Vulnerability Search Top

Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

Vulnerability Information Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":May 15, 2026, 6 p.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
230491	9.3	危険	Yahoo!	-	Yahoo! Messenger の AudioConf ActiveX コントロールにおけるスタックベースのバッファオーバーフローの脆弱性	-	CVE-2007-1680	2012-12-20 18:19	2007-04-5	Show	GitHub Exploit DB Packet Storm

230492	7.5	危険	Python Software Foundation	-	Python の Modules/zlib におけるスタックベースのバッファオーバーフローの脆弱性	-	CVE-2007-1657	2012-12-20 18:19	2007-03-23	Show	GitHub Exploit DB Packet Storm

230493	10	危険	tinymux	-	TinyMUX の funmath.cpp におけるバッファオーバーフローの脆弱性	-	CVE-2007-1655	2012-12-20 18:19	2007-03-23	Show	GitHub Exploit DB Packet Storm

230494	4.3	警告	subhub	-	SubHub におけるクロスサイトスクリプティングの脆弱性	-	CVE-2007-1646	2012-12-20 18:19	2007-03-23	Show	GitHub Exploit DB Packet Storm

230495	7.5	危険	portailphp	-	PortailPHP の index.php における SQL インジェクションの脆弱性	-	CVE-2007-1641	2012-12-20 18:19	2007-03-23	Show	GitHub Exploit DB Packet Storm

230496	4.6	警告	phpprojekt	-	PHProjekt における任意のコードを実行される脆弱性	-	CVE-2007-1639	2012-12-20 18:19	2007-03-23	Show	GitHub Exploit DB Packet Storm

230497	6.8	警告	phpprojekt	-	PHProjekt の lib/lib.inc.php におけるクロスサイトリクエストフォージェリの脆弱性	-	CVE-2007-1638	2012-12-20 18:19	2007-03-23	Show	GitHub Exploit DB Packet Storm

230498	7.5	危険	roseonlinecms	-	RoseOnlineCMS の index.php におけるディレクトリトラバーサルの脆弱性	-	CVE-2007-1636	2012-12-20 18:19	2007-03-23	Show	GitHub Exploit DB Packet Storm

230499	7.5	危険	typolight	-	TYPOlight webCMS における脆弱性	CWE-noinfo 情報不足	CVE-2007-1632	2012-12-20 18:19	2007-03-23	Show	GitHub Exploit DB Packet Storm

230500	9.3	危険	studiewijzer	-	Studiewijzer における PHP リモートファイルインクルージョンの脆弱性	-	CVE-2007-1628	2012-12-20 18:19	2007-03-23	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:May 15, 2026, 4:28 a.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
198001	7.8	HIGH Local	fsa_project	fsa	fsa through 0.5.1 is vulnerable to Command Injection. The first argument of 'execGitCommand()', located within 'lib/rep.js#63' can be controlled by users without any sanitization to inject arbitrary …	CWE-78 OS Command	CVE-2020-7615	2024-11-21 14:37	2020-04-7	Show	GitHub Exploit DB Packet Storm

198002	9.8	CRITICAL Network	npm-programmatic_project	npm-programmatic	npm-programmatic through 0.0.12 is vulnerable to Command Injection.The packages and option properties are concatenated together without any validation and are used by the 'exec' function directly.	CWE-20 CWE-78 Improper Input Validation OS Command	CVE-2020-7614	2024-11-21 14:37	2020-04-7	Show	GitHub Exploit DB Packet Storm

198003	8.1	HIGH Network	clamscan_project	clamscan	clamscan through 1.2.0 is vulnerable to Command Injection. It is possible to inject arbitrary commands as part of the `_is_clamav_binary` function located within `Index.js`. It should be noted that t…	CWE-78 OS Command	CVE-2020-7613	2024-11-21 14:37	2020-04-7	Show	GitHub Exploit DB Packet Storm

198004	9.8	CRITICAL Network	jooby	jooby	This affects the package io.jooby:jooby-netty before 1.6.9, from 2.0.0 and before 2.2.1. The DefaultHttpHeaders is set to false which means it does not validates that the header isn't being abused fo…	NVD-CWE-Other	CVE-2020-7622	2024-11-21 14:37	2020-04-7	Show	GitHub Exploit DB Packet Storm

198005	5.3	MEDIUM Network	dot_project	dot	eivindfjeldstad-dot below 1.0.3 is vulnerable to Prototype Pollution.The function 'set' could be tricked into adding or modifying properties of 'Object.prototype' using a '__proto__' payload.	CWE-1321 Improperly Controlled Modification of Object Prototype Attributes ('Prototype Pollution')	CVE-2020-7639	2024-11-21 14:37	2020-04-6	Show	GitHub Exploit DB Packet Storm

198006	5.3	MEDIUM Network	confinit_project	confinit	confinit through 0.3.0 is vulnerable to Prototype Pollution.The 'setDeepProperty' function could be tricked into adding or modifying properties of 'Object.prototype' using a '__proto__' payload.	CWE-1321 Improperly Controlled Modification of Object Prototype Attributes ('Prototype Pollution')	CVE-2020-7638	2024-11-21 14:37	2020-04-6	Show	GitHub Exploit DB Packet Storm

198007	5.3	MEDIUM Network	class-transformer_project	class-transformer	class-transformer before 0.3.1 allow attackers to perform Prototype Pollution. The classToPlainFromExist function could be tricked into adding or modifying properties of Object.prototype using a __pr…	CWE-1321 Improperly Controlled Modification of Object Prototype Attributes ('Prototype Pollution')	CVE-2020-7637	2024-11-21 14:37	2020-04-6	Show	GitHub Exploit DB Packet Storm

198008	9.8	CRITICAL Network	adb-driver_project	adb-driver	adb-driver through 0.1.8 is vulnerable to Command Injection.It allows execution of arbitrary commands via the command function.	CWE-78 OS Command	CVE-2020-7636	2024-11-21 14:37	2020-04-6	Show	GitHub Exploit DB Packet Storm

198009	9.8	CRITICAL Network	compass-compile_project	compass-compile	compass-compile through 0.0.1 is vulnerable to Command Injection.It allows execution of arbitrary commands via tha options argument.	CWE-78 OS Command	CVE-2020-7635	2024-11-21 14:37	2020-04-6	Show	GitHub Exploit DB Packet Storm

198010	9.8	CRITICAL Network	heroku-addonpool_project	heroku-addonpool	heroku-addonpool through 0.1.15 is vulnerable to Command Injection.	CWE-78 OS Command	CVE-2020-7634	2024-11-21 14:37	2020-04-6	Show	GitHub Exploit DB Packet Storm