2020-08-5 Show GitHub Exploit DB Packet Storm
210828 5.3 MEDIUM
Network 		fanuc series_30i_firmware
series_31i_firmware
series_32i-b_plus_firmware
series_35i-b_firmware
power_motion_i-model_a_firmware
series_0i-model_f_plus_firmware
series_0i-model_f_firmware 		A denial-of-service vulnerability in the Fanuc i Series CNC (0i-MD and 0i Mate-MD) could allow an unauthenticated, remote attacker to cause an affected CNC to become inaccessible to other devices. CWE-400
 Uncontrolled Resource Consumption 		CVE-2020-12739 2024-11-21 14:00 2020-08-4 Show GitHub Exploit DB Packet Storm
210829 7.5 HIGH
Network 		cherokee-project cherokee Cherokee 0.4.27 to 1.2.104 is affected by a denial of service due to a NULL pointer dereferences. A remote unauthenticated attacker can crash the server by sending an HTTP request to protected resour… CWE-476
 NULL Pointer Dereference 		CVE-2020-12845 2024-11-21 14:00 2020-07-28 Show GitHub Exploit DB Packet Storm
210830 5.5 MEDIUM
Local 		pulsesecure
ivanti 		pulse_connect_secure
connect_secure
pulse_policy_secure
policy_secure 		An issue was discovered in Pulse Policy Secure (PPS) and Pulse Connect Secure (PCS) Virtual Appliance before 9.1R8. By manipulating a certain kernel boot parameter, it can be tricked into dropping in… NVD-CWE-noinfo
CVE-2020-12880 2024-11-21 14:00 2020-07-28 Show GitHub Exploit DB Packet Storm