Vulnerability Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":May 28, 2026, 6 p.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
231171	2.1	注意	XWiki	-	XWiki Enterprise の Multiwiki プラグインにおける重要な情報を取得される脆弱性	CWE-noinfo 情報不足	CVE-2007-4898	2012-12-20 18:33	2007-09-14	Show	GitHub Exploit DB Packet Storm

231172	4.3	警告	toms-seiten.at	-	Toms Gaestebuch の admin/header.php におけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2007-4896	2012-12-20 18:33	2007-09-14	Show	GitHub Exploit DB Packet Storm

231173	5	警告	sisfo kampus	-	Semarang 3 の dwoprn.php におけるディレクトリトラバーサルの脆弱性	CWE-22 パス・トラバーサル	CVE-2007-4895	2012-12-20 18:33	2007-09-14	Show	GitHub Exploit DB Packet Storm

231174	7.5	危険	WordPress.org	-	Wordpress および MU における SQL インジェクションの脆弱性	CWE-89 SQLインジェクション	CVE-2007-4894	2012-12-20 18:33	2007-09-8	Show	GitHub Exploit DB Packet Storm

231175	4.3	警告	WordPress.org	-	Wordpress および MU の wp-admin/admin-functions.php におけるクロスサイトスクリプティング (XSS) 攻撃を実行される脆弱性	CWE-352 同一生成元ポリシー違反	CVE-2007-4893	2012-12-20 18:33	2007-09-8	Show	GitHub Exploit DB Packet Storm

231176	7.5	危険	swsoft	-	Windows 用の SWSoft Plesk における SQL インジェクションの脆弱性	CWE-89 SQLインジェクション	CVE-2007-4892	2012-12-20 18:33	2007-09-14	Show	GitHub Exploit DB Packet Storm

231177	3.5	注意	XWiki	-	XWiki の "You are not allowed ..." のエラーハンドラにおける任意のドキュメントを読み取られる脆弱性	CWE-DesignError	CVE-2007-4888	2012-12-20 18:33	2007-01-11	Show	GitHub Exploit DB Packet Storm

231178	4.3	警告	techexcel inc.	-	TechExcel CustomerWise におけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2007-4882	2012-12-20 18:33	2007-09-13	Show	GitHub Exploit DB Packet Storm

231179	7.5	危険	psi-labs	-	psisns の profile/myprofile.php における SQL インジェクションの脆弱性	CWE-89 SQLインジェクション	CVE-2007-4881	2012-12-20 18:33	2007-09-13	Show	GitHub Exploit DB Packet Storm

231180	5	警告	Simplenews Project	-	SimpNews における任意の .inc ファイルをダウンロードされる脆弱性	CWE-264 認可・権限・アクセス制御	CVE-2007-4873	2012-12-20 18:33	2007-09-27	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:May 29, 2026, 4:16 a.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
200081	8.8	HIGH Network	citrix	sd-wan	Privilege escalation of an authenticated user to root in Citrix SD-WAN center versions before 11.2.2, 11.1.2b and 10.2.8.	CWE-78 OS Command	CVE-2020-8273	2024-11-21 14:38	2020-11-16	Show	GitHub Exploit DB Packet Storm

200082	7.5	HIGH Network	citrix	sd-wan	Authentication Bypass resulting in exposure of SD-WAN functionality in Citrix SD-WAN Center versions before 11.2.2, 11.1.2b and 10.2.8	CWE-287 Improper Authentication	CVE-2020-8272	2024-11-21 14:38	2020-11-16	Show	GitHub Exploit DB Packet Storm

200083	9.8	CRITICAL Network	citrix	sd-wan	Unauthenticated remote code execution with root privileges in Citrix SD-WAN Center versions before 11.2.2, 11.1.2b and 10.2.8	CWE-22 Path Traversal	CVE-2020-8271	2024-11-21 14:38	2020-11-16	Show	GitHub Exploit DB Packet Storm

200084	8.8	HIGH Network	citrix	virtual_apps_and_desktops	An unprivileged Windows user on the VDA or an SMB user can perform arbitrary command execution as SYSTEM in CVAD versions before 2009, 1912 LTSR CU1 hotfixes CTX285871 and CTX285872, 7.15 LTSR CU6 ho…	CWE-78 OS Command	CVE-2020-8270	2024-11-21 14:38	2020-11-16	Show	GitHub Exploit DB Packet Storm

200085	8.8	HIGH Network	citrix	xendesktop xenapp virtual_apps_and_desktops	An unprivileged Windows user on the VDA can perform arbitrary command execution as SYSTEM in CVAD versions before 2009, 1912 LTSR CU1 hotfixes CTX285870 and CTX286120, 7.15 LTSR CU6 hotfix CTX285344 …	CWE-269 Improper Privilege Management	CVE-2020-8269	2024-11-21 14:38	2020-11-16	Show	GitHub Exploit DB Packet Storm

200086	8.1	HIGH Network	nextcloud	nextcloud_server	Insufficient protection of the server-side encryption keys in Nextcloud Server 19.0.1 allowed an attacker to replace the encryption keys.	CWE-522 Insufficiently Protected Credentials	CVE-2020-8259	2024-11-21 14:38	2020-11-16	Show	GitHub Exploit DB Packet Storm

200087	4.4	MEDIUM Local	nextcloud	nextcloud_server	Insufficient protection of the server-side encryption keys in Nextcloud Server 19.0.1 allowed an attacker to replace the public key to decrypt them later on.	CWE-522 Insufficiently Protected Credentials	CVE-2020-8152	2024-11-21 14:38	2020-11-16	Show	GitHub Exploit DB Packet Storm

200088	5.3	MEDIUM Network	oneidentity	password_manager	An issue was discovered in One Identity Password Manager 5.8. An attacker could enumerate valid answers for a user. It is possible for an attacker to detect a valid answer based on the HTTP response …	CWE-203 Information Exposure Through Discrepancy	CVE-2020-7962	2024-11-21 14:38	2020-11-14	Show	GitHub Exploit DB Packet Storm

200089	6.7	MEDIUM Local	lenovo	notebook_firmware	A potential vulnerability in the SMI callback function used in the VariableServiceSmm driver in some Lenovo Notebook models may allow arbitrary code execution.	NVD-CWE-noinfo	CVE-2020-8354	2024-11-21 14:38	2020-11-12	Show	GitHub Exploit DB Packet Storm

200090	6.7	MEDIUM Local	lenovo	thinkcentre_m80t_firmware thinkcentre_m80s_firmware thinkcentre_m90t_firmware thinkcentre_m90s_firmware thinkcentre_m910z_firmware thinkcentre_m920s_firmware thinkcentre_m920t_firmw…	Prior to August 10, 2020, some Lenovo Desktop and Workstation systems were shipped with the Embedded Host Based Configuration (EHBC) feature of Intel AMT enabled. This could allow an administrative u…	NVD-CWE-noinfo	CVE-2020-8353	2024-11-21 14:38	2020-11-12	Show	GitHub Exploit DB Packet Storm

Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed