Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":May 20, 2026, 6 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
230371 9.3 危険 VMware - EMC VMware ACE における脆弱性 CWE-noinfo
情報不足 		CVE-2007-5025 2012-12-20 18:33 2007-09-21 Show GitHub Exploit DB Packet Storm
230372 6.9 警告 VMware - EMC VMware Workstation などにおける権限を取得される脆弱性 CWE-264
認可・権限・アクセス制御 		CVE-2007-5023 2012-12-20 18:33 2007-09-21 Show GitHub Exploit DB Packet Storm
230373 10 危険 サン・マイクロシステムズ - JRE の Sun Java Web Start ActiveX コントロールにおけるバッファオーバーフローの脆弱性 CWE-119
バッファエラー 		CVE-2007-5019 2012-12-20 18:33 2007-09-20 Show GitHub Exploit DB Packet Storm
230374 5 警告 Yahoo! - Yahoo! Messenger の ft60.dll における絶対パストラバーサルの脆弱性 CWE-22
パス・トラバーサル 		CVE-2007-5017 2012-12-20 18:33 2007-09-20 Show GitHub Exploit DB Packet Storm
230375 6.8 警告 streamline - Streamline PHP Media Server における PHP リモートファイルインクルージョンの脆弱性 CWE-94
コード・インジェクション 		CVE-2007-5015 2012-12-20 18:33 2007-09-20 Show GitHub Exploit DB Packet Storm
230376 4.3 警告 phpwebgallery - PhpWebGallery の picture.php におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2007-5012 2012-12-20 18:33 2007-09-20 Show GitHub Exploit DB Packet Storm
230377 5 警告 wilson windowware - WebBatch の webbatch.exe における重要な情報を取得される脆弱性 CWE-200
情報漏えい 		CVE-2007-5011 2012-12-20 18:33 2007-09-20 Show GitHub Exploit DB Packet Storm
230378 4.3 警告 wilson windowware - WebBatch におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2007-5010 2012-12-20 18:33 2007-09-20 Show GitHub Exploit DB Packet Storm
230379 6.8 警告 phpbb2 - phpBB Plus の language/lang_german/lang_main_album.php における PHP リモートファイルインクルージョンの脆弱性 CWE-94
コード・インジェクション 		CVE-2007-5009 2012-12-20 18:33 2007-09-20 Show GitHub Exploit DB Packet Storm
230380 4.3 警告 Pidgin - Pidgin の libpurple におけるサービス運用妨害 (DoS) の脆弱性 CWE-20
不適切な入力確認 		CVE-2007-4999 2012-12-20 18:33 2007-10-29 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:May 21, 2026, 4:10 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
210181 6.5 MEDIUM
Network 		squid-cache
canonical
debian
fedoraproject
opensuse 		squid
ubuntu_linux
debian_linux
fedora
leap 		An issue was discovered in Squid before 4.13 and 5.x before 5.0.4. Due to incorrect data validation, HTTP Request Splitting attacks may succeed against HTTP and HTTPS traffic. This leads to cache poi… CWE-697
 Incorrect Comparison 		CVE-2020-15811 2024-11-21 14:06 2020-09-3 Show GitHub Exploit DB Packet Storm
210182 6.5 MEDIUM
Network 		squid-cache
canonical
debian
fedoraproject
opensuse 		squid
ubuntu_linux
debian_linux
fedora
leap 		An issue was discovered in Squid before 4.13 and 5.x before 5.0.4. Due to incorrect data validation, HTTP Request Smuggling attacks may succeed against HTTP and HTTPS traffic. This leads to cache poi… CWE-444
HTTP Request Smuggling 		CVE-2020-15810 2024-11-21 14:06 2020-09-3 Show GitHub Exploit DB Packet Storm
210183 5.5 MEDIUM
Local 		arm
fedoraproject
debian 		mbed_tls
fedora
debian_linux 		A Lucky 13 timing side channel in mbedtls_ssl_decrypt_buf in library/ssl_msg.c in Trusted Firmware Mbed TLS through 2.23.0 allows an attacker to recover secret key information. This affects CBC mode … CWE-203
 Information Exposure Through Discrepancy 		CVE-2020-16150 2024-11-21 14:06 2020-09-3 Show GitHub Exploit DB Packet Storm
210184 9.0 CRITICAL
Network 		redlion n-tron_702-w_firmware
n-tron_702m12-w_firmware 		The affected product is vulnerable to reflected cross-site scripting, which may allow an attacker to remotely execute arbitrary code and perform actions in the context of an attacked user on the N-Tr… - CVE-2020-16210 2024-11-21 14:06 2020-09-2 Show GitHub Exploit DB Packet Storm
210185 8.8 HIGH
Network 		redlion n-tron_702-w_firmware
n-tron_702m12-w_firmware 		The affected product is vulnerable to cross-site request forgery, which may allow an attacker to modify different configurations of a device by luring an authenticated user to click on a crafted link… - CVE-2020-16208 2024-11-21 14:06 2020-09-2 Show GitHub Exploit DB Packet Storm
210186 9.0 CRITICAL
Network 		redlion n-tron_702-w_firmware
n-tron_702m12-w_firmware 		The affected product is vulnerable to stored cross-site scripting, which may allow an attacker to remotely execute arbitrary code to gain access to sensitive data on the N-Tron 702-W / 702M12-W (all … - CVE-2020-16206 2024-11-21 14:06 2020-09-2 Show GitHub Exploit DB Packet Storm
210187 9.8 CRITICAL
Network 		redlion n-tron_702-w_firmware
n-tron_702m12-w_firmware 		The affected product is vulnerable due to an undocumented interface found on the device, which may allow an attacker to execute commands as root on the device on the N-Tron 702-W / 702M12-W (all vers… - CVE-2020-16204 2024-11-21 14:06 2020-09-2 Show GitHub Exploit DB Packet Storm
210188 5.5 MEDIUM
Local 		canonical ppp The modprobe child process in the ./debian/patches/load_ppp_generic_if_needed patch file incorrectly handled module loading. A local non-root attacker could exploit the MODPROBE_OPTIONS environment v… CWE-20
 Improper Input Validation  		CVE-2020-15704 2024-11-21 14:06 2020-09-1 Show GitHub Exploit DB Packet Storm
210189 7.5 HIGH
Network 		linuxfoundation acrn Missing access control restrictions in the Hypervisor component of the ACRN Project (v2.0 and v1.6.1) allow a malicious entity, with root access in the Service VM userspace, to abuse the PCIe assign/… NVD-CWE-Other
CVE-2020-15687 2024-11-21 14:06 2020-09-1 Show GitHub Exploit DB Packet Storm
210190 3.5 LOW
Adjacent 		mercedes-benz comand On Mercedes-Benz C Class AMG Premium Plus c220 BlueTec vehicles, the Bluetooth stack mishandles %x and %c format-string specifiers in a device name in the COMAND infotainment software. CWE-134
Use of Externally-Controlled Format String 		CVE-2020-16142 2024-11-21 14:06 2020-08-28 Show GitHub Exploit DB Packet Storm