Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":May 26, 2026, 6 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
230941 7.5 危険 WordPress.org - Wordpress および MU における SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2007-4894 2012-12-20 18:33 2007-09-8 Show GitHub Exploit DB Packet Storm
230942 4.3 警告 WordPress.org - Wordpress および MU の wp-admin/admin-functions.php におけるクロスサイトスクリプティング (XSS) 攻撃を実行される脆弱性 CWE-352
同一生成元ポリシー違反 		CVE-2007-4893 2012-12-20 18:33 2007-09-8 Show GitHub Exploit DB Packet Storm
230943 7.5 危険 swsoft - Windows 用の SWSoft Plesk における SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2007-4892 2012-12-20 18:33 2007-09-14 Show GitHub Exploit DB Packet Storm
230944 3.5 注意 XWiki - XWiki の "You are not allowed ..." のエラーハンドラにおける任意のドキュメントを読み取られる脆弱性 CWE-DesignError
CVE-2007-4888 2012-12-20 18:33 2007-01-11 Show GitHub Exploit DB Packet Storm
230945 4.3 警告 techexcel inc. - TechExcel CustomerWise におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2007-4882 2012-12-20 18:33 2007-09-13 Show GitHub Exploit DB Packet Storm
230946 7.5 危険 psi-labs - psisns の profile/myprofile.php における SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2007-4881 2012-12-20 18:33 2007-09-13 Show GitHub Exploit DB Packet Storm
230947 5 警告 Simplenews Project - SimpNews における任意の .inc ファイルをダウンロードされる脆弱性 CWE-264
認可・権限・アクセス制御 		CVE-2007-4873 2012-12-20 18:33 2007-09-27 Show GitHub Exploit DB Packet Storm
230948 5 警告 Simplenews Project - SimpleNews における重要な情報を取得される脆弱性 CWE-DesignError
CVE-2007-4872 2012-12-20 18:33 2007-09-27 Show GitHub Exploit DB Packet Storm
230949 6.8 警告 Quirm - SAXON の example.php における SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2007-4863 2012-12-20 18:33 2007-10-30 Show GitHub Exploit DB Packet Storm
230950 4.3 警告 Quirm - SAXON の admin/menu.php におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2007-4862 2012-12-20 18:33 2007-10-30 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:May 26, 2026, 4:05 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
198551 7.4 HIGH
Network 		nodejs
oracle 		node.js
graalvm
banking_extensibility_workbench
mysql_cluster
blockchain_platform 		TLS session reuse can lead to host certificate verification bypass in node version < 12.18.0 and < 14.4.0. CWE-295
Improper Certificate Validation  		CVE-2020-8172 2024-11-21 14:38 2020-06-8 Show GitHub Exploit DB Packet Storm
198552 7.1 HIGH
Local 		bitdefender antivirus_2020 A vulnerability in the improper handling of symbolic links in Bitdefender Antivirus Free can allow an unprivileged user to substitute a quarantined file, and restore it to a privileged location. This… CWE-59
Link Following 		CVE-2020-8103 2024-11-21 14:38 2020-06-6 Show GitHub Exploit DB Packet Storm
198553 5.5 MEDIUM
Local 		abb device_library_wizard Insecure storage of sensitive information in ABB Device Library Wizard versions 6.0.X, 6.0.3.1 and 6.0.3.2 allows unauthenticated low privilege user to read file that contains confidential data CWE-922
 Insecure Storage of Sensitive Information 		CVE-2020-8482 2024-11-21 14:38 2020-05-30 Show GitHub Exploit DB Packet Storm
198554 7.5 HIGH
Network 		lenovo lj4010dn_firmware
lj6700dn_firmware
m8960dnf_firmware 		A denial of service vulnerability was reported in the firmware prior to version 1.01 used in Lenovo Printer LJ4010DN that could be triggered by a remote user sending a crafted packet to the device, p… NVD-CWE-noinfo
CVE-2020-8330 2024-11-21 14:38 2020-05-29 Show GitHub Exploit DB Packet Storm
198555 7.5 HIGH
Network 		lenovo lj4010dn_firmware
lj6700dn_firmware
m8960dnf_firmware 		A denial of service vulnerability was reported in the firmware prior to version 1.01 used in Lenovo Printer LJ4010DN that could be triggered by a remote user sending a crafted packet to the device, c… NVD-CWE-noinfo
CVE-2020-8329 2024-11-21 14:38 2020-05-29 Show GitHub Exploit DB Packet Storm
198556 9.8 CRITICAL
Network 		ui airos We have recently released new version of AirMax AirOS firmware v6.3.0 for TI, XW and XM boards that fixes vulnerabilities found on AirMax AirOS v6.2.0 and prior TI, XW and XM boards, according to the… CWE-78
OS Command  		CVE-2020-8171 2024-11-21 14:38 2020-05-27 Show GitHub Exploit DB Packet Storm
198557 6.1 MEDIUM
Network 		ui airos We have recently released new version of AirMax AirOS firmware v6.3.0 for TI, XW and XM boards that fixes vulnerabilities found on AirMax AirOS v6.2.0 and prior TI, XW and XM boards, according to the… CWE-79
Cross-site Scripting 		CVE-2020-8170 2024-11-21 14:38 2020-05-27 Show GitHub Exploit DB Packet Storm
198558 8.8 HIGH
Network 		ui airos We have recently released new version of AirMax AirOS firmware v6.3.0 for TI, XW and XM boards that fixes vulnerabilities found on AirMax AirOS v6.2.0 and prior TI, XW and XM boards, according to the… CWE-352
 Origin Validation Error 		CVE-2020-8168 2024-11-21 14:38 2020-05-27 Show GitHub Exploit DB Packet Storm
198559 5.3 MEDIUM
Network 		opensuse
debian 		open_build_service
debian_linux 		a Improper Access Control vulnerability in of Open Build Service allows remote attackers to read files of an OBS package where the sourceaccess/access is disabled This issue affects: Open Build Servi… - CVE-2020-8021 2024-11-21 14:38 2020-05-20 Show GitHub Exploit DB Packet Storm
198560 9.8 CRITICAL
Network 		jenzabar internet_campus_solution Jenzabar JICS (aka Internet Campus Solution) before 9.0.1 Patch 3, 9.1 before 9.1.2 Patch 2, and 9.2 before 9.2.2 Patch 8 has session cookies that are a deterministic function of the username. There … CWE-384
 Session Fixation 		CVE-2020-8434 2024-11-21 14:38 2020-05-19 Show GitHub Exploit DB Packet Storm