Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":May 20, 2026, 6 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
230821 6.8 警告 simian systems inc - Idan Sofer PHP::HTML の phphtml.php における PHP リモートファイルインクルージョンの脆弱性 - CVE-2007-3230 2012-12-20 18:19 2007-06-14 Show GitHub Exploit DB Packet Storm
230822 6.8 警告 singapore - Singapore Gallery の index.php における重要な情報を取得される脆弱性 - CVE-2007-3229 2012-12-20 18:19 2007-06-14 Show GitHub Exploit DB Packet Storm
230823 6.8 警告 simian systems inc - Sitellite CMS における PHP リモートファイルインクルージョンの脆弱性 - CVE-2007-3228 2012-12-20 18:19 2007-06-14 Show GitHub Exploit DB Packet Storm
230824 4.3 警告 Ruby on Rails project - Ruby on Rails の to_json 関数におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2007-3227 2012-12-20 18:19 2007-06-14 Show GitHub Exploit DB Packet Storm
230825 6.4 警告 サン・マイクロシステムズ - slapd における特定のデータを変更される脆弱性 - CVE-2007-3225 2012-12-20 18:19 2007-06-13 Show GitHub Exploit DB Packet Storm
230826 5 警告 サン・マイクロシステムズ - slapd におけるエントリの属性の存在を特定される脆弱性 - CVE-2007-3224 2012-12-20 18:19 2007-06-13 Show GitHub Exploit DB Packet Storm
230827 7.5 危険 XOOPS - XOOPS 用の XFsection モジュールにおける PHP リモートファイルインクルージョンの脆弱性 - CVE-2007-3222 2012-12-20 18:19 2007-06-14 Show GitHub Exploit DB Packet Storm
230828 6.8 警告 XOOPS - XOOPS 用の XT-Conteudo モジュールにおける PHP リモートファイルインクルージョンの脆弱性 - CVE-2007-3221 2012-12-20 18:19 2007-06-14 Show GitHub Exploit DB Packet Storm
230829 6.8 警告 XOOPS - XOOPS 用の Cjay Content モジュールにおける PHP リモートファイルインクルージョンの脆弱性 - CVE-2007-3220 2012-12-20 18:19 2007-06-14 Show GitHub Exploit DB Packet Storm
230830 7.5 危険 prototype of an php application - PHP アプリケーションの Prototype における PHP リモートファイルインクルージョンの脆弱性 - CVE-2007-3217 2012-12-20 18:19 2007-06-14 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:May 20, 2026, 4:14 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
198231 4.8 MEDIUM
Network 		kronos web_time_and_attendance In Kronos Web Time and Attendance (webTA) 4.1.x and later 4.x versions before 5.0, there is a Stored XSS vulnerability by setting the Application Banner input field of the /ApplicationBanner page as … CWE-79
Cross-site Scripting 		CVE-2020-8496 2024-11-21 14:38 2020-01-31 Show GitHub Exploit DB Packet Storm
198232 7.5 HIGH
Network 		kronos web_time_and_attendance In Kronos Web Time and Attendance (webTA) 3.8.x and later 3.x versions before 4.0, the com.threeis.webta.H491delegate servlet allows an attacker with Timekeeper or Supervisor privileges to gain unaut… CWE-862
 Missing Authorization 		CVE-2020-8495 2024-11-21 14:38 2020-01-31 Show GitHub Exploit DB Packet Storm
198233 8.8 HIGH
Network 		kronos web_time_and_attendance In Kronos Web Time and Attendance (webTA) 3.8.x and later 3.x versions before 4.0, the com.threeis.webta.H402editUser servlet allows an attacker with Timekeeper, Master Timekeeper, or HR Admin privil… NVD-CWE-noinfo
CVE-2020-8494 2024-11-21 14:38 2020-01-31 Show GitHub Exploit DB Packet Storm
198234 4.8 MEDIUM
Network 		kronos web_time_and_attendance A stored XSS vulnerability in Kronos Web Time and Attendance (webTA) affects 3.8.x and later 3.x versions before 4.0 via multiple input fields (Login Message, Banner Message, and Password Instruction… CWE-79
Cross-site Scripting 		CVE-2020-8493 2024-11-21 14:38 2020-01-31 Show GitHub Exploit DB Packet Storm
198235 5.5 MEDIUM
Local 		bitdefender total_security_2020 A vulnerability in the improper handling of junctions before deletion in Bitdefender Total Security 2020 can allow an attacker to to trigger a denial of service on the affected device. CWE-20
 Improper Input Validation  		CVE-2020-8095 2024-11-21 14:38 2020-01-31 Show GitHub Exploit DB Packet Storm
198236 6.5 MEDIUM
Network 		python
opensuse
canonical
fedoraproject
debian 		python
leap
ubuntu_linux
fedora
debian_linux 		Python 2.7 through 2.7.17, 3.5 through 3.5.9, 3.6 through 3.6.10, 3.7 through 3.7.6, and 3.8 through 3.8.1 allows an HTTP server to conduct Regular Expression Denial of Service (ReDoS) attacks agains… CWE-400
 Uncontrolled Resource Consumption 		CVE-2020-8492 2024-11-21 14:38 2020-01-31 Show GitHub Exploit DB Packet Storm
198237 7.8 HIGH
Local 		bitdefender antivirus A vulnerability in the AntivirusforMac binary as used in Bitdefender Antivirus for Mac allows an attacker to inject a library using DYLD environment variable to cause third-party code execution CWE-74
Injection 		CVE-2020-8093 2024-11-21 14:38 2020-01-31 Show GitHub Exploit DB Packet Storm
198238 5.5 MEDIUM
Local 		bitdefender antivirus A privilege escalation vulnerability in BDLDaemon as used in Bitdefender Antivirus for Mac allows a local attacker to obtain authentication tokens for requests submitted to the Bitdefender Cloud. Thi… CWE-269
 Improper Privilege Management 		CVE-2020-8092 2024-11-21 14:38 2020-01-31 Show GitHub Exploit DB Packet Storm
198239 5.5 MEDIUM
Local 		ossec ossec In OSSEC-HIDS 2.7 through 3.5.0, the server component responsible for log analysis (ossec-analysisd) is vulnerable to a denial of service (NULL pointer dereference) via crafted messages written direc… CWE-476
 NULL Pointer Dereference 		CVE-2020-8448 2024-11-21 14:38 2020-01-30 Show GitHub Exploit DB Packet Storm
198240 9.8 CRITICAL
Network 		ossec ossec In OSSEC-HIDS 2.7 through 3.5.0, the server component responsible for log analysis (ossec-analysisd) is vulnerable to a use-after-free during processing of syscheck formatted msgs (received from auth… CWE-416
 Use After Free 		CVE-2020-8447 2024-11-21 14:38 2020-01-30 Show GitHub Exploit DB Packet Storm