Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":May 20, 2026, 6 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
231121 4.3 警告 sam crew - Sam Crew MyBlog の admin/modify.php におけるクロスサイトスクリプティングの脆弱性 - CVE-2007-1969 2012-12-20 18:19 2007-04-11 Show GitHub Exploit DB Packet Storm
231122 6.8 警告 sam crew - Sam Crew MyBlog の games.php における PHP リモートファイルインクルージョンの脆弱性 - CVE-2007-1968 2012-12-20 18:19 2007-04-11 Show GitHub Exploit DB Packet Storm
231123 7.5 危険 XOOPS - XOOPS 用の WF-Snippets モジュールにおける SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2007-1962 2012-12-20 18:19 2007-04-11 Show GitHub Exploit DB Packet Storm
231124 7.5 危険 phpBB - phpBB 用の Mutant ポータルの mutant_functions.php における PHP リモートファイルインクルージョンの脆弱性 - CVE-2007-1961 2012-12-20 18:19 2007-04-11 Show GitHub Exploit DB Packet Storm
231125 7.5 危険 XOOPS - XOOPS 用の Rha7 Downloads モジュールにおける SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2007-1960 2012-12-20 18:19 2007-04-11 Show GitHub Exploit DB Packet Storm
231126 10 危険 tinymux - TinyMUX の command.cpp における脆弱性 - CVE-2007-1959 2012-12-20 18:19 2007-04-11 Show GitHub Exploit DB Packet Storm
231127 5 警告 tinymux - TinyMUX におけるバッファオーバーフローの脆弱性 - CVE-2007-1958 2012-12-20 18:19 2007-04-11 Show GitHub Exploit DB Packet Storm
231128 7.5 危険 UBB Systems - Groupee UBB.threads の ubbthreads.php における SQL インジェクションの脆弱性 - CVE-2007-1956 2012-12-20 18:19 2007-04-10 Show GitHub Exploit DB Packet Storm
231129 10 危険 signkorea - SignKorea SKCrypAX ActiveX コントロールモジュールにおけるスタックベースのバッファオーバーフローの脆弱性 - CVE-2007-1955 2012-12-20 18:19 2007-04-10 Show GitHub Exploit DB Packet Storm
231130 4.3 警告 webblizzard - WebBlizzard CMS の index_cms.php におけるクロスサイトスクリプティングの脆弱性 - CVE-2007-1950 2012-12-20 18:19 2007-04-10 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:May 20, 2026, 4:14 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
212181 5.4 MEDIUM
Network 		gitlab gitlab A vulnerability was discovered in GitLab versions before 13.1.10, 13.2.8 and 13.3.4. When 2 factor authentication was enabled for groups, a malicious user could bypass that restriction by sending a s… NVD-CWE-noinfo
CVE-2020-13297 2024-11-21 14:00 2020-09-15 Show GitHub Exploit DB Packet Storm
212182 10.0 CRITICAL
Network 		gitlab gitlab GitLab CE/EE version 13.3 prior to 13.3.4 was vulnerable to an OAuth authorization scope change without user consent in the middle of the authorization flow. CWE-863
 Incorrect Authorization 		CVE-2020-13300 2024-11-21 14:00 2020-09-15 Show GitHub Exploit DB Packet Storm
212183 8.1 HIGH
Network 		gitlab gitlab A vulnerability was discovered in GitLab versions before 13.1.10, 13.2.8 and 13.3.4. The revocation feature was not revoking all session tokens and one could re-use it to obtain a valid session. CWE-613
 Insufficient Session Expiration 		CVE-2020-13299 2024-11-21 14:00 2020-09-15 Show GitHub Exploit DB Packet Storm
212184 5.4 MEDIUM
Network 		gitlab gitlab A vulnerability was discovered in GitLab versions before 13.1.10, 13.2.8 and 13.3.4. In certain cases an invalid username could be accepted when 2FA is activated. CWE-306
Missing Authentication for Critical Function 		CVE-2020-13289 2024-11-21 14:00 2020-09-15 Show GitHub Exploit DB Packet Storm
212185 4.3 MEDIUM
Network 		gitlab gitlab A vulnerability was discovered in GitLab versions before 13.1.10, 13.2.8 and 13.3.4. Project reporters and above could see confidential EPIC attached to confidential issues NVD-CWE-noinfo
CVE-2020-13287 2024-11-21 14:00 2020-09-15 Show GitHub Exploit DB Packet Storm
212186 6.5 MEDIUM
Network 		gitlab gitlab A vulnerability was discovered in GitLab versions before 13.1.10, 13.2.8 and 13.3.4. API Authorization Using Outdated CI Job Token CWE-863
 Incorrect Authorization 		CVE-2020-13284 2024-11-21 14:00 2020-09-15 Show GitHub Exploit DB Packet Storm
212187 7.5 HIGH
Network 		microchip atsama5d21c-cu_firmware
atsama5d21c-cur_firmware
atsama5d22c-cn_firmware
atsama5d22c-cnr_firmware
atsama5d22c-cu_firmware
atsama5d22c-cur_firmware
atsama5d23c-cn_firmware
atsama5… 		The Secure Monitor in Microchip Atmel ATSAMA5 products use a hardcoded key to encrypt and authenticate secure applets. CWE-798
 Use of Hard-coded Credentials 		CVE-2020-12789 2024-11-21 14:00 2020-09-14 Show GitHub Exploit DB Packet Storm
212188 7.5 HIGH
Network 		microchip atsama5d21c-cu_firmware
atsama5d21c-cur_firmware
atsama5d22c-cn_firmware
atsama5d22c-cnr_firmware
atsama5d22c-cu_firmware
atsama5d22c-cur_firmware
atsama5d23c-cn_firmware
atsama5… 		CMAC verification functionality in Microchip Atmel ATSAMA5 products is vulnerable to vulnerable to timing and power analysis attacks. CWE-203
 Information Exposure Through Discrepancy 		CVE-2020-12788 2024-11-21 14:00 2020-09-14 Show GitHub Exploit DB Packet Storm
212189 7.5 HIGH
Network 		microchip atsama5d21c-cu_firmware
atsama5d21c-cur_firmware
atsama5d22c-cn_firmware
atsama5d22c-cnr_firmware
atsama5d22c-cu_firmware
atsama5d22c-cur_firmware
atsama5d23c-cn_firmware
atsama5… 		Microchip Atmel ATSAMA5 products in Secure Mode allow an attacker to bypass existing security mechanisms related to applet handling. NVD-CWE-noinfo
CVE-2020-12787 2024-11-21 14:00 2020-09-14 Show GitHub Exploit DB Packet Storm
212190 8.8 HIGH
Network 		loway queuemetrics A SQL injection vulnerability at a tpf URI in Loway QueueMetrics before 19.04.1 allows remote authenticated attackers to execute arbitrary SQL commands via the TASKS_LIST__pt.querystring parameter. CWE-89
SQL Injection 		CVE-2020-13127 2024-11-21 14:00 2020-09-10 Show GitHub Exploit DB Packet Storm