Vulnerability Search Top

Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

Vulnerability Information Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":May 25, 2026, 12:07 p.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
231271	2.3	注意	BlackBerry	-	Research in Motion BlackBerry 7270 におけるフォーマットストリングの脆弱性	-	CVE-2007-3442	2012-12-20 18:19	2007-06-26	Show	GitHub Exploit DB Packet Storm

231272	6.4	警告	snom	-	Snom 320 SIP Phone における任意の電話番号へ発信される脆弱性	-	CVE-2007-3440	2012-12-20 18:19	2007-06-26	Show	GitHub Exploit DB Packet Storm

231273	5	警告	snom	-	Snom 320 SIP Phone における不在着信を読まれる脆弱性	-	CVE-2007-3439	2012-12-20 18:19	2007-06-26	Show	GitHub Exploit DB Packet Storm

231274	9.3	危険	rkd software	-	RKD Software の BarCodeAx.dll におけるスタックベースのバッファオーバーフローの脆弱性	-	CVE-2007-3435	2012-12-20 18:19	2007-06-26	Show	GitHub Exploit DB Packet Storm

231275	7.5	危険	PluXml	-	Pluxml の admin/images.php における任意のコードをアップロードおよび実行される脆弱性	-	CVE-2007-3432	2012-12-20 18:19	2007-06-26	Show	GitHub Exploit DB Packet Storm

231276	6.8	警告	valerio capello	-	Valerio Capello Dagger - The Cutting Edge r23jan2007 の cal.func.php における PHP リモートファイルインクルージョンの脆弱性	-	CVE-2007-3431	2012-12-20 18:19	2007-06-26	Show	GitHub Exploit DB Packet Storm

231277	7.5	危険	Simple Invoices	-	Simple Invoices 2007 の index.php における SQL インジェクションの脆弱性	-	CVE-2007-3430	2012-12-20 18:19	2007-06-26	Show	GitHub Exploit DB Packet Storm

231278	7.5	危険	ZoneO-soft	-	phpTrafficA における脆弱性	-	CVE-2007-3428	2012-12-20 18:19	2007-06-26	Show	GitHub Exploit DB Packet Storm

231279	7.5	危険	ZoneO-soft	-	phpTrafficA の index.php における SQL インジェクションの脆弱性	-	CVE-2007-3427	2012-12-20 18:19	2007-06-26	Show	GitHub Exploit DB Packet Storm

231280	4.3	警告	ZoneO-soft	-	phpTrafficA の index.php におけるクロスサイトスクリプティングの脆弱性	-	CVE-2007-3426	2012-12-20 18:19	2007-06-26	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:May 25, 2026, 4:01 a.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
212131	5.4	MEDIUM Network	themeboy	sportspress	The SportsPress plugin before 2.7.2 for WordPress allows XSS.	CWE-79 Cross-site Scripting	CVE-2020-13892	2024-11-21 14:02	2020-06-10	Show	GitHub Exploit DB Packet Storm

212132	4.8	MEDIUM Network	opencart	opencart	OpenCart 3.0.3.3 allows remote authenticated users to conduct XSS attacks via a crafted filename in the users' image upload section because of a lack of entity encoding. NOTE: this issue exists becau…	CWE-79 Cross-site Scripting	CVE-2020-13980	2024-11-21 14:02	2020-06-9	Show	GitHub Exploit DB Packet Storm

212133	7.2	HIGH Network	monstra	monstra_cms	Monstra CMS 3.0.4 allows an attacker, who already has administrative access to modify .chunk.php files on the Edit Chunk screen, to execute arbitrary OS commands via the Theme Module by visiting the …	CWE-78 OS Command	CVE-2020-13978	2024-11-21 14:02	2020-06-9	Show	GitHub Exploit DB Packet Storm

212134	4.9	MEDIUM Network	nagios fedoraproject	nagios fedora	Nagios 4.4.5 allows an attacker, who already has administrative access to change the "URL for JSON CGIs" configuration setting, to modify the Alert Histogram and Trends code via crafted versions of t…	CWE-829 Inclusion of Functionality from Untrusted Control Sphere	CVE-2020-13977	2024-11-21 14:02	2020-06-9	Show	GitHub Exploit DB Packet Storm

212135	8.8	HIGH Network	dd-wrt	dd-wrt	An issue was discovered in DD-WRT through 16214. The Diagnostic page allows remote attackers to execute arbitrary commands via shell metacharacters in the host field of the ping command. Exploitation…	CWE-78 OS Command	CVE-2020-13976	2024-11-21 14:02	2020-06-9	Show	GitHub Exploit DB Packet Storm

212136	7.8	HIGH Local	linux debian canonical	linux_kernel debian_linux ubuntu_linux	An issue was discovered in the Linux kernel 4.4 through 5.7.1. drivers/tty/vt/keyboard.c has an integer overflow if k_ascii is called several times in a row, aka CID-b86dab054059. NOTE: Members in th…	CWE-190 Integer Overflow or Wraparound	CVE-2020-13974	2024-11-21 14:02	2020-06-9	Show	GitHub Exploit DB Packet Storm

212137	6.1	MEDIUM Network	owasp	json-sanitizer	OWASP json-sanitizer before 1.2.1 allows XSS. An attacker who controls a substring of the input JSON, and controls another substring adjacent to a SCRIPT element in which the output is embedded as Ja…	CWE-79 Cross-site Scripting	CVE-2020-13973	2024-11-21 14:02	2020-06-9	Show	GitHub Exploit DB Packet Storm

212138	6.1	MEDIUM Network	roundcube debian fedoraproject	webmail debian_linux fedora	An issue was discovered in Roundcube Webmail before 1.3.12 and 1.4.x before 1.4.5. There is XSS via a malicious XML attachment because text/xml is among the allowed types for a preview.	CWE-79 Cross-site Scripting	CVE-2020-13965	2024-11-21 14:02	2020-06-9	Show	GitHub Exploit DB Packet Storm

212139	6.1	MEDIUM Network	roundcube fedoraproject debian	webmail fedora debian_linux	An issue was discovered in Roundcube Webmail before 1.3.12 and 1.4.x before 1.4.5. include/rcmail_output_html.php allows XSS via the username template object.	CWE-79 Cross-site Scripting	CVE-2020-13964	2024-11-21 14:02	2020-06-9	Show	GitHub Exploit DB Packet Storm

212140	7.5	HIGH Network	mumble qt fedoraproject opensuse	mumble qt fedora leap	Qt 5.12.2 through 5.14.2, as used in unofficial builds of Mumble 1.3.0 and other products, mishandles OpenSSL's error queue, which can cause a denial of service to QSslSocket users. Because errors le…	NVD-CWE-noinfo	CVE-2020-13962	2024-11-21 14:02	2020-06-9	Show	GitHub Exploit DB Packet Storm