Vulnerability Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":May 18, 2026, 6 p.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
230861	7.5	危険	webslider	-	Marco Antonio Islas Cruz WebSlider における PHP リモートファイルインクルージョンの脆弱性	-	CVE-2007-2067	2012-12-20 18:19	2007-04-17	Show	GitHub Exploit DB Packet Storm

230862	5	警告	usebb	-	UseBB における重要な情報を取得される脆弱性	-	CVE-2007-2066	2012-12-20 18:19	2007-04-12	Show	GitHub Exploit DB Packet Storm

230863	4.4	警告	SSH コミュニケーションズ・セキュリティ	-	IBM z/OS 用の SSH Tectia Server における任意のプロセスを停止される脆弱性	CWE-264 認可・権限・アクセス制御	CVE-2007-2063	2012-12-20 18:19	2007-04-17	Show	GitHub Exploit DB Packet Storm

230864	9.3	危険	vcdgear	-	VCDGear におけるスタックベースのバッファオーバーフローの脆弱性	-	CVE-2007-2062	2012-12-20 18:19	2007-04-17	Show	GitHub Exploit DB Packet Storm

230865	6.8	警告	wizz computers	-	Mozilla Firefox の Wizz RSS Reader エクステンションにおけるクロスゾーンスクリプティングの脆弱性	-	CVE-2007-2060	2012-12-20 18:19	2007-04-17	Show	GitHub Exploit DB Packet Storm

230866	6.8	警告	picozip	-	Acubix PicoZip におけるディレクトリトラバーサルの脆弱性	-	CVE-2007-2058	2012-12-20 18:19	2007-04-17	Show	GitHub Exploit DB Packet Storm

230867	5	警告	ricargbook	-	RicarGBooK の header.php におけるディレクトリトラバーサルの脆弱性	-	CVE-2007-2050	2012-12-20 18:19	2007-04-16	Show	GitHub Exploit DB Packet Storm

230868	5	警告	webmethods	-	webMethods Glue の Management Console におけるディレクトリトラバーサルの脆弱性	-	CVE-2007-2048	2012-12-20 18:19	2007-04-16	Show	GitHub Exploit DB Packet Storm

230869	4.9	警告	レッドハット	-	lha の lharc.c におけるファイルを読み書きされる脆弱性	-	CVE-2007-2030	2012-12-20 18:19	2007-04-16	Show	GitHub Exploit DB Packet Storm

230870	7.5	危険	PhpWiki	-	PhpWiki の lib/plugin/UpLoad.php における二重拡張子を伴う任意の PHP ファイルを実行される脆弱性	-	CVE-2007-2025	2012-12-20 18:19	2007-04-13	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:May 19, 2026, 4:16 a.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
197821	7.2	HIGH Network	pulsesecure ivanti	pulse_connect_secure connect_secure pulse_policy_secure policy_secure	A code injection vulnerability exists in Pulse Connect Secure <9.1R8 that allows an attacker to crafted a URI to perform an arbitrary code execution via the admin web interface.	CWE-94 Code Injection	CVE-2020-8218	2024-11-21 14:38	2020-07-30	Show	GitHub Exploit DB Packet Storm

197822	5.4	MEDIUM Network	pulsesecure ivanti	pulse_connect_secure connect_secure pulse_policy_secure policy_secure	A cross site scripting (XSS) vulnerability in Pulse Connect Secure <9.1R8 allowed attackers to exploit in the URL used for Citrix ICA.	CWE-79 Cross-site Scripting	CVE-2020-8217	2024-11-21 14:38	2020-07-30	Show	GitHub Exploit DB Packet Storm

197823	4.3	MEDIUM Network	pulsesecure ivanti	pulse_connect_secure connect_secure pulse_policy_secure policy_secure	An information disclosure vulnerability in meeting of Pulse Connect Secure <9.1R8 allowed an authenticated end-users to find meeting details, if they know the Meeting ID.	NVD-CWE-noinfo	CVE-2020-8216	2024-11-21 14:38	2020-07-30	Show	GitHub Exploit DB Packet Storm

197824	5.3	MEDIUM Network	ui	unifi_protect	An information exposure vulnerability exists in UniFi Protect before v1.13.4-beta.5 that allowed unauthenticated attackers access to valid usernames for the UniFi Protect web application via HTTP res…	CWE-209 Information Exposure Through an Error Message	CVE-2020-8213	2024-11-21 14:38	2020-07-30	Show	GitHub Exploit DB Packet Storm

197825	8.1	HIGH Network	pulsesecure ivanti	pulse_connect_secure connect_secure pulse_policy_secure policy_secure	An improper authentication vulnerability exists in Pulse Connect Secure <9.1RB that allows an attacker with a users primary credentials to bypass the Google TOTP.	CWE-287 Improper Authentication	CVE-2020-8206	2024-11-21 14:38	2020-07-30	Show	GitHub Exploit DB Packet Storm

197826	6.1	MEDIUM Network	pulsesecure ivanti	pulse_connect_secure connect_secure pulse_policy_secure policy_secure	A cross site scripting (XSS) vulnerability exists in Pulse Connect Secure <9.1R5 on the PSAL Page.	CWE-79 Cross-site Scripting	CVE-2020-8204	2024-11-21 14:38	2020-07-30	Show	GitHub Exploit DB Packet Storm

197827	5.3	MEDIUM Network	nextcloud	preferred_providers	Improper check of inputs in Nextcloud Preferred Providers app v1.6.0 allowed to perform a denial of service attack when using a very long password.	CWE-307 mproper Restriction of Excessive Authentication Attempts	CVE-2020-8202	2024-11-21 14:38	2020-07-30	Show	GitHub Exploit DB Packet Storm

197828	6.5	MEDIUM Network	fastify	fastify	A denial of service vulnerability exists in Fastify v2.14.1 and v3.0.0-rc.4 that allows a malicious user to trigger resource exhaustion (when the allErrors option is used) with specially crafted sche…	CWE-400 Uncontrolled Resource Consumption	CVE-2020-8192	2024-11-21 14:38	2020-07-30	Show	GitHub Exploit DB Packet Storm

197829	8.8	HIGH Network	citrix	workspace	Improper access control in Citrix Workspace app for Windows 1912 CU1 and 2006.1 causes privilege escalation and code execution when the automatic updater service is running.	CWE-287 Improper Authentication	CVE-2020-8207	2024-11-21 14:38	2020-07-25	Show	GitHub Exploit DB Packet Storm

197830	5.5	MEDIUM Local	jpeg-js_project	jpeg-js	Uncontrolled resource consumption in `jpeg-js` before 0.4.0 may allow attacker to launch denial of service attacks using specially a crafted JPEG image.	CWE-400 Uncontrolled Resource Consumption	CVE-2020-8175	2024-11-21 14:38	2020-07-25	Show	GitHub Exploit DB Packet Storm

Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed