Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":May 21, 2026, 6:01 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
230791 4.3 警告 サン・マイクロシステムズ - Windows 用の SJS Application Server における JSP ソースコードを取得される脆弱性 - CVE-2007-4025 2012-12-20 18:33 2007-07-24 Show GitHub Exploit DB Packet Storm
230792 4.3 警告 w1l3d4 - W1L3D4 Philboard の W1L3D4_aramasonuc.asp におけるクロスサイトスクリプティングの脆弱性 - CVE-2007-4024 2012-12-20 18:33 2007-07-26 Show GitHub Exploit DB Packet Storm
230793 4.3 警告 WordPress.org - WordPress 用の Blix テーマなどに関する特定の index.php インストールスクリプトにおけるクロスサイトスクリプティングの脆弱性 - CVE-2007-4014 2012-12-20 18:33 2007-07-25 Show GitHub Exploit DB Packet Storm
230794 6.8 警告 virtual hosting control system - VHCS におけるセッションをハイジャックされる脆弱性 CWE-287
不適切な認証 		CVE-2007-3988 2012-12-20 18:33 2007-07-25 Show GitHub Exploit DB Packet Storm
230795 5 警告 securecomputing - Secure Computing SecurityReporter の file.cgi における認証を回避される脆弱性 - CVE-2007-3986 2012-12-20 18:33 2007-07-25 Show GitHub Exploit DB Packet Storm
230796 5 警告 securecomputing - SecurityReporter の file.cgi におけるディレクトリトラバーサルの脆弱性 - CVE-2007-3985 2012-12-20 18:33 2007-07-25 Show GitHub Exploit DB Packet Storm
230797 7.5 危険 zenturi - sasatl.dll の NixonMyPrograms クラスにおけるバッファオーバーフローの脆弱性 - CVE-2007-3984 2012-12-20 18:33 2007-07-25 Show GitHub Exploit DB Packet Storm
230798 7.5 危険 wsnlinks - WSN Links Basic Edition の index.php における SQL インジェクションの脆弱性 - CVE-2007-3981 2012-12-20 18:33 2007-07-25 Show GitHub Exploit DB Packet Storm
230799 10 危険 rcms pro - RCMS Pro RGameScript Pro の page.php における PHP リモートファイルインクルージョンの脆弱性 - CVE-2007-3980 2012-12-20 18:33 2007-07-25 Show GitHub Exploit DB Packet Storm
230800 6.8 警告 ufmod - uFMOD における脆弱性 - CVE-2007-3965 2012-12-20 18:33 2007-07-25 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:May 21, 2026, 4:10 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
198161 9.8 CRITICAL
Network 		typeorm typeorm Prototype pollution vulnerability in the TypeORM package < 0.2.25 may allow attackers to add or modify Object properties leading to further denial of service or SQL injection attacks. CWE-1321
 Improperly Controlled Modification of Object Prototype Attributes ('Prototype Pollution') 		CVE-2020-8158 2024-11-21 14:38 2020-09-19 Show GitHub Exploit DB Packet Storm
198162 5.5 MEDIUM
Local 		puppet continuous_delivery Local registry credentials were included directly in the CD4PE deployment definition, which could expose these credentials to users who should not have access to them. This is resolved in Continuous … CWE-522
 Insufficiently Protected Credentials 		CVE-2020-7945 2024-11-21 14:38 2020-09-19 Show GitHub Exploit DB Packet Storm
198163 9.3 CRITICAL
Local 		suse salt-netapi-client A Improper Access Control vulnerability in the configuration of salt of SUSE Linux Enterprise Module for SUSE Manager Server 4.1, SUSE Manager Proxy 4.0, SUSE Manager Retail Branch Server 4.0, SUSE M… - CVE-2020-8028 2024-11-21 14:38 2020-09-17 Show GitHub Exploit DB Packet Storm
198164 5.5 MEDIUM
Local 		lenovo system_interface_foundation A denial of service vulnerability was reported in the Lenovo Vantage component called Lenovo System Interface Foundation prior to version 1.1.19.5 that could allow configuration files to be written t… CWE-276
Incorrect Default Permissions  		CVE-2020-8346 2024-11-21 14:38 2020-09-16 Show GitHub Exploit DB Packet Storm
198165 7.0 HIGH
Local 		lenovo system_update A race condition vulnerability was reported in Lenovo System Update prior to version 5.07.0106 that could allow escalation of privilege. CWE-362
Race Condition 		CVE-2020-8342 2024-11-21 14:38 2020-09-16 Show GitHub Exploit DB Packet Storm
198166 6.1 MEDIUM
Network 		lenovo integrated_management_module_2 A cross-site scripting (XSS) vulnerability was discovered in the legacy IBM and Lenovo System x IMM2 (Integrated Management Module 2), prior to version 5.60, embedded Baseboard Management Controller … CWE-79
Cross-site Scripting 		CVE-2020-8340 2024-11-21 14:38 2020-09-16 Show GitHub Exploit DB Packet Storm
198167 6.1 MEDIUM
Network 		ibm bladecenter_advanced_management_module_firmware A cross-site scripting inclusion (XSSI) vulnerability was reported in the legacy IBM BladeCenter Advanced Management Module (AMM) web interface prior to version 3.68n [BPET68N]. This vulnerability co… CWE-79
Cross-site Scripting 		CVE-2020-8339 2024-11-21 14:38 2020-09-16 Show GitHub Exploit DB Packet Storm
198168 2.4 LOW
Physics 		lenovo thinkpad_t490_\(20nx\)_firmware
thinkpad_t490_\(20qx\)_firmware
thinkpad_t490_\(20rx\)_firmware
thinkpad_t490s_\(20nx\)_firmware
thinkpad_t495_drift_firmware
thinkpad_t590_\(20nx\)_fir… 		In Lenovo systems, SMM BIOS Write Protection is used to prevent writes to SPI Flash. While this provides sufficient protection, an additional layer of protection is provided by SPI Protected Range Re… NVD-CWE-noinfo
CVE-2020-8341 2024-11-21 14:38 2020-09-2 Show GitHub Exploit DB Packet Storm
198169 6.8 MEDIUM
Physics 		lenovo thinkpad_a275_firmware
thinkpad_a285_firmware
thinkpad_a475_firmware
thinkpad_a485_firmware
thinkpad_t495_drift_firmware
thinkpad_t495s_jazz_firmware
thinkpad_x1_carbon_\(20bx\)_fir… 		The BIOS tamper detection mechanism was not triggered in Lenovo ThinkPad A285, BIOS versions up to r0xuj70w; A485, BIOS versions up to r0wuj65w; T495 BIOS versions up to r12uj55w; T495s/X395, BIOS ve… NVD-CWE-noinfo
CVE-2020-8335 2024-11-21 14:38 2020-09-2 Show GitHub Exploit DB Packet Storm
198170 7.8 HIGH
Local 		opensuse openldap2 A acceptance of Extraneous Untrusted Data With Trusted Data vulnerability in the start script of openldap2 of SUSE Enterprise Storage 5, SUSE Linux Enterprise Debuginfo 11-SP3, SUSE Linux Enterprise … - CVE-2020-8023 2024-11-21 14:38 2020-09-1 Show GitHub Exploit DB Packet Storm