Vulnerability Search Top

Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

Vulnerability Information Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":May 27, 2026, 2:01 p.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
231371	10	危険	PhpWiki	-	PhpWiki の lib/WikiUser/LDAP.php における認証を回避される脆弱性	-	CVE-2007-3193	2012-12-20 18:19	2007-06-12	Show	GitHub Exploit DB Packet Storm

231372	6.8	警告	vincent hor	-	Calendarix における SQL インジェクションの脆弱性	-	CVE-2007-3183	2012-12-20 18:19	2007-06-26	Show	GitHub Exploit DB Packet Storm

231373	4.3	警告	vincent hor	-	Calendarix におけるクロスサイトスクリプティングの脆弱性	-	CVE-2007-3182	2012-12-20 18:19	2007-06-26	Show	GitHub Exploit DB Packet Storm

231374	7.5	危険	zindizayn okul web sistemi	-	Zindizayn Okul Web Sistemi における SQL インジェクションの脆弱性	-	CVE-2007-3178	2012-12-20 18:19	2007-06-11	Show	GitHub Exploit DB Packet Storm

231375	7.5	危険	w2b	-	W2B Online Banking における SQL インジェクションの脆弱性	-	CVE-2007-3175	2012-12-20 18:19	2007-06-11	Show	GitHub Exploit DB Packet Storm

231376	4.3	警告	w2b	-	W2B Online Banking の auth.w2b におけるクロスサイトスクリプティングの脆弱性	-	CVE-2007-3174	2012-12-20 18:19	2007-06-11	Show	GitHub Exploit DB Packet Storm

231377	5	警告	uebimiau	-	Uebimiau Webmail の demo/pop3/error.php におけるディレクトリトラバーサルの脆弱性	-	CVE-2007-3172	2012-12-20 18:19	2007-06-11	Show	GitHub Exploit DB Packet Storm

231378	5	警告	uebimiau	-	Uebimiau Webmail における重要な情報を取得される脆弱性	-	CVE-2007-3171	2012-12-20 18:19	2007-06-11	Show	GitHub Exploit DB Packet Storm

231379	4.3	警告	uebimiau	-	Uebimiau Webmail におけるクロスサイトスクリプティングの脆弱性	-	CVE-2007-3170	2012-12-20 18:19	2007-06-11	Show	GitHub Exploit DB Packet Storm

231380	7.6	危険	VIVOTEK Inc.	-	MjpegDecoder.dll の Vivotek Motion Jpeg ActiveX コントロールにおけるスタックベースのバッファオーバーフローの脆弱性	-	CVE-2007-3167	2012-12-20 18:19	2007-06-11	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:May 27, 2026, 4:52 a.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
211191	8.8	HIGH Network	munkireport_project	munkireport	A SQL injection vulnerability in TableQuery.php in MunkiReport before 5.6.3 allows attackers to execute arbitrary SQL commands via the order[0][dir] field on POST requests to /datatables/data.	CWE-89 SQL Injection	CVE-2020-15884	2024-11-21 14:06	2020-07-23	Show	GitHub Exploit DB Packet Storm

211192	6.1	MEDIUM Network	managedinstalls_project	managedinstalls	A Cross-Site Scripting (XSS) vulnerability in the managedinstalls module before 2.6 for MunkiReport allows remote attackers to inject arbitrary web script or HTML via the last two URL parameters (thr…	CWE-79 Cross-site Scripting	CVE-2020-15883	2024-11-21 14:06	2020-07-23	Show	GitHub Exploit DB Packet Storm

211193	8.1	HIGH Network	munkireport_project	munkireport	A CSRF issue in manager/delete_machine/{id} in MunkiReport before 5.6.3 allows attackers to delete arbitrary machines from the MunkiReport database.	CWE-352 Origin Validation Error	CVE-2020-15882	2024-11-21 14:06	2020-07-23	Show	GitHub Exploit DB Packet Storm

211194	6.1	MEDIUM Network	munki_facts_project	munki_facts	A Cross-Site Scripting (XSS) vulnerability in the munki_facts (aka Munki Conditions) module before 1.5 for MunkiReport allows remote attackers to inject arbitrary web script or HTML via the key name.	CWE-79 Cross-site Scripting	CVE-2020-15881	2024-11-21 14:06	2020-07-23	Show	GitHub Exploit DB Packet Storm

211195	8.8	HIGH Network	embedthis	goahead	The HTTP Digest Authentication in the GoAhead web server before 5.1.2 does not completely protect against replay attacks. This allows an unauthenticated remote attacker to bypass authentication via c…	CWE-294 Authentication Bypass by Capture-replay	CVE-2020-15688	2024-11-21 14:06	2020-07-23	Show	GitHub Exploit DB Packet Storm

211196	7.5	HIGH Network	cauldrondevelopment	c\!	tar/TarFileReader.cpp in Cauldron cbang (aka C-Bang or C!) before 1.6.0 allows Directory Traversal during extraction from a TAR archive.	CWE-22 Path Traversal	CVE-2020-15908	2024-11-21 14:06	2020-07-23	Show	GitHub Exploit DB Packet Storm

211197	7.8	HIGH Local	pypi	bsdiff4	A buffer overflow in the patching routine of bsdiff4 before 1.2.0 allows an attacker to write to heap memory (beyond allocated bounds) via a crafted patch file.	CWE-787 Out-of-bounds Write	CVE-2020-15904	2024-11-21 14:06	2020-07-23	Show	GitHub Exploit DB Packet Storm

211198	6.1	MEDIUM Network	nagios	nagios_xi	Graph Explorer in Nagios XI before 5.7.2 allows XSS via the link url option.	CWE-79 Cross-site Scripting	CVE-2020-15902	2024-11-21 14:06	2020-07-23	Show	GitHub Exploit DB Packet Storm

211199	8.8	HIGH Network	nagios	nagios_xi	In Nagios XI before 5.7.3, ajaxhelper.php allows remote authenticated attackers to execute arbitrary commands via cmdsubsys.	NVD-CWE-noinfo	CVE-2020-15901	2024-11-21 14:06	2020-07-23	Show	GitHub Exploit DB Packet Storm

211200	6.1	MEDIUM Network	dlink	dir-816l_firmware	An XSS issue was discovered on D-Link DIR-816L devices 2.x before 1.10b04Beta02. In the file webinc/js/info.php, no output filtration is applied to the RESULT parameter, before it's printed on the we…	CWE-79 Cross-site Scripting	CVE-2020-15895	2024-11-21 14:06	2020-07-23	Show	GitHub Exploit DB Packet Storm