Vulnerability Search Top

Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

Vulnerability Information Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":May 18, 2026, 6 p.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
230991	7.5	危険	scriptmagix	-	ScriptMagix Recipes の index.php における SQL インジェクションの脆弱性	-	CVE-2007-1617	2012-12-20 18:19	2007-03-22	Show	GitHub Exploit DB Packet Storm

230992	7.5	危険	scriptmagix	-	ScriptMagix Lyrics の index.php における SQL インジェクションの脆弱性	-	CVE-2007-1616	2012-12-20 18:19	2007-03-22	Show	GitHub Exploit DB Packet Storm

230993	7.5	危険	scriptmagix	-	ScriptMagix Jokes の index.php における SQL インジェクションの脆弱性	-	CVE-2007-1615	2012-12-20 18:19	2007-03-22	Show	GitHub Exploit DB Packet Storm

230994	9.3	危険	zziplib project	-	ZZIPlib Library の zzip/file.c におけるスタックベースのバッファオーバーフローの脆弱性	-	CVE-2007-1614	2012-12-20 18:19	2007-03-17	Show	GitHub Exploit DB Packet Storm

230995	5	警告	W-Agora	-	Web-Agora の search.php における重要な情報を取得される脆弱性	-	CVE-2007-1607	2012-12-20 18:19	2007-03-22	Show	GitHub Exploit DB Packet Storm

230996	4.3	警告	W-Agora	-	Web-Agora におけるクロスサイトスクリプティングの脆弱性	-	CVE-2007-1606	2012-12-20 18:19	2007-03-22	Show	GitHub Exploit DB Packet Storm

230997	5	警告	W-Agora	-	Web-Agora における重要な情報を取得される脆弱性	-	CVE-2007-1605	2012-12-20 18:19	2007-03-22	Show	GitHub Exploit DB Packet Storm

230998	7.5	危険	W-Agora	-	Web-Agora における任意のコードを実行される脆弱性	-	CVE-2007-1604	2012-12-20 18:19	2007-03-22	Show	GitHub Exploit DB Packet Storm

230999	7.5	危険	weekly drawing contest	-	Weekly Drawing Contest の admin/contest.php における新規のコンテスト情報をデータベースに挿入される脆弱性	-	CVE-2007-1603	2012-12-20 18:19	2007-03-22	Show	GitHub Exploit DB Packet Storm

231000	7.5	危険	weekly drawing contest	-	Weekly Drawing Contest の check_vote.php における SQL インジェクションの脆弱性	-	CVE-2007-1602	2012-12-20 18:19	2007-03-22	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:May 18, 2026, 4:12 a.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
211101	7.5	HIGH Network	apache oracle	thrift hive communications_cloud_native_core_network_slice_selection_function communications_cloud_native_core_policy	In Apache Thrift 0.9.3 to 0.13.0, malicious RPC clients could send short messages which would result in a large memory allocation, potentially leading to denial of service.	CWE-400 Uncontrolled Resource Consumption	CVE-2020-13949	2024-11-21 14:02	2021-02-13	Show	GitHub Exploit DB Packet Storm

211102	6.1	MEDIUM Network	apache oracle	activemq communications_session_route_manager communications_session_report_manager	An instance of a cross-site scripting vulnerability was identified to be present in the web based administration console on the message.jsp page of Apache ActiveMQ versions 5.15.12 through 5.16.0.	CWE-79 Cross-site Scripting	CVE-2020-13947	2024-11-21 14:02	2021-02-9	Show	GitHub Exploit DB Packet Storm

211103	5.9	MEDIUM Network	fedoraproject	fedora	A flaw was found in the default configuration of dnsmasq, as shipped with Fedora versions prior to 31 and in all versions Red Hat Enterprise Linux, where it listens on any interface and accepts queri…	NVD-CWE-Other	CVE-2020-14312	2024-11-21 14:02	2021-02-6	Show	GitHub Exploit DB Packet Storm

211104	6.5	MEDIUM Network	hcltechsw	onetest_performance	HCL OneTest Performance V9.5, V10.0, V10.1 contains an inadequate session timeout, which could allow an attacker time to guess and use a valid session ID.	CWE-613 Insufficient Session Expiration	CVE-2020-14247	2024-11-21 14:02	2021-02-4	Show	GitHub Exploit DB Packet Storm

211105	7.5	HIGH Network	hcltechsw	onetest_performance	HCL OneTest Performance V9.5, V10.0, V10.1 uses basic authentication which is relatively weak. An attacker could potentially decode the encoded credentials.	CWE-327 Use of a Broken or Risky Cryptographic Algorithm	CVE-2020-14246	2024-11-21 14:02	2021-02-4	Show	GitHub Exploit DB Packet Storm

211106	9.8	CRITICAL Network	hcltechsw	onetest_performance	HCL OneTest UI V9.5, V10.0, and V10.1 does not perform authentication for functionality that either requires a provable user identity or consumes a significant amount of resources.	CWE-306 Missing Authentication for Critical Function	CVE-2020-14245	2024-11-21 14:02	2021-02-4	Show	GitHub Exploit DB Packet Storm

211107	7.5	HIGH Network	hcltech	digital_experience	HCL Digital Experience 9.5 containers include vulnerabilities that could expose sensitive data to unauthorized parties via crafted requests. These affect containers only. These do not affect traditio…	NVD-CWE-noinfo	CVE-2020-14255	2024-11-21 14:02	2021-02-3	Show	GitHub Exploit DB Packet Storm

211108	4.9	MEDIUM Network	hcltech	digital_experience	HCL Digital Experience 8.5, 9.0, and 9.5 exposes information about the server to unauthorized users.	NVD-CWE-noinfo	CVE-2020-14221	2024-11-21 14:02	2021-02-3	Show	GitHub Exploit DB Packet Storm

211109	4.3	MEDIUM Network	atlassian	crucible fisheye	Affected versions of Atlassian Fisheye and Crucible allow remote attackers to view a product's SEN via an Information Disclosure vulnerability in the x-asen response header from Atlassian Analytics. …	CWE-200 Information Exposure	CVE-2020-14192	2024-11-21 14:02	2021-02-2	Show	GitHub Exploit DB Packet Storm

211110	7.5	HIGH Network	mofinetwork	mofi4500-4gxelte_firmware	An issue was discovered on Mofi Network MOFI4500-4GXeLTE 4.0.8-std devices. The one-time password algorithm for the undocumented system account mofidev generates a predictable six-digit password.	CWE-330 Use of Insufficiently Random Values	CVE-2020-13860	2024-11-21 14:02	2021-02-1	Show	GitHub Exploit DB Packet Storm