Vulnerability Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":May 23, 2026, 2 p.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
230991	7.5	危険	pictures rating	-	Picture Rating の index.php における SQL インジェクションの脆弱性	-	CVE-2007-3881	2012-12-20 18:33	2007-07-18	Show	GitHub Exploit DB Packet Storm

230992	7.2	危険	サン・マイクロシステムズ	-	SUNWsrspx パッケージで同梱されている SRS Net Connect の srsexec におけるフォーマットストリングの脆弱性	CWE-134 書式文字列の問題	CVE-2007-3880	2012-12-20 18:33	2007-11-2	Show	GitHub Exploit DB Packet Storm

230993	6.9	警告	トレンドマイクロ	-	Trend Micro AntiSpyware および PC-Cillin Internet Security 2007 の SSAPI Engine におけるスタックベースのバッファオーバーフローの脆弱性	-	CVE-2007-3873	2012-12-20 18:33	2007-08-22	Show	GitHub Exploit DB Packet Storm

230994	6	警告	TortoiseSVN CollabNet, Inc.	-	TortoiseSVN で使用されている Subversion におけるディレクトリトラバーサルの脆弱性	CWE-22 パス・トラバーサル	CVE-2007-3846	2012-12-20 18:33	2007-08-27	Show	GitHub Exploit DB Packet Storm

230995	9	危険	Pidgin	-	Linux 用の Pidgin における特定のコマンドを実行される脆弱性	-	CVE-2007-3841	2012-12-20 18:33	2007-07-17	Show	GitHub Exploit DB Packet Storm

230996	7.5	危険	sitetrafficstats	-	Traffic Stats の referralUrl.php における SQL インジェクションの脆弱性	-	CVE-2007-3840	2012-12-20 18:33	2007-07-17	Show	GitHub Exploit DB Packet Storm

230997	4	警告	tbdev.net	-	TBDev.NET の takeprofedit.php におけるクロスサイトスクリプティングの脆弱性	-	CVE-2007-3839	2012-12-20 18:33	2007-07-17	Show	GitHub Exploit DB Packet Storm

230998	2.6	注意	tbdev.net	-	takeprofedit.php の takeprofedit.php におけるクロスサイトスクリプティングの脆弱性	-	CVE-2007-3838	2012-12-20 18:33	2007-07-17	Show	GitHub Exploit DB Packet Storm

230999	4.9	警告	republike slovenije	-	PIRS の pirs32.exe におけるバッファオーバーフローの脆弱性	-	CVE-2007-3815	2012-12-20 18:33	2007-07-16	Show	GitHub Exploit DB Packet Storm

231000	7.5	危険	prozilla	-	Prozilla Directory Script における SQL インジェクションの脆弱性	-	CVE-2007-3809	2012-12-20 18:33	2007-07-16	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:May 23, 2026, 4:08 a.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
197701	6.1	MEDIUM Network	open-xchange	ox_guard	OX Guard 2.10.3 and earlier allows XSS.	CWE-79 Cross-site Scripting	CVE-2020-9426	2024-11-21 14:40	2020-06-16	Show	GitHub Exploit DB Packet Storm

197702	9.8	CRITICAL Network	tibco	managed_file_transfer_platform_server	The file transfer component of TIBCO Software Inc.'s TIBCO Managed File Transfer Platform Server for IBM i contains a vulnerability that theoretically allows execution of arbitrary commands at the pr…	NVD-CWE-noinfo	CVE-2020-9412	2024-11-21 14:40	2020-06-10	Show	GitHub Exploit DB Packet Storm

197703	9.8	CRITICAL Network	tibco	managed_file_transfer_platform_server	The file transfer component of TIBCO Software Inc.'s TIBCO Managed File Transfer Platform Server for IBM i contains a vulnerability that theoretically allows an attacker to perform unauthorized netwo…	NVD-CWE-noinfo	CVE-2020-9411	2024-11-21 14:40	2020-06-10	Show	GitHub Exploit DB Packet Storm

197704	9.8	CRITICAL Network	huawei	ips_module_firmware ngfw_module_firmware nip6300_firmware nip6600_firmware nip6800_firmware secospace_usg6300_firmware secospace_usg6500_firmware secospace_usg6600_firmware us…	Huawei products IPS Module; NGFW Module; NIP6300; NIP6600; NIP6800; Secospace USG6300; Secospace USG6500; Secospace USG6600; USG9500 with versions of V500R001C00; V500R001C20; V500R001C30; V500R001C5…	CWE-287 Improper Authentication	CVE-2020-9099	2024-11-21 14:40	2020-06-8	Show	GitHub Exploit DB Packet Storm

197705	4.3	MEDIUM Adjacent	homey	homey_firmware homey_pro_firmware	An issue was discovered in all Athom Homey and Homey Pro devices up to the current version 4.2.0. An attacker within RF range can obtain a cleartext copy of the network configuration of the device, i…	CWE-312 Cleartext Storage of Sensitive Information	CVE-2020-9462	2024-11-21 14:40	2020-06-5	Show	GitHub Exploit DB Packet Storm

197706	9.8	CRITICAL Network	fortinet	fortisiem_windows_agent	An unquoted service path vulnerability in the FortiSIEM Windows Agent component may allow an attacker to gain elevated privileges via the AoWinAgt executable service path.	CWE-428 Unquoted Search Path or Element	CVE-2020-9292	2024-11-21 14:40	2020-06-4	Show	GitHub Exploit DB Packet Storm

197707	7.8	HIGH Local	fortinet	forticlient	An Insecure Temporary File vulnerability in FortiClient for Windows 6.2.1 and below may allow a local user to gain elevated privileges via exhausting the pool of temporary file names combined with a …	CWE-668 Exposure of Resource to Wrong Sphere	CVE-2020-9291	2024-11-21 14:40	2020-06-2	Show	GitHub Exploit DB Packet Storm

197708	7.0	HIGH Local	apache debian opensuse fedoraproject canonical oracle mcafee	tomcat debian_linux leap fedora ubuntu_linux transportation_management hospitality_guest_access managed_file_transfer retail_order_broker agile_plm database instantis…	When using Apache Tomcat versions 10.0.0-M1 to 10.0.0-M4, 9.0.0.M1 to 9.0.34, 8.5.0 to 8.5.54 and 7.0.0 to 7.0.103 if a) an attacker is able to control the contents and name of a file on the server; …	CWE-502 Deserialization of Untrusted Data	CVE-2020-9484	2024-11-21 14:40	2020-05-21	Show	GitHub Exploit DB Packet Storm

197709	8.8	HIGH Network	tibco oracle	jasperreports_library jasperreports_server retail_order_broker	The report generator component of TIBCO Software Inc.'s TIBCO JasperReports Library, TIBCO JasperReports Library for ActiveMatrix BPM, TIBCO JasperReports Server, TIBCO JasperReports Server for AWS M…	CWE-79 Cross-site Scripting	CVE-2020-9410	2024-11-21 14:40	2020-05-20	Show	GitHub Exploit DB Packet Storm

197710	9.8	CRITICAL Network	tibco oracle	jasperreports_server retail_order_broker	The administrative UI component of TIBCO Software Inc.'s TIBCO JasperReports Server, TIBCO JasperReports Server for AWS Marketplace, and TIBCO JasperReports Server for ActiveMatrix BPM contains a vul…	CWE-276 Incorrect Default Permissions	CVE-2020-9409	2024-11-21 14:40	2020-05-20	Show	GitHub Exploit DB Packet Storm

Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed