Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":May 16, 2026, 6 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
230351 7.5 危険 Xaraya - Xaraya の Roles モジュールにおける権限を取得される脆弱性 - CVE-2007-2251 2012-12-20 18:19 2007-04-22 Show GitHub Exploit DB Packet Storm
230352 7.5 危険 phpmyspace - phpMySpace の modules/news/article.php における SQL インジェクションの脆弱性 - CVE-2007-2247 2012-12-20 18:19 2007-04-25 Show GitHub Exploit DB Packet Storm
230353 6.8 警告 The phpMyAdmin Project - phpMyAdmin におけるクロスサイトスクリプティングの脆弱性 - CVE-2007-2245 2012-12-20 18:19 2007-04-25 Show GitHub Exploit DB Packet Storm
230354 6.8 警告 PunBB - PunBB の footer.php における include/user/ 配下のローカルファイルをインクルードされる脆弱性 - CVE-2007-2236 2012-12-20 18:19 2007-04-25 Show GitHub Exploit DB Packet Storm
230355 4.3 警告 PunBB - PunBB におけるクロスサイトスクリプティングの脆弱性 - CVE-2007-2235 2012-12-20 18:19 2007-04-25 Show GitHub Exploit DB Packet Storm
230356 7.5 危険 PunBB - PunBB の include/common.php における global パラメータを登録される脆弱性 - CVE-2007-2234 2012-12-20 18:19 2007-04-25 Show GitHub Exploit DB Packet Storm
230357 7.5 危険 ripe website manager - Ripe Website Manager の contact/index.php における SQL インジェクションの脆弱性 - CVE-2007-2207 2012-12-20 18:19 2007-04-24 Show GitHub Exploit DB Packet Storm
230358 4.3 警告 ripe website manager - Ripe Website Manager の contact/index.php におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2007-2206 2012-12-20 18:19 2007-04-24 Show GitHub Exploit DB Packet Storm
230359 7.5 危険 post revolution - Post Revolution における PHP リモートファイルインクルージョンの脆弱性 - CVE-2007-2201 2012-12-20 18:19 2007-04-24 Show GitHub Exploit DB Packet Storm
230360 6.8 警告 supasite - Supasite における PHP リモートファイルインクルージョンの脆弱性 CWE-94
コード・インジェクション 		CVE-2007-2185 2012-12-20 18:19 2007-04-24 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:May 17, 2026, 4:15 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
213671 9.8 CRITICAL
Network 		sysaid on-premise SysAid On-Premise 20.1.11, by default, allows the AJP protocol port, which is vulnerable to a GhostCat attack. Additionally, it allows unauthenticated access to upload files, which can be used to exe… CWE-434
 Unrestricted Upload of File with Dangerous Type  		CVE-2020-10569 2024-11-21 13:55 2020-04-22 Show GitHub Exploit DB Packet Storm
213672 9.8 CRITICAL
Network 		mitel mivoice_connect_client
mivoice_connect 		A weak encryption vulnerability in Mitel MiVoice Connect Client before 214.100.1214.0 could allow an unauthenticated attacker to gain access to user credentials. A successful exploit could allow an a… CWE-327
 Use of a Broken or Risky Cryptographic Algorithm 		CVE-2020-10377 2024-11-21 13:55 2020-04-17 Show GitHub Exploit DB Packet Storm
213673 7.5 HIGH
Network 		trianglemicroworks scada_data_gateway Triangle MicroWorks SCADA Data Gateway 3.02.0697 through 4.0.122, 2.41.0213 through 4.0.122 allows remote attackers cause a denial-of-service condition due to a lack of proper validation of the lengt… CWE-787
 Out-of-bounds Write 		CVE-2020-10615 2024-11-21 13:55 2020-04-16 Show GitHub Exploit DB Packet Storm
213674 7.5 HIGH
Network 		trianglemicroworks scada_data_gateway Triangle MicroWorks SCADA Data Gateway 3.02.0697 through 4.0.122, 2.41.0213 through 4.0.122 allows remote attackers to disclose sensitive information due to the lack of proper validation of user-supp… CWE-125
Out-of-bounds Read 		CVE-2020-10613 2024-11-21 13:55 2020-04-16 Show GitHub Exploit DB Packet Storm
213675 9.8 CRITICAL
Network 		trianglemicroworks scada_data_gateway Triangle MicroWorks SCADA Data Gateway 3.02.0697 through 4.0.122, 2.41.0213 through 4.0.122 allows remote attackers to execute arbitrary code due to the lack of proper validation of user-supplied dat… CWE-843
Type Confusion 		CVE-2020-10611 2024-11-21 13:55 2020-04-16 Show GitHub Exploit DB Packet Storm
213676 7.8 HIGH
Local 		eaton hmisoft_vu3_firmware Eaton HMiSoft VU3 (HMIVU3 runtime not impacted), Version 3.00.23 and prior, however, the HMIVU runtimes are not impacted by these issues. A specially crafted input file could cause a buffer overflow … CWE-120
Classic Buffer Overflow 		CVE-2020-10639 2024-11-21 13:55 2020-04-16 Show GitHub Exploit DB Packet Storm
213677 5.5 MEDIUM
Local 		eaton hmisoft_vu3_firmware Eaton HMiSoft VU3 (HMIVU3 runtime not impacted), Version 3.00.23 and prior, however, the HMIVU runtimes are not impacted by these issues. A specially crafted input file could trigger an out-of-bounds… CWE-125
Out-of-bounds Read 		CVE-2020-10637 2024-11-21 13:55 2020-04-16 Show GitHub Exploit DB Packet Storm
213678 7.8 HIGH
Local 		targetcli-fb_project targetcli-fb A flaw was found in Linux, in targetcli-fb versions 2.1.50 and 2.1.51 where the socket used by targetclid was world-writable. If a system enables the targetclid socket, a local attacker can use this … CWE-732
 Incorrect Permission Assignment for Critical Resource 		CVE-2020-10699 2024-11-21 13:55 2020-04-15 Show GitHub Exploit DB Packet Storm
213679 8.8 HIGH
Network 		icatchinc dvr_firmware iCatch DVR firmware before 20200103 do not validate function parameter properly, resulting attackers executing arbitrary command. CWE-77
Command Injection 		CVE-2020-10514 2024-11-21 13:55 2020-04-15 Show GitHub Exploit DB Packet Storm
213680 6.5 MEDIUM
Network 		icatchinc dvr_interface The file management interface of iCatch DVR firmware before 20200103 contains broken access control which allows the attacker to remotely manipulate arbitrary file. CWE-732
 Incorrect Permission Assignment for Critical Resource 		CVE-2020-10513 2024-11-21 13:55 2020-04-15 Show GitHub Exploit DB Packet Storm