Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":May 23, 2026, 10 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
231281 3.5 注意 plain black - Plain Black WebGUI の lib/WebGUI/Asset/Wobject/DataForm.pm における重要な情報を取得される脆弱性 - CVE-2007-2746 2012-12-20 18:19 2007-05-17 Show GitHub Exploit DB Packet Storm
231282 4.3 警告 vdesk - vDesk Webmail の printcal.pl におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2007-2745 2012-12-20 18:19 2007-05-17 Show GitHub Exploit DB Packet Storm
231283 7.5 危険 precisionid barcode - PrecisionID_Barcode.dll の PrecisionID Barcode ActiveX コントロールにおけるスタックベースのバッファオーバーフローの脆弱性 - CVE-2007-2744 2012-12-20 18:19 2007-05-17 Show GitHub Exploit DB Packet Storm
231284 6.8 警告 xajax-project - xajax における脆弱性 - CVE-2007-2740 2012-12-20 18:19 2007-05-17 Show GitHub Exploit DB Packet Storm
231285 4.3 警告 xajax-project - xajax におけるクロスサイトスクリプティングの脆弱性 - CVE-2007-2739 2012-12-20 18:19 2007-05-17 Show GitHub Exploit DB Packet Storm
231286 7.5 危険 XOOPS - XOOPS 用の Glossaire モジュールにおける SQL インジェクションの脆弱性 - CVE-2007-2738 2012-12-20 18:19 2007-05-17 Show GitHub Exploit DB Packet Storm
231287 7.5 危険 XOOPS - Xoops 用の MyConference モジュールにおける SQL インジェクションの脆弱性 - CVE-2007-2737 2012-12-20 18:19 2007-05-17 Show GitHub Exploit DB Packet Storm
231288 7.5 危険 touteresa - Xoops 用の ResManager モジュールにおける SQL インジェクションの脆弱性 - CVE-2007-2735 2012-12-20 18:19 2007-05-17 Show GitHub Exploit DB Packet Storm
231289 10 危険 snaps gallery - Snaps! Gallery の Admin/users.php における任意のユーザ名を変更される脆弱性 - CVE-2007-2715 2012-12-20 18:19 2007-05-16 Show GitHub Exploit DB Packet Storm
231290 10 危険 tinyirc - TinyIdentD におけるスタックベースのバッファオーバーフローの脆弱性 - CVE-2007-2711 2012-12-20 18:19 2007-05-16 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:May 23, 2026, 4:08 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
211231 5.3 MEDIUM
Network 		node-fetch_project node-fetch node-fetch before versions 2.6.1 and 3.0.0-beta.9 did not honor the size option after following a redirect, which means that when a content size was over the limit, a FetchError would never get throw… CWE-770
 Allocation of Resources Without Limits or Throttling 		CVE-2020-15168 2024-11-21 14:04 2020-09-11 Show GitHub Exploit DB Packet Storm
211232 8.2 HIGH
Network 		linuxfoundation the_update_framework Python TUF (The Update Framework) reference implementation before version 0.12 it will incorrectly trust a previously downloaded root metadata file which failed verification at download time. This al… CWE-345
 Insufficient Verification of Data Authenticity 		CVE-2020-15163 2024-11-21 14:04 2020-09-10 Show GitHub Exploit DB Packet Storm
211233 8.6 HIGH
Local 		johnkerl miller In Miller (command line utility) using the configuration file support introduced in version 5.9.0, it is possible for an attacker to cause Miller to run arbitrary code by placing a malicious `.mlrrc`… CWE-427
 Uncontrolled Search Path Element 		CVE-2020-15167 2024-11-21 14:04 2020-09-3 Show GitHub Exploit DB Packet Storm
211234 8.8 HIGH
Network 		sensiolabs
fedoraproject 		httpclient
symfony
fedora 		In Symfony before versions 4.4.13 and 5.1.5, the CachingHttpClient class from the HttpClient Symfony component relies on the HttpCache class to handle requests. HttpCache uses internal headers like X… - CVE-2020-15094 2024-11-21 14:04 2020-09-3 Show GitHub Exploit DB Packet Storm
211235 9.8 CRITICAL
Network 		duffel paginator There is a vulnerability in Paginator (Elixir/Hex package) which makes it susceptible to Remote Code Execution (RCE) attacks via input parameters to the paginate() function. This will potentially aff… - CVE-2020-15150 2024-11-21 14:04 2020-09-2 Show GitHub Exploit DB Packet Storm
211236 5.4 MEDIUM
Network 		elementor website_builder An issue was discovered in the Elementor plugin through 2.9.13 for WordPress. An authenticated attacker can achieve stored XSS via the Name Your Template field. CWE-79
Cross-site Scripting 		CVE-2020-15020 2024-11-21 14:04 2020-08-31 Show GitHub Exploit DB Packet Storm
211237 7.6 HIGH
Network 		basercms basercms baserCMS 4.3.6 and earlier is affected by Cross Site Scripting (XSS) and Remote Code Execution (RCE). This may be executed by logging in as a system administrator and uploading an executable script f… - CVE-2020-15159 2024-11-21 14:04 2020-08-29 Show GitHub Exploit DB Packet Storm
211238 7.3 HIGH
Network 		basercms basercms baserCMS 4.3.6 and earlier is affected by Cross Site Scripting (XSS) via arbitrary script execution. Admin access is required to exploit this vulnerability. The affected components is toolbar.php. Th… - CVE-2020-15155 2024-11-21 14:04 2020-08-29 Show GitHub Exploit DB Packet Storm
211239 7.3 HIGH
Network 		basercms basercms baserCMS 4.3.6 and earlier is affected by Cross Site Scripting (XSS) via arbitrary script execution. Admin access is required to exploit this vulnerability. The affected components are: content_field… CWE-79
Cross-site Scripting 		CVE-2020-15154 2024-11-21 14:04 2020-08-29 Show GitHub Exploit DB Packet Storm
211240 9.1 CRITICAL
Network 		chameleon_mini_live_debugger_project chameleon_mini_live_debugger Version 1.1.6-free of Chameleon Mini Live Debugger on Google Play Store may have had it's sources or permissions tampered by a malicious actor. The official maintainer of the package is recommending … - CVE-2020-15165 2024-11-21 14:04 2020-08-29 Show GitHub Exploit DB Packet Storm