Vulnerability Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":May 28, 2026, noon

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
230731	6.8	警告	viewpoint	-	Viewpoint Media Player の AxMetaStream.dll におけるスタックベースのバッファオーバーフローの脆弱性	CWE-119 バッファエラー	CVE-2007-5911	2012-12-20 18:33	2007-11-9	Show	GitHub Exploit DB Packet Storm

230732	4.7	警告	Xen プロジェクト	-	Xen におけるサービス運用妨害 (DoS) の脆弱性	CWE-DesignError	CVE-2007-5906	2012-12-20 18:33	2007-11-9	Show	GitHub Exploit DB Packet Storm

230733	10	危険	ssreader	-	SSReader の pdg2.dll ActiveX コントロールにおけるスタックベースのバッファオーバーフローの脆弱性	CWE-119 バッファエラー	CVE-2007-5892	2012-12-20 18:33	2007-11-7	Show	GitHub Exploit DB Packet Storm

230734	6.8	警告	scwiki	-	scWiki の includes/common.php における PHP リモートファイルインクルージョンの脆弱性	CWE-94 コード・インジェクション	CVE-2007-5843	2012-12-20 18:33	2007-11-6	Show	GitHub Exploit DB Packet Storm

230735	6.8	警告	vortex portal	-	Vortex Portal における PHP リモートファイルインクルージョンの脆弱性	CWE-94 コード・インジェクション	CVE-2007-5842	2012-12-20 18:33	2007-11-6	Show	GitHub Exploit DB Packet Storm

230736	6.8	警告	SyndeoCMS	-	Fred Stuurman SyndeoCMS の starnet/themes/c-sky/main.inc.php における PHP リモートファイルインクルージョンの脆弱性	CWE-94 コード・インジェクション	CVE-2007-5840	2012-12-20 18:33	2007-11-5	Show	GitHub Exploit DB Packet Storm

230737	7.2	危険	シマンテック	-	Symantec Altiris Deployment Solution の Aclient におけるローカルのシステム権限を取得される脆弱性	CWE-16 環境設定	CVE-2007-5838	2012-12-20 18:33	2007-10-30	Show	GitHub Exploit DB Packet Storm

230738	6.8	警告	yarssr	-	yarssr の GUI.pm における任意のコマンドを実行される脆弱性	CWE-94 コード・インジェクション	CVE-2007-5837	2012-12-20 18:33	2007-11-5	Show	GitHub Exploit DB Packet Storm

230739	7.5	危険	ssl-explorer	-	SSL-Explorer の selectLanguage.do における HTTP トランザクション内にデータを挿入される脆弱性	CWE-20 不適切な入力確認	CVE-2007-5832	2012-12-20 18:33	2007-08-3	Show	GitHub Exploit DB Packet Storm

230740	5	警告	ssl-explorer	-	SSL-Explorer の fileSystem.do におけるディレクトリトラバーサルの脆弱性	CWE-22 パス・トラバーサル	CVE-2007-5831	2012-12-20 18:33	2007-11-5	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:May 28, 2026, 4:16 a.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
213931	5.4	MEDIUM Network	fortinet	fortianalyzer	A improper neutralization of input during web page generation ('cross-site scripting') in Fortinet FortiAnalyzer version 6.0.6 and below, version 6.4.4 allows attacker to execute unauthorized code or…	CWE-79 Cross-site Scripting	CVE-2020-12814	2024-11-21 14:00	2021-11-3	Show	GitHub Exploit DB Packet Storm

213932	7.5	HIGH Network	3xlogic	infinias_eidc32_firmware	Missing TLS certificate validation on 3xLogic Infinias eIDC32 devices through 3.4.125 allows an attacker to intercept/control the channel by which door lock policies are applied.	CWE-295 Improper Certificate Validation	CVE-2020-12681	2024-11-21 14:00	2021-07-26	Show	GitHub Exploit DB Packet Storm

213933	8.1	HIGH Adjacent	depstech	wifi_digital_microscope_3_firmware	DEPSTECH WiFi Digital Microscope 3 allows remote attackers to change the SSID and password, and demand a ransom payment from the rightful device owner, because there is no way to reset to Factory Def…	CWE-862 Missing Authorization	CVE-2020-12734	2024-11-21 14:00	2021-07-16	Show	GitHub Exploit DB Packet Storm

213934	7.5	HIGH Network	depstech	wifi_digital_microscope_3_firmware	Certain Shenzhen PENGLIXIN components on DEPSTECH WiFi Digital Microscope 3, as used by Shekar Endoscope, allow a TELNET connection with the molinkadmin password for the molink account.	CWE-863 Incorrect Authorization	CVE-2020-12733	2024-11-21 14:00	2021-07-16	Show	GitHub Exploit DB Packet Storm

213935	6.5	MEDIUM Adjacent	depstech	wifi_digital_microscope_3_firmware	DEPSTECH WiFi Digital Microscope 3 has a default SSID of Jetion_xxxxxxxx with a password of 12345678.	CWE-1188 Insecure Default Initialization of Resource	CVE-2020-12732	2024-11-21 14:00	2021-07-16	Show	GitHub Exploit DB Packet Storm

213936	7.5	HIGH Network	magicsmotion	flamingo_2_firmware	The MagicMotion Flamingo 2 application for Android stores data on an sdcard under com.vt.magicmotion/files/Pictures, whence it can be read by other applications.	CWE-312 Cleartext Storage of Sensitive Information	CVE-2020-12731	2024-11-21 14:00	2021-07-16	Show	GitHub Exploit DB Packet Storm

213937	5.3	MEDIUM Adjacent	magicsmotion	flamingo_2_firmware	MagicMotion Flamingo 2 lacks BLE encryption, enabling data sniffing and packet forgery.	CWE-319 Cleartext Transmission of Sensitive Information	CVE-2020-12730	2024-11-21 14:00	2021-07-16	Show	GitHub Exploit DB Packet Storm

213938	4.6	MEDIUM Physics	magicsmotion	flamingo_2_firmware	MagicMotion Flamingo 2 has a lack of access control for reading from device descriptors.	NVD-CWE-Other	CVE-2020-12729	2024-11-21 14:00	2021-07-16	Show	GitHub Exploit DB Packet Storm

213939	5.5	MEDIUM Local	amd	radeon_pro_software radeon_software	A heap information leak/kernel pool address disclosure vulnerability in the AMD Graphics Driver for Windows 10 may lead to KASLR bypass.	CWE-200 Information Exposure	CVE-2020-12987	2024-11-21 14:00	2021-06-12	Show	GitHub Exploit DB Packet Storm

213940	7.8	HIGH Local	amd	radeon_pro_software radeon_software	An insufficient pointer validation vulnerability in the AMD Graphics Driver for Windows 10 may cause arbitrary code execution in the kernel, leading to escalation of privilege or denial of service.	CWE-20 Improper Input Validation	CVE-2020-12986	2024-11-21 14:00	2021-06-12	Show	GitHub Exploit DB Packet Storm

Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed