Vulnerability Search Top

Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

Vulnerability Information Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":May 19, 2026, 6 p.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
230821	7.5	危険	wf-links	-	XOOPS 用の WF-Links モジュールにおける SQL インジェクションの脆弱性	-	CVE-2007-2373	2012-12-20 18:19	2005-06-22	Show	GitHub Exploit DB Packet Storm

230822	9.3	危険	シマンテック	-	Windows 用の Symantec Storage Foundation における認証を回避される脆弱性	CWE-264 認可・権限・アクセス制御	CVE-2007-2279	2012-12-20 18:19	2007-06-1	Show	GitHub Exploit DB Packet Storm

230823	7.5	危険	Plogger Project	-	Plogger におけるセッションをハイジャックされる脆弱性	CWE-287 不適切な認証	CVE-2007-2277	2012-12-20 18:19	2007-04-25	Show	GitHub Exploit DB Packet Storm

230824	9.4	危険	rajneel lal totaram	-	Rajneel Lal TotaRam USP FOSS におけるディレクトリトラバーサルの脆弱性	-	CVE-2007-2271	2012-12-20 18:19	2007-04-25	Show	GitHub Exploit DB Packet Storm

230825	5	警告	swsoft	-	Windows 用の SWsoft Plesk の top.php3 におけるディレクトリトラバーサルの脆弱性	-	CVE-2007-2269	2012-12-20 18:19	2007-04-25	Show	GitHub Exploit DB Packet Storm

230826	5	警告	swsoft	-	Windows 用の SWsoft Plesk におけるディレクトリトラバーサルの脆弱性	-	CVE-2007-2268	2012-12-20 18:19	2007-04-25	Show	GitHub Exploit DB Packet Storm

230827	6.8	警告	サン・マイクロシステムズ	-	Sun Cluster および Solaris Cluster におけるサービス運用妨害 (DoS) の脆弱性	-	CVE-2007-2267	2012-12-20 18:19	2007-04-24	Show	GitHub Exploit DB Packet Storm

230828	10	危険	Progress Software Corporation	-	Progress Webspeed Messenger における任意のファイルを実行される脆弱性	CWE-DesignError	CVE-2007-2266	2012-12-20 18:19	2007-04-25	Show	GitHub Exploit DB Packet Storm

230829	6.8	警告	phpee	-	YA Book におけるクロスサイトスクリプティングの脆弱性	-	CVE-2007-2265	2012-12-20 18:19	2007-04-25	Show	GitHub Exploit DB Packet Storm

230830	7.5	危険	sinato	-	Sinato jmuffin の html/php/detail.php における PHP リモートファイルインクルージョンの脆弱性	CWE-94 コード・インジェクション	CVE-2007-2262	2012-12-20 18:19	2007-04-25	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:May 19, 2026, 4:16 a.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
197851	9.8	CRITICAL Network	phpzag	phpzag	SQL injection with start and length parameters in Records.php for phpzag live add edit delete data tables records with ajax php mysql	CWE-89 SQL Injection	CVE-2020-8521	2024-11-21 14:38	2020-07-8	Show	GitHub Exploit DB Packet Storm

197852	9.8	CRITICAL Network	phpzag	phpzag	SQL injection in order and column parameters in Records.php for phpzag live add edit delete data tables records with ajax php mysql	CWE-89 SQL Injection	CVE-2020-8520	2024-11-21 14:38	2020-07-8	Show	GitHub Exploit DB Packet Storm

197853	9.8	CRITICAL Network	phpzag	phpzag	SQL injection with the search parameter in Records.php for phpzag live add edit delete data tables records with ajax php mysql	CWE-89 SQL Injection	CVE-2020-8519	2024-11-21 14:38	2020-07-8	Show	GitHub Exploit DB Packet Storm

197854	8.8	HIGH Network	ui	unifi_protect_firmware	We have recently released new version of UniFi Protect firmware v1.13.3 and v1.14.10 for Unifi Cloud Key Gen2 Plus and UniFi Dream Machine Pro/UNVR respectively that fixes vulnerabilities found on Pr…	CWE-78 OS Command	CVE-2020-8188	2024-11-21 14:38	2020-07-3	Show	GitHub Exploit DB Packet Storm

197855	6.5	MEDIUM Network	rubyonrails fedoraproject	rails fedora	A denial of service vulnerability exists in Rails <6.0.3.2 that allowed an untrusted user to run any pending migrations on a Rails app running in production.	CWE-400 Uncontrolled Resource Consumption	CVE-2020-8185	2024-11-21 14:38	2020-07-3	Show	GitHub Exploit DB Packet Storm

197856	4.1	MEDIUM Network	nextcloud	deck	Improper access control in Nextcloud Deck 1.0.0 allowed an attacker to inject tasks into other users decks.	CWE-269 Improper Privilege Management	CVE-2020-8179	2024-11-21 14:38	2020-07-3	Show	GitHub Exploit DB Packet Storm

197857	6.1	MEDIUM Network	shopify	koa-shopify-auth	A cross-site scripting vulnerability exists in koa-shopify-auth v3.1.61-v3.1.62 that allows an attacker to inject JS payloads into the `shop` parameter on the `/shopify/auth/enable_cookies` endpoint.	CWE-79 Cross-site Scripting	CVE-2020-8176	2024-11-21 14:38	2020-07-3	Show	GitHub Exploit DB Packet Storm

197858	4.3	MEDIUM Network	rubyonrails debian	rails debian_linux	A CSRF forgery vulnerability exists in rails < 5.2.5, rails < 6.0.4 that makes it possible for an attacker to, given a global CSRF token such as the one present in the authenticity_token meta tag, fo…	CWE-352 Origin Validation Error	CVE-2020-8166	2024-11-21 14:38	2020-07-3	Show	GitHub Exploit DB Packet Storm

197859	8.8	HIGH Network	rubyonrails debian	rails debian_linux	The is a code injection vulnerability in versions of Rails prior to 5.0.1 that wouldallow an attacker who controlled the `locals` argument of a `render` call to perform a RCE.	CWE-94 Code Injection	CVE-2020-8163	2024-11-21 14:38	2020-07-3	Show	GitHub Exploit DB Packet Storm

197860	8.6	HIGH Network	rack_project debian canonical	rack debian_linux ubuntu_linux	A directory traversal vulnerability exists in rack < 2.2.0 that allows an attacker perform directory traversal vulnerability in the Rack::Directory app that is bundled with Rack which could result in…	CWE-22 Path Traversal	CVE-2020-8161	2024-11-21 14:38	2020-07-3	Show	GitHub Exploit DB Packet Storm