Vulnerability Search Top

Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

Vulnerability Information Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":May 19, 2026, 2 p.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
230521	6.8	警告	valerio capello	-	Valerio Capello Dagger - The Cutting Edge r23jan2007 の cal.func.php における PHP リモートファイルインクルージョンの脆弱性	-	CVE-2007-3431	2012-12-20 18:19	2007-06-26	Show	GitHub Exploit DB Packet Storm

230522	7.5	危険	Simple Invoices	-	Simple Invoices 2007 の index.php における SQL インジェクションの脆弱性	-	CVE-2007-3430	2012-12-20 18:19	2007-06-26	Show	GitHub Exploit DB Packet Storm

230523	7.5	危険	ZoneO-soft	-	phpTrafficA における脆弱性	-	CVE-2007-3428	2012-12-20 18:19	2007-06-26	Show	GitHub Exploit DB Packet Storm

230524	7.5	危険	ZoneO-soft	-	phpTrafficA の index.php における SQL インジェクションの脆弱性	-	CVE-2007-3427	2012-12-20 18:19	2007-06-26	Show	GitHub Exploit DB Packet Storm

230525	4.3	警告	ZoneO-soft	-	phpTrafficA の index.php におけるクロスサイトスクリプティングの脆弱性	-	CVE-2007-3426	2012-12-20 18:19	2007-06-26	Show	GitHub Exploit DB Packet Storm

230526	5	警告	ZoneO-soft	-	phpTrafficA の index.php におけるディレクトリトラバーサルの脆弱性	-	CVE-2007-3425	2012-12-20 18:19	2007-06-26	Show	GitHub Exploit DB Packet Storm

230527	7.5	危険	web-app.org	-	web-app.org WebAPP の cgi-bin/cgi-lib/instantmessage.pl における脆弱性	-	CVE-2007-3424	2012-12-20 18:19	2007-06-26	Show	GitHub Exploit DB Packet Storm

230528	7.5	危険	web-app.org	-	web-app.org WebAPP の cgi-bin/cgi-lib/instantmessage.pl における脆弱性	-	CVE-2007-3423	2012-12-20 18:19	2007-06-26	Show	GitHub Exploit DB Packet Storm

230529	7.5	危険	web-app.org	-	web-app.org WebAPP の cgi-bin/cgi-lib/subs.pl における脆弱性	-	CVE-2007-3422	2012-12-20 18:19	2007-06-26	Show	GitHub Exploit DB Packet Storm

230530	7.5	危険	web-app.org	-	web-app.org WebAPP のログイン機能などにおける脆弱性	-	CVE-2007-3421	2012-12-20 18:19	2007-06-26	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:May 19, 2026, 4:16 a.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
197471	7.5	HIGH Network	argoproj	argo_cd	As of v1.5.0, the Argo web interface authentication system issued immutable tokens. Authentication tokens, once issued, were usable forever without expiration—there was no refresh or forced re-authen…	CWE-384 Session Fixation	CVE-2020-8826	2024-11-21 14:39	2020-04-9	Show	GitHub Exploit DB Packet Storm

197472	5.5	MEDIUM Local	canonical netapp	ubuntu_linux cloud_backup steelstore_cloud_integrated_storage solidfire_\&_hci_management_node aff_8300_firmware aff_8700_firmware aff_a220_firmware aff_a320_firmware aff_…	The fix for the Linux kernel in Ubuntu 18.04 LTS for CVE-2019-14615 ("The Linux kernel did not properly clear data structures on context switches for certain Intel graphics processors.") was discover…	CWE-200 Information Exposure	CVE-2020-8832	2024-11-21 14:39	2020-04-10	Show	GitHub Exploit DB Packet Storm

197473	6.5	MEDIUM Local	linux canonical opensuse	linux_kernel ubuntu_linux leap	KVM in the Linux kernel on Power8 processors has a conflicting use of HSTATE_HOST_R1 to store r1 state in kvmppc_hv_entry plus in kvmppc_{save,restore}_tm, leading to a stack corruption. Because of t…	CWE-362 Race Condition	CVE-2020-8834	2024-11-21 14:39	2020-04-10	Show	GitHub Exploit DB Packet Storm

197474	8.8	HIGH Network	testlink	testlink	An unrestricted file upload vulnerability in keywordsImport.php in TestLink 1.9.20 allows remote attackers to execute arbitrary code by uploading a file with an executable extension. This allows an a…	CWE-434 Unrestricted Upload of File with Dangerous Type	CVE-2020-8639	2024-11-21 14:39	2020-04-4	Show	GitHub Exploit DB Packet Storm

197475	9.8	CRITICAL Network	testlink	testlink	A SQL injection vulnerability in TestLink 1.9.20 allows attackers to execute arbitrary SQL commands in planUrgency.php via the urgency parameter.	CWE-89 SQL Injection	CVE-2020-8638	2024-11-21 14:39	2020-04-4	Show	GitHub Exploit DB Packet Storm

197476	9.8	CRITICAL Network	testlink	testlink	A SQL injection vulnerability in TestLink 1.9.20 allows attackers to execute arbitrary SQL commands in dragdroptreenodes.php via the node_id parameter.	CWE-89 SQL Injection	CVE-2020-8637	2024-11-21 14:39	2020-04-4	Show	GitHub Exploit DB Packet Storm

197477	8.0	HIGH Adjacent	huawei	smartax_ma5600t_firmware smartax_ma5800_firmware smartax_ea5800_firmware	There is a buffer overflow vulnerability in some Huawei products. The vulnerability can be exploited by an attacker to perform remote code execution on the affected products when the affected product…	CWE-120 Classic Buffer Overflow	CVE-2020-9067	2024-11-21 14:39	2020-04-3	Show	GitHub Exploit DB Packet Storm

197478	7.8	HIGH Local	linux fedoraproject canonical netapp	linux_kernel fedora ubuntu_linux cloud_backup steelstore_cloud_integrated_storage solidfire hci_management_node a700s_firmware 8300_firmware 8700_firmware a400_firmware<…	In the Linux kernel 5.5.0 and newer, the bpf verifier (kernel/bpf/verifier.c) did not properly restrict the register bounds for 32-bit operations, leading to out-of-bounds reads and writes in kernel …	CWE-125 CWE-787 Out-of-bounds Read Out-of-bounds Write	CVE-2020-8835	2024-11-21 14:39	2020-04-3	Show	GitHub Exploit DB Packet Storm

197479	6.1	MEDIUM Network	tiki	tikiwiki_cms\/groupware	There is an Improper Neutralization of Script-Related HTML Tags in a Web Page (Basic XSS) vulnerability in php webpages of Tiki-Wiki Groupware. Tiki-Wiki CMS all versions through 20.0 allows maliciou…	CWE-79 Cross-site Scripting	CVE-2020-8966	2024-11-21 14:39	2020-04-2	Show	GitHub Exploit DB Packet Storm

197480	5.4	MEDIUM Network	versiant	lynx_customer_service_portal	Versiant LYNX Customer Service Portal (CSP), version 3.5.2, is vulnerable to stored cross-site scripting, which could allow a local, authenticated attacker to insert malicious JavaScript that is stor…	CWE-79 Cross-site Scripting	CVE-2020-9055	2024-11-21 14:39	2020-03-31	Show	GitHub Exploit DB Packet Storm