Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":June 3, 2026, 10 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
230871 5 警告 VideoLAN - VideoLAN VLC のブラウザプラグインにおける任意のファイルを上書きされる脆弱性 CWE-DesignError
CVE-2007-6683 2012-12-20 18:34 2008-01-16 Show GitHub Exploit DB Packet Storm
230872 7.5 危険 VideoLAN - VideoLAN VLC の httpd_FileCallBack 関数 におけるフォーマットストリングの脆弱性 CWE-DesignError
CVE-2007-6682 2012-12-20 18:34 2008-01-16 Show GitHub Exploit DB Packet Storm
230873 7.5 危険 VideoLAN - VideoLAN VLC の modules/demux/subtitle.c におけるスタックベースのバッファオーバーフローの脆弱性 CWE-119
バッファエラー 		CVE-2007-6681 2012-12-20 18:34 2008-01-16 Show GitHub Exploit DB Packet Storm
230874 5 警告 uber uploader - UU の初期設定におけるアップロードに危険な拡張子を使用される脆弱性 CWE-16
環境設定 		CVE-2007-6676 2012-12-20 18:34 2008-01-8 Show GitHub Exploit DB Packet Storm
230875 4.3 警告 rapidshare - RapidShare Database の Default.asp におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2007-6674 2012-12-20 18:34 2008-01-8 Show GitHub Exploit DB Packet Storm
230876 7.5 危険 phpcredo - PHCDownload の search.php における SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2007-6670 2012-12-20 18:34 2008-01-7 Show GitHub Exploit DB Packet Storm
230877 4.3 警告 phpcredo - PHCDownload の search.php におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2007-6669 2012-12-20 18:34 2008-01-7 Show GitHub Exploit DB Packet Storm
230878 7.5 危険 Zenphoto - Zenphoto の rss.php における SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2007-6666 2012-12-20 18:34 2008-01-4 Show GitHub Exploit DB Packet Storm
230879 7.5 危険 webportal - WebPortal CMS の index.php における SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2007-6664 2012-12-20 18:34 2008-01-4 Show GitHub Exploit DB Packet Storm
230880 7.5 危険 pragmaticutopia - Joomla! 用の Pragmatic Utopia PU Arcade コンポーネントにおける SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2007-6663 2012-12-20 18:34 2008-01-4 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:June 3, 2026, 4:18 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
209821 9.6 CRITICAL
Network 		mitel micloud_management_portal Mitel MiCloud Management Portal before 6.1 SP5 could allow an unauthenticated attacker to execute arbitrary scripts due to insufficient input validation, aka XSS. A successful exploit could allow an … CWE-79
Cross-site Scripting 		CVE-2020-24594 2024-11-21 14:15 2020-09-25 Show GitHub Exploit DB Packet Storm
209822 7.2 HIGH
Network 		mitel micloud_management_portal Mitel MiCloud Management Portal before 6.1 SP5 could allow a remote attacker to conduct a SQL Injection attack and access user credentials due to improper input validation. CWE-20
CWE-89
 Improper Input Validation 
SQL Injection 		CVE-2020-24593 2024-11-21 14:15 2020-09-25 Show GitHub Exploit DB Packet Storm
209823 5.3 MEDIUM
Network 		mitel micloud_management_portal Mitel MiCloud Management Portal before 6.1 SP5 could allow an attacker, by sending a crafted request, to view system information due to insufficient output sanitization. CWE-116
 Improper Encoding or Escaping of Output 		CVE-2020-24592 2024-11-21 14:15 2020-09-25 Show GitHub Exploit DB Packet Storm
209824 9.8 CRITICAL
Network 		hpe utility_computing_service_meter Unathenticated directory traversal in the ReceiverServlet class doPost() method can lead to arbitrary remote code execution in HPE Pay Per Use (PPU) Utility Computing Service (UCS) Meter version 1.9. CWE-22
Path Traversal 		CVE-2020-24626 2024-11-21 14:15 2020-09-23 Show GitHub Exploit DB Packet Storm
209825 7.5 HIGH
Network 		hpe utility_computing_service_meter Unathenticated directory traversal in the ReceiverServlet class doGet() method can lead to arbitrary file reads in HPE Pay Per Use (PPU) Utility Computing Service (UCS) Meter version 1.9. CWE-22
Path Traversal 		CVE-2020-24625 2024-11-21 14:15 2020-09-23 Show GitHub Exploit DB Packet Storm
209826 7.5 HIGH
Network 		hpe utility_computing_service_meter Unathenticated directory traversal in the DownloadServlet class execute() method can lead to arbitrary file reads in HPE Pay Per Use (PPU) Utility Computing Service (UCS) Meter version 1.9. CWE-22
Path Traversal 		CVE-2020-24624 2024-11-21 14:15 2020-09-23 Show GitHub Exploit DB Packet Storm
209827 5.9 MEDIUM
Network 		meltytech shotcut In mainwindow.cpp in Shotcut before 20.09.13, the upgrade check misuses TLS because of setPeerVerifyMode(QSslSocket::VerifyNone). A man-in-the-middle attacker could offer a spoofed download resource. CWE-295
Improper Certificate Validation  		CVE-2020-24619 2024-11-21 14:15 2020-09-22 Show GitHub Exploit DB Packet Storm
209828 6.5 MEDIUM
Adjacent 		hpe universal_api_framework A potential security vulnerability has been identified in Hewlett Packard Enterprise Universal API Framework. The vulnerability could be remotely exploited to allow SQL injection in HPE Universal API… CWE-89
SQL Injection 		CVE-2020-24623 2024-11-21 14:15 2020-09-19 Show GitHub Exploit DB Packet Storm
209829 9.8 CRITICAL
Network 		lemonldap-ng
debian 		lemonldap\
debian_linux 		An issue was discovered in LemonLDAP::NG through 2.0.8, when NGINX is used. An attacker may bypass URL-based access control to protected Virtual Hosts by submitting a non-normalized URI. This also af… CWE-425
 Direct Request ('Forced Browsing') 		CVE-2020-24660 2024-11-21 14:15 2020-09-14 Show GitHub Exploit DB Packet Storm
209830 6.1 MEDIUM
Network 		zulipchat zulip_desktop Zulip Desktop before 5.4.3 allows XSS because string escaping is mishandled during composition of the HTML for the user interface. CWE-79
Cross-site Scripting 		CVE-2020-24582 2024-11-21 14:15 2020-09-11 Show GitHub Exploit DB Packet Storm