Vulnerability Search Top

Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

Vulnerability Information Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":May 19, 2026, 2 p.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
231131	7.5	危険	scipter.ch	-	Sinapis Gastebuch の sinagb.php における PHP リモートファイルインクルージョンの脆弱性	-	CVE-2007-1130	2012-12-20 18:19	2007-02-26	Show	GitHub Exploit DB Packet Storm

231132	5	警告	watersweb shops	-	shopkitplus における重要な情報を取得される脆弱性	-	CVE-2007-1128	2012-12-20 18:19	2007-02-26	Show	GitHub Exploit DB Packet Storm

231133	6.4	警告	watersweb shops	-	shopkitplus の enc/stylecss.php におけるディレクトリトラバーサルの脆弱性	-	CVE-2007-1127	2012-12-20 18:19	2007-02-26	Show	GitHub Exploit DB Packet Storm

231134	5	警告	xt:Commerce	-	xtcommerce の index.php におけるディレクトリトラバーサルの脆弱性	-	CVE-2007-1126	2012-12-20 18:19	2007-02-26	Show	GitHub Exploit DB Packet Storm

231135	4.3	警告	xeroxer	-	XeroXer Simple one-file gallery の gallery.php におけるクロスサイトスクリプティングの脆弱性	-	CVE-2007-1125	2012-12-20 18:19	2007-02-26	Show	GitHub Exploit DB Packet Storm

231136	5	警告	xeroxer	-	XeroXer Simple one-file gallery の gallery.php におけるディレクトリトラバーサルの脆弱性	-	CVE-2007-1124	2012-12-20 18:19	2007-02-26	Show	GitHub Exploit DB Packet Storm

231137	7.5	危険	ZPanel Project	-	ZPanel における PHP リモートファイルインクルージョンの脆弱性	-	CVE-2007-1123	2012-12-20 18:19	2007-02-26	Show	GitHub Exploit DB Packet Storm

231138	6.4	警告	zephyrsoft toolbox	-	Mathis Dirksen-Thedens ZephyrSoft Toolbox ABC における SQL インジェクションの脆弱性	-	CVE-2007-1122	2012-12-20 18:19	2007-02-26	Show	GitHub Exploit DB Packet Storm

231139	6.4	警告	zephyrsoft toolbox	-	Mathis Dirksen-Thedens ZephyrSoft Toolbox ABC における SQL インジェクションの脆弱性	-	CVE-2007-1121	2012-12-20 18:19	2007-02-26	Show	GitHub Exploit DB Packet Storm

231140	9.3	危険	steema software	-	TeeChart Pro ActiveX コントロールにおける .tee ファイルをダウンロードされる脆弱性	-	CVE-2007-1120	2012-12-20 18:19	2007-02-26	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:May 19, 2026, 4:16 a.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
211381	7.5	HIGH Network	mattermost	mattermost	An issue was discovered in Mattermost Mobile Apps before 1.31.2 on iOS. Unintended third-party servers could sometimes obtain authorization tokens, aka MMSA-2020-0022.	NVD-CWE-noinfo	CVE-2020-13891	2024-11-21 14:02	2020-06-27	Show	GitHub Exploit DB Packet Storm

211382	9.8	CRITICAL Network	mi	xiaomi_r3600_firmware	In Xiaomi router R3600, ROM version<1.0.20, a connect service suffers from an injection vulnerability through the web interface, leading to a stack overflow or remote code execution.	CWE-787 Out-of-bounds Write	CVE-2020-14095	2024-11-21 14:02	2020-06-25	Show	GitHub Exploit DB Packet Storm

211383	9.8	CRITICAL Network	mi	xiaomi_r3600_firmware	In Xiaomi router R3600, ROM version<1.0.20, the connection service can be injected through the web interface, resulting in stack overflow or remote code execution.	CWE-787 Out-of-bounds Write	CVE-2020-14094	2024-11-21 14:02	2020-06-25	Show	GitHub Exploit DB Packet Storm

211384	6.1	MEDIUM Network	naviwebs	navigate_cms	An issue was discovered in Navigate CMS 2.9 r1433. There is a stored XSS vulnerability that is executed on the page to view users, and on the page to edit users. This is present in both the User fiel…	CWE-79 Cross-site Scripting	CVE-2020-14018	2024-11-21 14:02	2020-06-25	Show	GitHub Exploit DB Packet Storm

211385	7.5	HIGH Network	naviwebs	navigate_cms	An issue was discovered in Navigate CMS 2.9 r1433. Sessions, as well as associated information such as CSRF tokens, are stored in cleartext files in the directory /private/sessions. An unauthenticate…	CWE-312 Cleartext Storage of Sensitive Information	CVE-2020-14017	2024-11-21 14:02	2020-06-25	Show	GitHub Exploit DB Packet Storm

211386	5.3	MEDIUM Network	naviwebs	navigate_cms	An issue was discovered in Navigate CMS 2.9 r1433. The forgot-password feature allows users to reset their passwords by using either their username or the email address associated with their account.…	CWE-640 Weak Password Recovery Mechanism for Forgotten Password	CVE-2020-14016	2024-11-21 14:02	2020-06-25	Show	GitHub Exploit DB Packet Storm

211387	7.5	HIGH Network	naviwebs	navigate_cms	An issue was discovered in Navigate CMS 2.9 r1433. When performing a password reset, a user is emailed an activation code that allows them to reset their password. There is, however, a flaw when no a…	CWE-640 Weak Password Recovery Mechanism for Forgotten Password	CVE-2020-14015	2024-11-21 14:02	2020-06-25	Show	GitHub Exploit DB Packet Storm

211388	5.4	MEDIUM Network	naviwebs	navigate_cms	An issue was discovered in Navigate CMS 2.8 and 2.9 r1433. The query parameter fid on the resource navigate.php does not perform sufficient data validation and/or encoding, making it vulnerable to re…	CWE-79 Cross-site Scripting	CVE-2020-14014	2024-11-21 14:02	2020-06-25	Show	GitHub Exploit DB Packet Storm

211389	5.4	MEDIUM Network	solarwinds	orion_network_performance_monitor orion_web_performance_monitor	Solarwinds Orion (with Web Console WPM 2019.4.1, and Orion Platform HF4 or NPM HF2 2019.4) allows XSS via a name of an alert definition.	CWE-79 Cross-site Scripting	CVE-2020-14007	2024-11-21 14:02	2020-06-24	Show	GitHub Exploit DB Packet Storm

211390	5.4	MEDIUM Network	solarwinds	orion_network_performance_monitor orion_web_performance_monitor	Solarwinds Orion (with Web Console WPM 2019.4.1, and Orion Platform HF4 or NPM HF2 2019.4) allows XSS via a Responsible Team.	CWE-79 Cross-site Scripting	CVE-2020-14006	2024-11-21 14:02	2020-06-24	Show	GitHub Exploit DB Packet Storm