Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":May 28, 2026, 6 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
231201 5 警告 Thomson - Thomson ST 2030 SIP 電話機におけるサービス運用妨害 (DoS) の脆弱性 CWE-DesignError
CVE-2007-4753 2012-12-20 18:33 2007-09-7 Show GitHub Exploit DB Packet Storm
231202 6.8 警告 ppstream - PPStream の PowerPlayer.dll ActiveX コントロールにおけるバッファオーバーフローの脆弱性 CWE-119
バッファエラー 		CVE-2007-4748 2012-12-20 18:33 2007-09-6 Show GitHub Exploit DB Packet Storm
231203 9.3 危険 telecom italy - Telecom Italy Alice Messenger の Hp.Revolution.RegistryManager.dll 1 におけるレジストリキーを作成される脆弱性 CWE-264
認可・権限・アクセス制御 		CVE-2007-4740 2012-12-20 18:33 2007-09-6 Show GitHub Exploit DB Packet Storm
231204 7.5 危険 speedtech - SpeedTech PHP Library における PHP リモートファイルインクルージョンの脆弱性 CWE-20
CWE-94
CVE-2007-4738 2012-12-20 18:33 2007-09-6 Show GitHub Exploit DB Packet Storm
231205 7.5 危険 speedtech - STPHPLibrary における PHP リモートファイルインクルージョンの脆弱性 CWE-94
コード・インジェクション 		CVE-2007-4737 2012-12-20 18:33 2007-09-6 Show GitHub Exploit DB Packet Storm
231206 10 危険 トレンドマイクロ - Trend Micro ServerProtect の TMReg.dll におけるスタックベースのバッファオーバーフローの脆弱性 CWE-119
バッファエラー 		CVE-2007-4731 2012-12-20 18:33 2007-09-11 Show GitHub Exploit DB Packet Storm
231207 5 警告 weboddity - Web Oddity におけるディレクトリトラバーサルの脆弱性 CWE-22
パス・トラバーサル 		CVE-2007-4726 2012-12-20 18:33 2007-09-5 Show GitHub Exploit DB Packet Storm
231208 7.5 危険 weblogicnet - Weblogicnet における PHP リモートファイルインクルージョンの脆弱性 CWE-94
コード・インジェクション 		CVE-2007-4715 2012-12-20 18:33 2007-09-5 Show GitHub Exploit DB Packet Storm
231209 7.5 危険 yvora - Yvora の error_view.php における SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2007-4714 2012-12-20 18:33 2007-09-5 Show GitHub Exploit DB Packet Storm
231210 4.3 警告 roi revolution - Urchin の urchin.cgi におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2007-4713 2012-12-20 18:33 2007-09-5 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:May 29, 2026, 4:16 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
200021 7.2 HIGH
Network 		expressionengine expressionengine Unsanitized user input in ExpressionEngine <= 5.4.0 control panel member creation leads to an SQL injection. The user needs member creation/admin control panel access to execute the attack. CWE-89
SQL Injection 		CVE-2020-8242 2024-11-21 14:38 2022-02-19 Show GitHub Exploit DB Packet Storm
200022 7.8 HIGH
Local 		bitdefender total_security
internet_security
antivirus_plus 		A Process Control vulnerability in ProductAgentUI.exe as used in Bitdefender Antivirus Plus allows an attacker to tamper with product settings via a specially crafted DLL file. This issue affects: Bi… NVD-CWE-Other
CVE-2020-8107 2024-11-21 14:38 2022-02-18 Show GitHub Exploit DB Packet Storm
200023 7.8 HIGH
Local 		goabode iota_all-in-one_security_kit_firmware OS Command Injection vulnerability in the wirelessConnect handler of Abode iota All-In-One Security Kit allows an attacker to inject commands and gain root access. This issue affects: Abode iota All-… CWE-78
OS Command  		CVE-2020-8105 2024-11-21 14:38 2021-12-20 Show GitHub Exploit DB Packet Storm
200024 6.1 MEDIUM
Network 		rocket.chat rocket.chat A link preview rendering issue in Rocket.Chat versions before 3.9 could lead to potential XSS attacks. CWE-79
Cross-site Scripting 		CVE-2020-8291 2024-11-21 14:38 2021-10-18 Show GitHub Exploit DB Packet Storm
200025 6.5 MEDIUM
Network 		citrix netscaler_gateway
gateway
application_delivery_controller_firmware 		Citrix ADC and Citrix/NetScaler Gateway before 13.0-82.41, 12.1-62.23, 11.1-65.20 and Citrix ADC 12.1-FIPS before 12.1-55.238 suffer from improper access control allowing SAML authentication hijack t… NVD-CWE-Other
CVE-2020-8300 2024-11-21 14:38 2021-06-16 Show GitHub Exploit DB Packet Storm
200026 6.5 MEDIUM
Adjacent 		citrix netscaler_gateway
gateway
application_delivery_controller_firmware
sd-wan_wanop 		Citrix ADC and Citrix/NetScaler Gateway 13.0 before 13.0-76.29, 12.1-61.18, 11.1-65.20, Citrix ADC 12.1-FIPS before 12.1-55.238, and Citrix SD-WAN WANOP Edition before 11.4.0, 11.3.2, 11.3.1a, 11.2.3… CWE-400
 Uncontrolled Resource Consumption 		CVE-2020-8299 2024-11-21 14:38 2021-06-16 Show GitHub Exploit DB Packet Storm
200027 6.5 MEDIUM
Network 		mongodb mongomirror
database_tools 		Usage of specific command line parameter in MongoDB Tools which was originally intended to just skip hostname checks, may result in MongoDB skipping all certificate validation. This may result in acc… CWE-295
Improper Certificate Validation  		CVE-2020-7924 2024-11-21 14:38 2021-04-13 Show GitHub Exploit DB Packet Storm
200028 5.5 MEDIUM
Local 		lenovo pcmanager A denial of service vulnerability was reported in Lenovo PCManager, prior to version 3.0.200.2042, that could allow configuration files to be written to non-standard locations. CWE-276
Incorrect Default Permissions  		CVE-2020-8357 2024-11-21 14:38 2021-03-10 Show GitHub Exploit DB Packet Storm
200029 4.9 MEDIUM
Network 		lenovo xclarity_orchestrator An internal product security audit of LXCO, prior to version 1.2.2, discovered that optional passwords, if specified, for the Syslog and SMTP forwarders are written to an internal LXCO log file in cl… CWE-319
Cleartext Transmission of Sensitive Information 		CVE-2020-8356 2024-11-21 14:38 2021-03-10 Show GitHub Exploit DB Packet Storm
200030 9.8 CRITICAL
Network 		fs-path_project fs-path fs-path node module before 0.0.25 is vulnerable to command injection by way of user-supplied inputs via the `copy`, `copySync`, `remove`, and `removeSync` methods. CWE-77
Command Injection 		CVE-2020-8298 2024-11-21 14:38 2021-03-5 Show GitHub Exploit DB Packet Storm