Vulnerability Search Top

Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

Vulnerability Information Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":May 24, 2026, 6 p.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
230961	5.8	警告	VMware	-	EMC VMware の IntraProcessLogging.dll における絶対パストラバーサルの脆弱性	-	CVE-2007-4059	2012-12-20 18:33	2007-07-30	Show	GitHub Exploit DB Packet Storm

230962	4.6	警告	ultradefrag	-	UltraDefrag の FindFiles 関数におけるヒープベースのバッファオーバーフローの脆弱性	-	CVE-2007-4051	2012-12-20 18:33	2007-07-30	Show	GitHub Exploit DB Packet Storm

230963	4.3	警告	phpsysinfo	-	phpSysInfo の index.php におけるクロスサイトスクリプティングの脆弱性	-	CVE-2007-4048	2012-12-20 18:33	2007-07-30	Show	GitHub Exploit DB Packet Storm

230964	5	警告	securecomputing	-	Secure Computing SecurityReporter の file.cgi における認証を回避される脆弱性	CWE-287 不適切な認証	CVE-2007-4043	2012-12-20 18:33	2007-07-27	Show	GitHub Exploit DB Packet Storm

230965	9.3	危険	Yahoo!	-	Yahoo! Widgets の YDPCTL.dll におけるスタックベースのバッファオーバーフローの脆弱性	CWE-119 バッファエラー	CVE-2007-4034	2012-12-20 18:33	2007-07-27	Show	GitHub Exploit DB Packet Storm

230966	7.5	危険	webSPELL	-	Webspell の index.php における絶対パストラバーサルの脆弱性	-	CVE-2007-4028	2012-12-20 18:33	2007-07-26	Show	GitHub Exploit DB Packet Storm

230967	6.8	警告	Telaxus LLC	-	epesi framework における任意の PHP コードを実行される脆弱性	-	CVE-2007-4026	2012-12-20 18:33	2007-07-26	Show	GitHub Exploit DB Packet Storm

230968	4.3	警告	サン・マイクロシステムズ	-	Windows 用の SJS Application Server における JSP ソースコードを取得される脆弱性	-	CVE-2007-4025	2012-12-20 18:33	2007-07-24	Show	GitHub Exploit DB Packet Storm

230969	4.3	警告	w1l3d4	-	W1L3D4 Philboard の W1L3D4_aramasonuc.asp におけるクロスサイトスクリプティングの脆弱性	-	CVE-2007-4024	2012-12-20 18:33	2007-07-26	Show	GitHub Exploit DB Packet Storm

230970	4.3	警告	WordPress.org	-	WordPress 用の Blix テーマなどに関する特定の index.php インストールスクリプトにおけるクロスサイトスクリプティングの脆弱性	-	CVE-2007-4014	2012-12-20 18:33	2007-07-25	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:May 24, 2026, 4:05 a.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
212771	8.8	HIGH Network	gitlab	gitlab	Missing permission check on fork relation creation in GitLab CE/EE 11.3 and later through 13.0.1 allows guest users to create a fork relation on restricted public projects via API	CWE-862 Missing Authorization	CVE-2020-13270	2024-11-21 14:00	2020-06-11	Show	GitHub Exploit DB Packet Storm

212772	6.1	MEDIUM Network	gitlab	gitlab	A Reflected Cross-Site Scripting vulnerability allowed the execution of arbitrary Javascript code on the Static Site Editor in GitLab CE/EE 12.10 and later through 13.0.1	CWE-79 Cross-site Scripting	CVE-2020-13269	2024-11-21 14:00	2020-06-11	Show	GitHub Exploit DB Packet Storm

212773	5.3	MEDIUM Network	gitlab	gitlab	A specially crafted request could be used to confirm the existence of files hosted on object storage services, without disclosing their contents. This vulnerability affects GitLab CE/EE 12.10 and lat…	CWE-200 NVD-CWE-noinfo Information Exposure	CVE-2020-13268	2024-11-21 14:00	2020-06-11	Show	GitHub Exploit DB Packet Storm

212774	6.1	MEDIUM Network	gitlab	gitlab	A Stored Cross-Site Scripting vulnerability allowed the execution on Javascript payloads on the Metrics Dashboard in GitLab CE/EE 12.8 and later through 13.0.1	CWE-79 Cross-site Scripting	CVE-2020-13267	2024-11-21 14:00	2020-06-11	Show	GitHub Exploit DB Packet Storm

212775	9.8	CRITICAL Network	anydesk	anydesk	AnyDesk before 5.5.3 on Linux and FreeBSD has a format string vulnerability that can be exploited for remote code execution.	CWE-134 Use of Externally-Controlled Format String	CVE-2020-13160	2024-11-21 14:00	2020-06-10	Show	GitHub Exploit DB Packet Storm

212776	4.3	MEDIUM Network	gitlab	gitlab	Insecure authorization in Project Deploy Keys in GitLab CE/EE 12.8 and later through 13.0.1 allows users to update permissions of other users' deploy keys under certain conditions	CWE-862 Missing Authorization	CVE-2020-13266	2024-11-21 14:00	2020-06-10	Show	GitHub Exploit DB Packet Storm

212777	9.8	CRITICAL Network	codedropz	drag_and_drop_multiple_file_upload_-_contact_form_7	The drag-and-drop-multiple-file-upload-contact-form-7 plugin before 1.3.3.3 for WordPress allows Unrestricted File Upload and remote code execution by setting supported_type to php% and uploading a .…	CWE-434 Unrestricted Upload of File with Dangerous Type	CVE-2020-12800	2024-11-21 14:00	2020-06-9	Show	GitHub Exploit DB Packet Storm

212778	6.5	MEDIUM Network	libreoffice opensuse fedoraproject	libreoffice leap fedora	ODF documents can contain forms to be filled out by the user. Similar to HTML forms, the contained form data can be submitted to a URI, for example, to an external web server. To create submittable f…	CWE-20 Improper Input Validation	CVE-2020-12803	2024-11-21 14:00	2020-06-9	Show	GitHub Exploit DB Packet Storm

212779	7.5	HIGH Network	ui w1.fi asus broadcom canon cisco dlink dell epson hp huawei nec netgear ruckussecurity tp-link zte zyxel microsoft fedoraproject debian canonical	unifi_controller hostapd rt-n11 adsl selphy_cp1200 wap150 wap351 wap131 dvg-n5412sp b1165nfw ew-m970a3t ep-101 xp-8500 xp-702 xp-340 xp-620 xp-320 x…	The Open Connectivity Foundation UPnP specification before 2020-04-17 does not forbid the acceptance of a subscription request with a delivery URL on a different network segment than the fully qualif…	CWE-276 Incorrect Default Permissions	CVE-2020-12695	2024-11-21 14:00	2020-06-9	Show	GitHub Exploit DB Packet Storm

212780	5.3	MEDIUM Network	libreoffice fedoraproject opensuse	libreoffice fedora leap	LibreOffice has a 'stealth mode' in which only documents from locations deemed 'trusted' are allowed to retrieve remote resources. This mode is not the default mode, but can be enabled by users who w…	NVD-CWE-Other	CVE-2020-12802	2024-11-21 14:00	2020-06-9	Show	GitHub Exploit DB Packet Storm