Vulnerability Search Top

Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

Vulnerability Information Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":May 18, 2026, 6 p.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
230881	7.5	危険	rha7 downloads	-	XOOPS 用の rha7downloads モジュールにおける SQL インジェクションの脆弱性	-	CVE-2007-2107	2012-12-20 18:19	2007-04-18	Show	GitHub Exploit DB Packet Storm

230882	6.8	警告	wabbit	-	Wabbit PHP Gallery の showpic.php におけるクロスサイトスクリプティングの脆弱性	-	CVE-2007-2098	2012-12-20 18:19	2007-04-18	Show	GitHub Exploit DB Packet Storm

230883	7.5	危険	tsdisplay4xoops	-	TSD4XOOPS の blocks/tsdisplay4xoops_block2.php における PHP リモートファイルインクルージョンの脆弱性	CWE-94 コード・インジェクション	CVE-2007-2091	2012-12-20 18:19	2007-04-18	Show	GitHub Exploit DB Packet Storm

230884	6.8	警告	tumusika evolution	-	TuMusika Evolution の index.php におけるクロスサイトスクリプティングの脆弱性	-	CVE-2007-2090	2012-12-20 18:19	2007-04-18	Show	GitHub Exploit DB Packet Storm

230885	7.5	危険	pl-php	-	pL-PHP の admin.php における認証を回避される脆弱性	-	CVE-2007-2007	2012-12-20 18:19	2007-04-12	Show	GitHub Exploit DB Packet Storm

230886	7.5	危険	pl-php	-	pL-PHP の login.php における SQL インジェクションの脆弱性	-	CVE-2007-2006	2012-12-20 18:19	2007-04-12	Show	GitHub Exploit DB Packet Storm

230887	7.5	危険	raphael limbach	-	Crea-Book の admin/admin.php における SQL インジェクションの脆弱性	CWE-89 SQLインジェクション	CVE-2007-2000	2012-12-20 18:19	2007-04-12	Show	GitHub Exploit DB Packet Storm

230888	4.3	警告	Youngzsoft	-	CmailServer WebMail の mail/signup.asp におけるクロスサイトスクリプティングの脆弱性	-	CVE-2007-1991	2012-12-20 18:19	2007-04-12	Show	GitHub Exploit DB Packet Storm

230889	7.5	危険	sam crew	-	Sam Crew MyBlog の games.php における PHP リモートファイルインクルージョンの脆弱性	-	CVE-2007-1990	2012-12-20 18:19	2007-04-12	Show	GitHub Exploit DB Packet Storm

230890	4.3	警告	phpecho cms	-	PHPEcho CMS の kernel/filters.inc.php におけるクロスサイトスクリプティングの脆弱性	-	CVE-2007-1988	2012-12-20 18:19	2007-04-11	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:May 19, 2026, 4:16 a.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
197811	6.1	MEDIUM Network	citrix	xenmobile_server	Improper input validation in Citrix XenMobile Server 10.12 before RP1, Citrix XenMobile Server 10.11 before RP4, Citrix XenMobile Server 10.11 before RP6 and Citrix XenMobile Server before 10.9 RP5 a…	CWE-79 Cross-site Scripting	CVE-2020-8208	2024-11-21 14:38	2020-08-18	Show	GitHub Exploit DB Packet Storm

197812	5.5	MEDIUM Local	nextcloud	desktop	A memory leak in the OCUtil.dll library used by Nextcloud Desktop Client 2.6.4 can lead to a DoS against the host system.	CWE-401 Missing Release of Memory after Effective Lifetime	CVE-2020-8229	2024-11-21 14:38	2020-08-10	Show	GitHub Exploit DB Packet Storm

197813	7.8	HIGH Local	nextcloud	desktop	A code injection in Nextcloud Desktop Client 2.6.4 allowed to load arbitrary code when placing a malicious OpenSSL config into a fixed directory.	CWE-94 Code Injection	CVE-2020-8224	2024-11-21 14:38	2020-08-10	Show	GitHub Exploit DB Packet Storm

197814	7.8	HIGH Local	opensuse	leap backports_sle tumbleweed	A Incorrect Default Permissions vulnerability in the packaging of inn in openSUSE Leap 15.2, openSUSE Tumbleweed, openSUSE Leap 15.1 allows local attackers with control of the new user to escalate th…	-	CVE-2020-8026	2024-11-21 14:38	2020-08-7	Show	GitHub Exploit DB Packet Storm

197815	9.3	CRITICAL Local	suse	linux_enterprise_server linux_enterprise_software_development_kit linux_enterprise_high_performance_computing	A Incorrect Execution-Assigned Permissions vulnerability in the permissions package of SUSE Linux Enterprise Server 12-SP4, SUSE Linux Enterprise Server 15-LTSS, SUSE Linux Enterprise Server for SAP …	-	CVE-2020-8025	2024-11-21 14:38	2020-08-7	Show	GitHub Exploit DB Packet Storm

197816	8.8	HIGH Local	bitdefender	endpoint_security	Improper Authentication vulnerability in Bitdefender Endpoint Security for Mac allows an unprivileged process to restart the main service and potentially inject third-party code into a trusted proces…	CWE-287 Improper Authentication	CVE-2020-8108	2024-11-21 14:38	2020-08-3	Show	GitHub Exploit DB Packet Storm

197817	6.8	MEDIUM Network	pulsesecure ivanti	pulse_connect_secure connect_secure pulse_policy_secure policy_secure	A path traversal vulnerability exists in Pulse Connect Secure <9.1R8 that allowed an authenticated attacker via the administrator web interface to perform an arbitrary file reading vulnerability thro…	CWE-22 Path Traversal	CVE-2020-8222	2024-11-21 14:38	2020-07-30	Show	GitHub Exploit DB Packet Storm

197818	4.9	MEDIUM Network	pulsesecure ivanti	pulse_connect_secure connect_secure pulse_policy_secure policy_secure	A path traversal vulnerability exists in Pulse Connect Secure <9.1R8 which allows an authenticated attacker to read arbitrary files via the administrator web interface.	CWE-22 Path Traversal	CVE-2020-8221	2024-11-21 14:38	2020-07-30	Show	GitHub Exploit DB Packet Storm

197819	6.5	MEDIUM Network	pulsesecure ivanti	pulse_connect_secure connect_secure pulse_policy_secure policy_secure	A denial of service vulnerability exists in Pulse Connect Secure <9.1R8 that allows an authenticated attacker to perform command injection via the administrator web which can cause DOS.	CWE-400 Uncontrolled Resource Consumption	CVE-2020-8220	2024-11-21 14:38	2020-07-30	Show	GitHub Exploit DB Packet Storm

197820	7.2	HIGH Network	pulsesecure ivanti	pulse_connect_secure connect_secure pulse_policy_secure policy_secure	An insufficient permission check vulnerability exists in Pulse Connect Secure <9.1R8 that allows an attacker to change the password of a full administrator.	CWE-276 Incorrect Default Permissions	CVE-2020-8219	2024-11-21 14:38	2020-07-30	Show	GitHub Exploit DB Packet Storm