Vulnerability Search Top

Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

Vulnerability Information Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":May 27, 2026, 6 p.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
230701	4.3	警告	webex communications	-	WebEx の GpcContainer.GpcContainer.1 ActiveX コントロールにおけるサービス運用妨害 (DoS) の脆弱性	CWE-399 リソース管理の問題	CVE-2007-6005	2012-12-20 18:33	2007-11-15	Show	GitHub Exploit DB Packet Storm

230702	7.5	危険	toko	-	Toko Instan の index.php における SQL インジェクションの脆弱性	CWE-89 SQLインジェクション	CVE-2007-6004	2012-12-20 18:33	2007-11-15	Show	GitHub Exploit DB Packet Storm

230703	4.3	警告	Thomson	-	Thomson SpeedTouch 716 の cgi/b/ic/connect におけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2007-6003	2012-12-20 18:33	2007-11-15	Show	GitHub Exploit DB Packet Storm

230704	7.5	危険	SoftbizScripts	-	Softbiz Auctions Script の product_desc.php における SQL インジェクションの脆弱性	CWE-89 SQLインジェクション	CVE-2007-5999	2012-12-20 18:33	2007-11-15	Show	GitHub Exploit DB Packet Storm

230705	4.3	警告	Trolltech	-	Trolltech Qt の QSslSocket における偽装サービスの無効なサーバ証明書を承認するようにユーザを騙す脆弱性	CWE-264 認可・権限・アクセス制御	CVE-2007-5965	2012-12-20 18:33	2008-01-7	Show	GitHub Exploit DB Packet Storm

230706	4.3	警告	レッドハット	-	RHN および Red Hat Network Satellite で使用されている Red Hat Network チャンネル検索機能におけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2007-5961	2012-12-20 18:33	2008-05-20	Show	GitHub Exploit DB Packet Storm

230707	6.5	警告	SoftbizScripts	-	Softbiz Ad Management plus Script の ads.php における SQL インジェクションの脆弱性	CWE-89 SQLインジェクション	CVE-2007-5998	2012-12-20 18:33	2007-11-15	Show	GitHub Exploit DB Packet Storm

230708	6.5	警告	SoftbizScripts	-	Softbiz Banner Exchange Network Script の campaign_stats.php における SQL インジェクションの脆弱性	CWE-89 SQLインジェクション	CVE-2007-5997	2012-12-20 18:33	2007-11-15	Show	GitHub Exploit DB Packet Storm

230709	7.5	危険	SoftbizScripts	-	Softbiz Link Directory Script の searchresult.php における SQL インジェクションの脆弱性	CWE-89 SQLインジェクション	CVE-2007-5996	2012-12-20 18:33	2007-11-15	Show	GitHub Exploit DB Packet Storm

230710	6.8	警告	php-tools	-	patBBcode の examples/patExampleGen/bbcodeSource.php における PHP リモートファイルインクルージョンの脆弱性	CWE-94 コード・インジェクション	CVE-2007-5995	2012-12-20 18:33	2007-11-15	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:May 28, 2026, 4:16 a.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
196881	6.1	MEDIUM Network	tecnick	tcexam	A reflected cross-site scripting vulnerability exists in TCExam <= 14.8.3. The paths provided in the f, d, and dir parameters in tce_filemanager.php were not properly validated and could cause reflec…	CWE-79 Cross-site Scripting	CVE-2021-20115	2024-11-21 14:45	2021-08-6	Show	GitHub Exploit DB Packet Storm

196882	9.8	CRITICAL Network	sonicwall	sma_210_firmware sma_410_firmware sma_500v_firmware sra_4600_firmware sra_1600_firmware sra_va_firmware	Improper neutralization of a SQL Command leading to SQL Injection vulnerability impacting end-of-life Secure Remote Access (SRA) products, specifically the SRA appliances running all 8.x firmware and…	CWE-89 SQL Injection	CVE-2021-20028	2024-11-21 14:45	2021-08-5	Show	GitHub Exploit DB Packet Storm

196883	7.5	HIGH Network	tecnick	tcexam	When installed following the default/recommended settings, TCExam <= 14.8.1 allowed unauthenticated users to access the /cache/backup/ directory, which included sensitive database backup files.	CWE-425 Direct Request ('Forced Browsing')	CVE-2021-20114	2024-11-21 14:45	2021-07-30	Show	GitHub Exploit DB Packet Storm

196884	5.3	MEDIUM Network	tecnick	tcexam	An exposure of sensitive information vulnerability exists in TCExam <= 14.8.1. If a password reset request was made for an email address that was not registered with a user then we would be presented…	CWE-203 Information Exposure Through Discrepancy	CVE-2021-20113	2024-11-21 14:45	2021-07-30	Show	GitHub Exploit DB Packet Storm

196885	5.4	MEDIUM Network	tecnick	tcexam	A stored cross-site scripting vulnerability exists in TCExam <= 14.8.1. Valid files uploaded via tce_select_mediafile.php with a filename beggining with a period will be rendered as text/html. An att…	CWE-79 Cross-site Scripting	CVE-2021-20112	2024-11-21 14:45	2021-07-30	Show	GitHub Exploit DB Packet Storm

196886	5.4	MEDIUM Network	tecnick	tcexam	A stored cross-site scripting vulnerability exists in TCExam <= 14.8.1. Valid files uploaded via tce_filemanager.php with a filename beggining with a period will be rendered as text/html. An attacker…	CWE-79 Cross-site Scripting	CVE-2021-20111	2024-11-21 14:45	2021-07-30	Show	GitHub Exploit DB Packet Storm

196887	6.5	MEDIUM Local	tenable	nessus	Nessus Agent versions 8.2.5 and earlier were found to contain a privilege escalation vulnerability which could allow a Nessus administrator user to upload a specially crafted file that could lead to …	NVD-CWE-noinfo	CVE-2021-20106	2024-11-21 14:45	2021-07-22	Show	GitHub Exploit DB Packet Storm

196888	9.8	CRITICAL Network	zohocorp	manageengine_assetexplorer	Due to Manage Engine Asset Explorer Agent 1.0.34 not validating HTTPS certificates, an attacker on the network can statically configure their IP address to match the Asset Explorer's Server IP addres…	CWE-190 Integer Overflow or Wraparound	CVE-2021-20110	2024-11-21 14:45	2021-07-20	Show	GitHub Exploit DB Packet Storm

196889	7.5	HIGH Network	zohocorp	manageengine_assetexplorer	Due to the Asset Explorer agent not validating HTTPS certificates, an attacker on the network can statically configure their IP address to match the Asset Explorer's Server IP address. This will allo…	CWE-787 Out-of-bounds Write	CVE-2021-20109	2024-11-21 14:45	2021-07-20	Show	GitHub Exploit DB Packet Storm

196890	7.5	HIGH Network	zohocorp	manageengine_assetexplorer	Manage Engine Asset Explorer Agent 1.0.34 listens on port 9000 for incoming commands over HTTPS from Manage Engine Server. The HTTPS certificates are not verified which allows any arbitrary user on t…	CWE-401 Missing Release of Memory after Effective Lifetime	CVE-2021-20108	2024-11-21 14:45	2021-07-20	Show	GitHub Exploit DB Packet Storm