Vulnerability Search Top

Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

Vulnerability Information Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":May 18, 2026, 6 p.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
230811	7.5	危険	shop-script	-	Shop-Script の cart.php における PHP リモートファイルインクルージョンの脆弱性	-	CVE-2007-2331	2012-12-20 18:19	2007-04-26	Show	GitHub Exploit DB Packet Storm

230812	7.5	危険	searchactivity	-	Searchactivity の searchbot.php における PHP リモートファイルインクルージョンの脆弱性	-	CVE-2007-2329	2012-12-20 18:19	2007-04-26	Show	GitHub Exploit DB Packet Storm

230813	7.5	危険	phpmytgp	-	phpMYTGP の addvip.php における PHP リモートファイルインクルージョンの脆弱性	-	CVE-2007-2328	2012-12-20 18:19	2007-04-26	Show	GitHub Exploit DB Packet Storm

230814	10	危険	SilverStripe	-	SilverStripe の検索機能における脆弱性	-	CVE-2007-2321	2012-12-20 18:19	2007-04-17	Show	GitHub Exploit DB Packet Storm

230815	7.5	危険	VWar	-	PHP-Nuke 用の VWar モジュールにおける SQL インジェクションの脆弱性	-	CVE-2007-2312	2012-12-20 18:19	2007-04-26	Show	GitHub Exploit DB Packet Storm

230816	7.5	危険	webkalk2	-	WebKalk2 の engine/engine.inc.php における PHP リモートファイルインクルージョンの脆弱性	-	CVE-2007-2307	2012-12-20 18:19	2007-04-26	Show	GitHub Exploit DB Packet Storm

230817	4.3	警告	VWar	-	PHP-Nuke 用の VWar モジュールにおけるクロスサイトスクリプティングの脆弱性	-	CVE-2007-2306	2012-12-20 18:19	2007-04-26	Show	GitHub Exploit DB Packet Storm

230818	7.5	危険	qdblog	-	QDBlog の authenticate.php における SQL インジェクションの脆弱性	-	CVE-2007-2305	2012-12-20 18:19	2007-04-26	Show	GitHub Exploit DB Packet Storm

230819	7.5	危険	qdblog	-	QDBlog におけるディレクトリトラバーサルの脆弱性	-	CVE-2007-2304	2012-12-20 18:19	2007-04-26	Show	GitHub Exploit DB Packet Storm

230820	4.3	警告	surat kabar	-	Endy Kristanto Surat kabar / News Management Online におけるクロスサイトスクリプティングの脆弱性	-	CVE-2007-2300	2012-12-20 18:19	2007-04-26	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:May 19, 2026, 4:16 a.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
210861	6.7	MEDIUM Local	x.org fedoraproject canonical opensuse	libx11 fedora ubuntu_linux leap	An integer overflow leading to a heap-buffer overflow was found in The X Input Method (XIM) client was implemented in libX11 before version 1.6.10. As per upstream this is security relevant when setu…	CWE-190 Integer Overflow or Wraparound	CVE-2020-14344	2024-11-21 14:03	2020-08-5	Show	GitHub Exploit DB Packet Storm

210862	5.9	MEDIUM Network	redhat	enmasse amq_online	It was found that the AMQ Online console is vulnerable to a Cross-Site Request Forgery (CSRF) which is exploitable in cases where preflight checks are not instigated or bypassed. For example authoris…	CWE-352 Origin Validation Error	CVE-2020-14319	2024-11-21 14:03	2020-08-4	Show	GitHub Exploit DB Packet Storm

210863	7.5	HIGH Network	inductiveautomation	ignition_gateway	The affected product is vulnerable to an information leak, which may allow an attacker to obtain sensitive information on the Ignition 8 (all versions prior to 8.0.13).	CWE-862 Missing Authorization	CVE-2020-14520	2024-11-21 14:03	2020-07-31	Show	GitHub Exploit DB Packet Storm

210864	5.8	MEDIUM Network	redhat	ansible_tower	A data exposure flaw was found in Tower, where sensitive data was revealed from the HTTP return error codes. This flaw allows an unauthenticated, remote attacker to retrieve pages from the default or…	CWE-209 Information Exposure Through an Error Message	CVE-2020-14337	2024-11-21 14:03	2020-07-31	Show	GitHub Exploit DB Packet Storm

210865	8.8	HIGH Local	redhat	satellite	A flaw was found in Red Hat Satellite 6 which allows privileged attacker to read cache files. These cache credentials could help attacker to gain complete control of the Satellite instance.	-	CVE-2020-14334	2024-11-21 14:03	2020-07-31	Show	GitHub Exploit DB Packet Storm

210866	8.8	HIGH Network	freemedsoftware	openclinic_ga	OpenClinic GA 5.09.02 and 5.89.05b does not properly verify uploaded files, which may allow a low-privilege user to upload and execute arbitrary files on the system.	CWE-434 Unrestricted Upload of File with Dangerous Type	CVE-2020-14488	2024-11-21 14:03	2020-07-29	Show	GitHub Exploit DB Packet Storm

210867	9.8	CRITICAL Network	freemedsoftware	openclinic_ga	OpenClinic GA 5.09.02 contains a hidden default user account that may be accessed if an administrator has not expressly turned off this account, which may allow an attacker to login and execute arbit…	NVD-CWE-Other	CVE-2020-14487	2024-11-21 14:03	2020-07-29	Show	GitHub Exploit DB Packet Storm

210868	8.8	HIGH Network	openclinic_ga_project	openclinic_ga	An attacker may bypass permission/authorization checks in OpenClinic GA 5.09.02 and 5.89.05b by ignoring the redirect of a permission failure, which may allow unauthorized execution of commands.	CWE-863 Incorrect Authorization	CVE-2020-14486	2024-11-21 14:03	2020-07-29	Show	GitHub Exploit DB Packet Storm

210869	8.8	HIGH Network	openclinic_ga_project	openclinic_ga	A low-privilege user may use SQL syntax to write arbitrary files to the OpenClinic GA 5.09.02 and 5.89.05b server, which may allow the execution of arbitrary commands.	CWE-269 Improper Privilege Management	CVE-2020-14493	2024-11-21 14:03	2020-07-29	Show	GitHub Exploit DB Packet Storm

210870	6.1	MEDIUM Network	openclinic_ga_project	openclinic_ga	OpenClinic GA 5.09.02 and 5.89.05b does not properly neutralize user-controllable input, which may allow the execution of malicious code within the user’s browser.	CWE-79 Cross-site Scripting	CVE-2020-14492	2024-11-21 14:03	2020-07-29	Show	GitHub Exploit DB Packet Storm