Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":May 25, 2026, 6 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
230961 4.3 警告 txx cms - Txx CMS におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2007-4819 2012-12-20 18:33 2007-09-11 Show GitHub Exploit DB Packet Storm
230962 7.5 危険 txx cms - Txx CMS における PHP リモートファイルインクルージョンの脆弱性 CWE-94
コード・インジェクション 		CVE-2007-4818 2012-12-20 18:33 2007-09-11 Show GitHub Exploit DB Packet Storm
230963 7.5 危険 tlm cms - TLM CMS における SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2007-4808 2012-12-20 18:33 2007-09-11 Show GitHub Exploit DB Packet Storm
230964 5 警告 ソフォス - Sophos Anti-Virus のウィルス検出エンジンにおけるマルウェアの検出を回避される脆弱性 CWE-20
不適切な入力確認 		CVE-2007-4787 2012-12-20 18:33 2007-09-10 Show GitHub Exploit DB Packet Storm
230965 7.5 危険 tim jackson - PHPOF の dbmodules/DB_adodb.class.php における PHP リモートファイルインクルージョンの脆弱性 CWE-94
コード・インジェクション 		CVE-2007-4763 2012-12-20 18:33 2007-09-8 Show GitHub Exploit DB Packet Storm
230966 7.5 危険 phpmytourney - phpMytourney の menu.php における PHP リモートファイルインクルージョンの脆弱性 CWE-20
不適切な入力確認 		CVE-2007-4757 2012-12-20 18:33 2007-09-8 Show GitHub Exploit DB Packet Storm
230967 5 警告 Thomson - Thomson ST 2030 SIP 電話機におけるサービス運用妨害 (DoS) の脆弱性 CWE-DesignError
CVE-2007-4753 2012-12-20 18:33 2007-09-7 Show GitHub Exploit DB Packet Storm
230968 6.8 警告 ppstream - PPStream の PowerPlayer.dll ActiveX コントロールにおけるバッファオーバーフローの脆弱性 CWE-119
バッファエラー 		CVE-2007-4748 2012-12-20 18:33 2007-09-6 Show GitHub Exploit DB Packet Storm
230969 9.3 危険 telecom italy - Telecom Italy Alice Messenger の Hp.Revolution.RegistryManager.dll 1 におけるレジストリキーを作成される脆弱性 CWE-264
認可・権限・アクセス制御 		CVE-2007-4740 2012-12-20 18:33 2007-09-6 Show GitHub Exploit DB Packet Storm
230970 7.5 危険 speedtech - SpeedTech PHP Library における PHP リモートファイルインクルージョンの脆弱性 CWE-20
CWE-94
CVE-2007-4738 2012-12-20 18:33 2007-09-6 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:May 25, 2026, 4:01 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
213101 5.0 MEDIUM
Network 		open-xchange open-xchange_appsuite OX App Suite 7.10.3 and earlier allows SSRF, related to the mail account API and the /folder/list API. CWE-918
Server-Side Request Forgery (SSRF)  		CVE-2020-12644 2024-11-21 13:59 2020-09-1 Show GitHub Exploit DB Packet Storm
213102 4.3 MEDIUM
Network 		open-xchange open-xchange_appsuite OX App Suite 7.10.3 and earlier has Incorrect Access Control via an /api/subscriptions request for a snippet containing an email address. CWE-639
 Authorization Bypass Through User-Controlled Key 		CVE-2020-12643 2024-11-21 13:59 2020-09-1 Show GitHub Exploit DB Packet Storm
213103 8.8 HIGH
Network 		mitel mivoice_connect A remote code execution vulnerability in Mitel MiVoice Connect Client before 214.100.1223.0 could allow an attacker to execute arbitrary code in the chat notification window, due to improper renderin… CWE-22
Path Traversal 		CVE-2020-12456 2024-11-21 13:59 2020-08-27 Show GitHub Exploit DB Packet Storm
213104 7.5 HIGH
Network 		wolfssl wolfssl An issue was discovered in wolfSSL before 4.5.0. It mishandles the change_cipher_spec (CCS) message processing logic for TLS 1.3. If an attacker sends ChangeCipherSpec messages in a crafted way invol… CWE-835
 Loop with Unreachable Exit Condition ('Infinite Loop') 		CVE-2020-12457 2024-11-21 13:59 2020-08-21 Show GitHub Exploit DB Packet Storm
213105 5.9 MEDIUM
Network 		freron mailmate MailMate before 1.11 automatically imported S/MIME certificates and thereby silently replaced existing ones. This allowed a man-in-the-middle attacker to obtain an email-validated S/MIME certificate … NVD-CWE-noinfo
CVE-2020-12619 2024-11-21 13:59 2020-08-21 Show GitHub Exploit DB Packet Storm
213106 4.8 MEDIUM
Network 		emclient em_client eM Client before 7.2.33412.0 automatically imported S/MIME certificates and thereby silently replaced existing ones. This allowed a man-in-the-middle attacker to obtain an email-validated S/MIME cert… NVD-CWE-noinfo
CVE-2020-12618 2024-11-21 13:59 2020-08-21 Show GitHub Exploit DB Packet Storm
213107 6.5 MEDIUM
Network 		lightbend play_framework In Play Framework 2.6.0 through 2.8.1, the CSRF filter can be bypassed by making CORS simple requests with content types that contain parameters that can't be parsed. CWE-352
 Origin Validation Error 		CVE-2020-12480 2024-11-21 13:59 2020-08-18 Show GitHub Exploit DB Packet Storm
213108 9.8 CRITICAL
Network 		dbsoft sglac An issue was discovered in DB Soft SGLAC before 20.05.001. The ProcedimientoGenerico method in the SVCManejador.svc webservice of the SGLAC web frontend allows an attacker to run arbitrary SQL comman… CWE-89
SQL Injection 		CVE-2020-12606 2024-11-21 13:59 2020-08-17 Show GitHub Exploit DB Packet Storm
213109 6.1 MEDIUM
Network 		tiny tinymce A cross-site scripting (XSS) vulnerability in TinyMCE 5.2.1 and earlier allows remote attackers to inject arbitrary web script when configured in classic editing mode. CWE-79
Cross-site Scripting 		CVE-2020-12648 2024-11-21 13:59 2020-08-14 Show GitHub Exploit DB Packet Storm
213110 8.2 HIGH
Local 		intel s2600wftr_firmware
s2600wf0r_firmware
s2600wfqr_firmware
s2600bpsr_firmware
s2600bpbr_firmware
s2600bpqr_firmware
s2600stqr_firmware
s2600stbr_firmware 		Improper initialization in BIOS firmware for Intel(R) Server Board Families S2600ST, S2600BP and S2600WF may allow a privileged user to potentially enable escalation of privilege via local access. CWE-665
 Improper Initialization 		CVE-2020-12301 2024-11-21 13:59 2020-08-13 Show GitHub Exploit DB Packet Storm