Vulnerability Search Top

Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

Vulnerability Information Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":May 19, 2026, noon

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
230701	7.5	危険	precisionid barcode	-	PrecisionID_Barcode.dll の PrecisionID Barcode ActiveX コントロールにおけるスタックベースのバッファオーバーフローの脆弱性	-	CVE-2007-2744	2012-12-20 18:19	2007-05-17	Show	GitHub Exploit DB Packet Storm

230702	6.8	警告	xajax-project	-	xajax における脆弱性	-	CVE-2007-2740	2012-12-20 18:19	2007-05-17	Show	GitHub Exploit DB Packet Storm

230703	4.3	警告	xajax-project	-	xajax におけるクロスサイトスクリプティングの脆弱性	-	CVE-2007-2739	2012-12-20 18:19	2007-05-17	Show	GitHub Exploit DB Packet Storm

230704	7.5	危険	XOOPS	-	XOOPS 用の Glossaire モジュールにおける SQL インジェクションの脆弱性	-	CVE-2007-2738	2012-12-20 18:19	2007-05-17	Show	GitHub Exploit DB Packet Storm

230705	7.5	危険	XOOPS	-	Xoops 用の MyConference モジュールにおける SQL インジェクションの脆弱性	-	CVE-2007-2737	2012-12-20 18:19	2007-05-17	Show	GitHub Exploit DB Packet Storm

230706	7.5	危険	touteresa	-	Xoops 用の ResManager モジュールにおける SQL インジェクションの脆弱性	-	CVE-2007-2735	2012-12-20 18:19	2007-05-17	Show	GitHub Exploit DB Packet Storm

230707	10	危険	snaps gallery	-	Snaps! Gallery の Admin/users.php における任意のユーザ名を変更される脆弱性	-	CVE-2007-2715	2012-12-20 18:19	2007-05-16	Show	GitHub Exploit DB Packet Storm

230708	10	危険	tinyirc	-	TinyIdentD におけるスタックベースのバッファオーバーフローの脆弱性	-	CVE-2007-2711	2012-12-20 18:19	2007-05-16	Show	GitHub Exploit DB Packet Storm

230709	6.8	警告	simple php scripts gallery	-	sphp の Ivan Peevski gallery における任意の PHP コードを実行される脆弱性	-	CVE-2007-2679	2012-12-20 18:19	2007-05-14	Show	GitHub Exploit DB Packet Storm

230710	7.5	危険	phpchess	-	phpChess Community Edition における PHP リモートファイルインクルージョンの脆弱性	-	CVE-2007-2677	2012-12-20 18:19	2007-05-14	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:May 19, 2026, 4:16 a.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
198041	9.8	CRITICAL Network	hashicorp	nomad	HashiCorp Nomad and Nomad Enterprise up to 0.10.2 incorrectly validated role/region associated with TLS certificates used for mTLS RPC, and were susceptible to privilege escalation. Fixed in 0.10.3.	CWE-295 Improper Certificate Validation	CVE-2020-7956	2024-11-21 14:38	2020-01-31	Show	GitHub Exploit DB Packet Storm

198042	5.3	MEDIUM Network	hashicorp	consul	HashiCorp Consul and Consul Enterprise 1.4.1 through 1.6.2 did not uniformly enforce ACLs across all API endpoints, resulting in potential unintended information disclosure. Fixed in 1.6.3.	CWE-863 Incorrect Authorization	CVE-2020-7955	2024-11-21 14:38	2020-01-31	Show	GitHub Exploit DB Packet Storm

198043	7.5	HIGH Network	jetbrains	intellij_idea	In JetBrains IntelliJ IDEA 2019.2, an XSLT debugger plugin misconfiguration allows arbitrary file read operations over the network. This issue was fixed in 2019.3.	NVD-CWE-noinfo	CVE-2020-7914	2024-11-21 14:38	2020-01-31	Show	GitHub Exploit DB Packet Storm

198044	5.4	MEDIUM Network	gistpress_project	gistpress	XSS exists in the shortcode functionality of the GistPress plugin before 3.0.2 for WordPress via the includes/class-gistpress.php id parameter. This allows an attacker with the WordPress Contributor …	CWE-79 Cross-site Scripting	CVE-2020-8498	2024-11-21 14:38	2020-01-31	Show	GitHub Exploit DB Packet Storm

198045	4.8	MEDIUM Network	kronos	web_time_and_attendance	In Kronos Web Time and Attendance (webTA) 4.1.x and later 4.x versions before 5.0, there is a Stored XSS vulnerability by setting the Application Banner input field of the /ApplicationBanner page as …	CWE-79 Cross-site Scripting	CVE-2020-8496	2024-11-21 14:38	2020-01-31	Show	GitHub Exploit DB Packet Storm

198046	7.5	HIGH Network	kronos	web_time_and_attendance	In Kronos Web Time and Attendance (webTA) 3.8.x and later 3.x versions before 4.0, the com.threeis.webta.H491delegate servlet allows an attacker with Timekeeper or Supervisor privileges to gain unaut…	CWE-862 Missing Authorization	CVE-2020-8495	2024-11-21 14:38	2020-01-31	Show	GitHub Exploit DB Packet Storm

198047	8.8	HIGH Network	kronos	web_time_and_attendance	In Kronos Web Time and Attendance (webTA) 3.8.x and later 3.x versions before 4.0, the com.threeis.webta.H402editUser servlet allows an attacker with Timekeeper, Master Timekeeper, or HR Admin privil…	NVD-CWE-noinfo	CVE-2020-8494	2024-11-21 14:38	2020-01-31	Show	GitHub Exploit DB Packet Storm

198048	4.8	MEDIUM Network	kronos	web_time_and_attendance	A stored XSS vulnerability in Kronos Web Time and Attendance (webTA) affects 3.8.x and later 3.x versions before 4.0 via multiple input fields (Login Message, Banner Message, and Password Instruction…	CWE-79 Cross-site Scripting	CVE-2020-8493	2024-11-21 14:38	2020-01-31	Show	GitHub Exploit DB Packet Storm

198049	5.5	MEDIUM Local	bitdefender	total_security_2020	A vulnerability in the improper handling of junctions before deletion in Bitdefender Total Security 2020 can allow an attacker to to trigger a denial of service on the affected device.	CWE-20 Improper Input Validation	CVE-2020-8095	2024-11-21 14:38	2020-01-31	Show	GitHub Exploit DB Packet Storm

198050	6.5	MEDIUM Network	python opensuse canonical fedoraproject debian	python leap ubuntu_linux fedora debian_linux	Python 2.7 through 2.7.17, 3.5 through 3.5.9, 3.6 through 3.6.10, 3.7 through 3.7.6, and 3.8 through 3.8.1 allows an HTTP server to conduct Regular Expression Denial of Service (ReDoS) attacks agains…	CWE-400 Uncontrolled Resource Consumption	CVE-2020-8492	2024-11-21 14:38	2020-01-31	Show	GitHub Exploit DB Packet Storm