Vulnerability Search Top

Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

Vulnerability Information Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":May 18, 2026, 6 p.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
230441	10	危険	ZoneO-soft	-	phpTrafficA の Php/login.inc.php における認証を回避される脆弱性	-	CVE-2007-3647	2012-12-20 18:33	2007-07-10	Show	GitHub Exploit DB Packet Storm

230442	4	警告	WordPress.org	-	WordPress における重要な情報を取得される脆弱性	-	CVE-2007-3639	2012-12-20 18:33	2007-07-9	Show	GitHub Exploit DB Packet Storm

230443	6	警告	Yahoo!	-	Yahoo! Messenger におけるバッファオーバーフローの脆弱性	CWE-119 バッファエラー	CVE-2007-3638	2012-12-20 18:33	2007-07-9	Show	GitHub Exploit DB Packet Storm

230444	7.5	危険	SquirrelMail Project	-	Squirrelmail 用の GPG Plugin における任意のコマンドを実行される脆弱性	-	CVE-2007-3636	2012-12-20 18:33	2007-07-9	Show	GitHub Exploit DB Packet Storm

230445	4.3	警告	SquirrelMail Project	-	Squirrelmail 用の GPG Plugin における特定のコマンドを挿入される脆弱性	CWE-noinfo 情報不足	CVE-2007-3635	2012-12-20 18:33	2007-07-9	Show	GitHub Exploit DB Packet Storm

230446	6.5	警告	SquirrelMail Project	-	Squirrelmail 用の GPG Plugin における任意のコマンドを実行される脆弱性	CWE-noinfo 情報不足	CVE-2007-3634	2012-12-20 18:33	2007-07-9	Show	GitHub Exploit DB Packet Storm

230447	10	危険	SAP	-	SAP Message Server の Message HTTP Server におけるヒープベースのバッファオーバーフローの脆弱性	-	CVE-2007-3624	2012-12-20 18:33	2007-07-9	Show	GitHub Exploit DB Packet Storm

230448	4	警告	Vtiger	-	vtiger CRM の report モジュールにおける任意のプライベートモジュールエントリを読まれる脆弱性	-	CVE-2007-3617	2012-12-20 18:33	2007-01-18	Show	GitHub Exploit DB Packet Storm

230449	7.8	危険	SAP	-	Windows 上で稼動する SAP NetWeaver Application Server の Internet Communication Manager におけるサービス運用妨害 (DoS) の脆弱性	-	CVE-2007-3615	2012-12-20 18:33	2007-07-6	Show	GitHub Exploit DB Packet Storm

230450	7.5	危険	SAP	-	SAP DB の waHTTP.exe におけるスタックベースのバッファーオーバーフローの脆弱性	-	CVE-2007-3614	2012-12-20 18:33	2007-07-6	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:May 18, 2026, 4:12 a.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
210541	7.6	HIGH Network	save-server_project	save-server	save-server (npm package) before version 1.05 is affected by a CSRF vulnerability, as there is no CSRF mitigation (Tokens etc.). The fix introduced in version version 1.05 unintentionally breaks uplo…	CWE-352 Origin Validation Error	CVE-2020-15135	2024-11-21 14:04	2020-08-5	Show	GitHub Exploit DB Packet Storm

210542	8.7	HIGH Network	faye_project	faye	Faye before version 1.4.0, there is a lack of certification validation in TLS handshakes. Faye uses em-http-request and faye-websocket in the Ruby version of its client. Those libraries both use the …	CWE-295 Improper Certificate Validation	CVE-2020-15134	2024-11-21 14:04	2020-08-1	Show	GitHub Exploit DB Packet Storm

210543	8.7	HIGH Network	faye-websocket_project	faye-websocket	In faye-websocket before version 0.11.0, there is a lack of certification validation in TLS handshakes. The `Faye::WebSocket::Client` class uses the `EM::Connection#start_tls` method in EventMachine …	CWE-295 Improper Certificate Validation	CVE-2020-15133	2024-11-21 14:04	2020-08-1	Show	GitHub Exploit DB Packet Storm

210544	6.3	MEDIUM Network	octobercms	october	In OctoberCMS before version 1.0.468, encrypted cookie values were not tied to the name of the cookie the value belonged to. This meant that certain classes of attacks that took advantage of other th…	CWE-327 Use of a Broken or Risky Cryptographic Algorithm	CVE-2020-15128	2024-11-21 14:04	2020-08-1	Show	GitHub Exploit DB Packet Storm

210545	7.5	HIGH Network	simpleledger	slp-validate	In SLP Validate (npm package slp-validate) before version 1.2.2, there is a vulnerability to false-positive validation outcomes for the NFT1 Child Genesis transaction type. A poorly implemented SLP w…	CWE-697 Incorrect Comparison	CVE-2020-15131	2024-11-21 14:04	2020-07-31	Show	GitHub Exploit DB Packet Storm

210546	7.5	HIGH Network	simpleledger	slpjs	In SLPJS (npm package slpjs) before version 0.27.4, there is a vulnerability to false-positive validation outcomes for the NFT1 Child Genesis transaction type. A poorly implemented SLP wallet or oppo…	CWE-697 Incorrect Comparison	CVE-2020-15130	2024-11-21 14:04	2020-07-31	Show	GitHub Exploit DB Packet Storm

210547	4.7	MEDIUM Network	traefik	traefik	In Traefik before versions 1.7.26, 2.2.8, and 2.3.0-rc3, there exists a potential open redirect vulnerability in Traefik's handling of the "X-Forwarded-Prefix" header. The Traefik API dashboard compo…	CWE-601 Open Redirect	CVE-2020-15129	2024-11-21 14:04	2020-07-31	Show	GitHub Exploit DB Packet Storm

210548	7.7	HIGH Network	auth0	auth0.js	In auth0 (npm package) versions before 2.27.1, a DenyList of specific keys that should be sanitized from the request object contained in the error object is used. The key for Authorization header is …	CWE-209 Information Exposure Through an Error Message	CVE-2020-15125	2024-11-21 14:04	2020-07-30	Show	GitHub Exploit DB Packet Storm

210549	8.1	HIGH Network	typo3	typo3	In TYPO3 CMS greater than or equal to 9.0.0 and less than 9.5.20, and greater than or equal to 10.0.0 and less than 10.4.6, in a case where an attacker manages to generate a valid cryptographic messa…	CWE-20 Improper Input Validation	CVE-2020-15099	2024-11-21 14:04	2020-07-30	Show	GitHub Exploit DB Packet Storm

210550	8.8	HIGH Network	typo3	typo3	In TYPO3 CMS greater than or equal to 9.0.0 and less than 9.5.20, and greater than or equal to 10.0.0 and less than 10.4.6, it has been discovered that an internal verification mechanism can be used …	CWE-327 Use of a Broken or Risky Cryptographic Algorithm	CVE-2020-15098	2024-11-21 14:04	2020-07-30	Show	GitHub Exploit DB Packet Storm