Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":May 23, 2026, 6 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
230661 6.8 警告 xkiosk - xKiosk WEB の system/funcs/xkurl.php における PHP リモートファイルインクルージョンの脆弱性 CWE-94
コード・インジェクション 		CVE-2007-5314 2012-12-20 18:33 2007-10-9 Show GitHub Exploit DB Packet Storm
230662 7.5 危険 script-solution.de - Picturesolution の install/config.php における PHP リモートファイルインクルージョンの脆弱性 CWE-94
コード・インジェクション 		CVE-2007-5313 2012-12-20 18:33 2007-10-9 Show GitHub Exploit DB Packet Storm
230663 4.3 警告 torrenttrader - TorrentTrader Classic におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2007-5312 2012-12-20 18:33 2007-10-9 Show GitHub Exploit DB Packet Storm
230664 7.5 危険 torrenttrader - TorrentTrader Classic Edition の backend/admin-functions.php におけるディレクトリトラバーサルの脆弱性 CWE-22
パス・トラバーサル 		CVE-2007-5311 2012-12-20 18:33 2007-10-9 Show GitHub Exploit DB Packet Storm
230665 7.5 危険 yannick tanguy - ELSEIF CMS における任意の PHP コードを実行される脆弱性 CWE-94
コード・インジェクション 		CVE-2007-5307 2012-12-20 18:33 2007-10-9 Show GitHub Exploit DB Packet Storm
230666 5 警告 yannick tanguy - ELSEIF CMS における重要な情報を取得される脆弱性 CWE-22
パス・トラバーサル 		CVE-2007-5306 2012-12-20 18:33 2007-10-9 Show GitHub Exploit DB Packet Storm
230667 7.5 危険 yannick tanguy - ELSEIF CMS における PHP リモートファイルインクルージョンの脆弱性 CWE-94
コード・インジェクション 		CVE-2007-5305 2012-12-20 18:33 2007-10-9 Show GitHub Exploit DB Packet Storm
230668 4.3 警告 yannick tanguy - ELSEIF CMS におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2007-5304 2012-12-20 18:33 2007-10-9 Show GitHub Exploit DB Packet Storm
230669 4.3 警告 snewscms - SnewsCMS Rus の news_page.php におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2007-5303 2012-12-20 18:33 2007-10-9 Show GitHub Exploit DB Packet Storm
230670 4.3 警告 splitside - Directory Image Gallery の photos.cfm におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2007-5292 2012-12-20 18:33 2007-10-9 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:May 23, 2026, 4:08 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
210311 7.5 HIGH
Network 		siemens simatic_et_200sp_open_controller_firmware
simatic_s7-1500_software_controller_firmware 		A vulnerability has been identified in SIMATIC ET 200SP Open Controller (incl. SIPLUS variants) (V20.8), SIMATIC S7-1500 Software Controller (V20.8). The web server of the affected products contains … - CVE-2020-15796 2024-11-21 14:06 2020-12-15 Show GitHub Exploit DB Packet Storm
210312 8.8 HIGH
Network 		gallagher command_centre Type confusion in Gallagher Command Centre Server allows a remote attacker to crash the server or possibly cause remote code execution. This issue affects: Gallagher Command Centre 8.30 versions prio… CWE-843
Type Confusion 		CVE-2020-16103 2024-11-21 14:06 2020-12-15 Show GitHub Exploit DB Packet Storm
210313 8.2 HIGH
Network 		gallagher command_centre Improper Authentication vulnerability in Gallagher Command Centre Server allows an unauthenticated remote attacker to create items with invalid configuration, potentially causing the server to crash … CWE-306
Missing Authentication for Critical Function 		CVE-2020-16102 2024-11-21 14:06 2020-12-15 Show GitHub Exploit DB Packet Storm
210314 7.2 HIGH
Network 		gallagher command_centre SQL Injection vulnerability in Enterprise Data Interface of Gallagher Command Centre allows a remote attacker with 'Edit Enterprise Data Interfaces' privilege to execute arbitrary SQL against a third… CWE-89
SQL Injection 		CVE-2020-16104 2024-11-21 14:06 2020-12-15 Show GitHub Exploit DB Packet Storm
210315 6.5 MEDIUM
Network 		bitdefender antivirus_plus An Origin Validation Error vulnerability in the SafePay component of Bitdefender Antivirus Plus allows a web resource to misrepresent itself in the URL bar. This issue affects: Bitdefender Antivirus … CWE-346
 Origin Validation Error 		CVE-2020-15733 2024-11-21 14:06 2020-12-15 Show GitHub Exploit DB Packet Storm
210316 3.8 LOW
Local 		canonical ubuntu_linux The aptdaemon DBus interface disclosed file existence disclosure by setting Terminal/DebconfSocket properties, aka GHSL-2020-192 and GHSL-2020-196. This affected versions prior to 1.1.1+bzr982-0ubunt… CWE-209
Information Exposure Through an Error Message 		CVE-2020-16128 2024-11-21 14:06 2020-12-9 Show GitHub Exploit DB Packet Storm
210317 4.7 MEDIUM
Local 		canonical ubuntu_linux An Ubuntu-specific patch in PulseAudio created a race condition where the snap policy module would fail to identify a client connection from a snap as coming from a snap if SCM_CREDENTIALS were missi… CWE-362
Race Condition 		CVE-2020-16123 2024-11-21 14:06 2020-12-4 Show GitHub Exploit DB Packet Storm
210318 9.8 CRITICAL
Network 		ortussolutions testbox In Ortus TestBox 2.4.0 through 4.1.0, unvalidated query string parameters passed to system/runners/HTMLRunner.cfm allow an attacker to write an arbitrary CFM file (within the application's context) c… CWE-22
Path Traversal 		CVE-2020-15929 2024-11-21 14:06 2020-11-24 Show GitHub Exploit DB Packet Storm
210319 5.3 MEDIUM
Network 		ortussolutions testbox In Ortus TestBox 2.4.0 through 4.1.0, unvalidated query string parameters to test-browser/index.cfm allow directory traversal. CWE-22
Path Traversal 		CVE-2020-15928 2024-11-21 14:06 2020-11-24 Show GitHub Exploit DB Packet Storm
210320 6.1 MEDIUM
Local 		pulseaudio_project pulseaudio Potential double free in Bluez 5 module of PulseAudio could allow a local attacker to leak memory or crash the program. The modargs variable may be freed twice in the fail condition in src/modules/bl… CWE-415
 Double Free 		CVE-2020-15710 2024-11-21 14:06 2020-11-19 Show GitHub Exploit DB Packet Storm