Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":May 27, 2026, 6 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
231391 6.8 警告 w1l3d4 - W1L3D4 WEBmarket の urunbak.asp における SQL インジェクションの脆弱性 - CVE-2007-3133 2012-12-20 18:19 2007-06-8 Show GitHub Exploit DB Packet Storm
231392 5 警告 シマンテック - Symantec Ghost Solution Suite におけるサービス運用妨害 (DoS) の脆弱性 - CVE-2007-3132 2012-12-20 18:19 2007-06-5 Show GitHub Exploit DB Packet Storm
231393 4.3 警告 publicwarehouse - Light Blog の add_comment.php におけるクロスサイトスクリプティングの脆弱性 - CVE-2007-3131 2012-12-20 18:19 2007-06-8 Show GitHub Exploit DB Packet Storm
231394 2.6 注意 Utopia Software - Utopia News Pro の login.php におけるクロスサイトスクリプティングの脆弱性 - CVE-2007-3129 2012-12-20 18:19 2007-06-19 Show GitHub Exploit DB Packet Storm
231395 5 警告 The GIMP Team - Gimp におけるサービス運用妨害 (DoS) の脆弱性 - CVE-2007-3126 2012-12-20 18:19 2007-06-7 Show GitHub Exploit DB Packet Storm
231396 7.5 危険 zapping - Zapping VBI Library の zvbi-ntsc-cc ツールにおけるバッファオーバーフローの脆弱性 - CVE-2007-3121 2012-12-20 18:19 2007-06-7 Show GitHub Exploit DB Packet Storm
231397 6.8 警告 The Cacti Group - Cacti におけるサービス運用妨害 (DoS) の脆弱性 - CVE-2007-3113 2012-12-20 18:19 2007-05-22 Show GitHub Exploit DB Packet Storm
231398 7.8 危険 The Cacti Group - Cacti におけるサービス運用妨害 (DoS) の脆弱性 - CVE-2007-3112 2012-12-20 18:19 2007-05-22 Show GitHub Exploit DB Packet Storm
231399 9 危険 シマンテック - Symantec Client Security および SAV CE などで使用される Symantec Reporting Server における "認証システムを無効にされる" 脆弱性 - CVE-2007-3095 2012-12-20 18:19 2007-06-5 Show GitHub Exploit DB Packet Storm
231400 7.8 危険 rainbowsoft - Z-Blog におけるデータベースをダウンロードされる脆弱性 - CVE-2007-3083 2012-12-20 18:19 2007-06-6 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:May 27, 2026, 4:52 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
199111 7.5 HIGH
Network 		citrix application_delivery_controller_firmware
netscaler_gateway_firmware 		Improper input validation in Citrix ADC and Citrix Gateway versions before 11.1-63.9 and 12.0-62.10 allows unauthenticated users to perform a denial of service attack. CWE-20
 Improper Input Validation  		CVE-2020-8187 2024-11-21 14:38 2020-07-11 Show GitHub Exploit DB Packet Storm
199112 9.8 CRITICAL
Network 		devcert_project devcert A command injection vulnerability in the `devcert` module may lead to remote code execution when users of the module pass untrusted input to the `certificateFor` function. CWE-78
OS Command  		CVE-2020-8186 2024-11-21 14:38 2020-07-11 Show GitHub Exploit DB Packet Storm
199113 4.3 MEDIUM
Network 		nextcloud contacts A missing file type check in Nextcloud Contacts 3.2.0 allowed a malicious user to upload any file as avatars. CWE-434
 Unrestricted Upload of File with Dangerous Type  		CVE-2020-8181 2024-11-21 14:38 2020-07-11 Show GitHub Exploit DB Packet Storm
199114 9.8 CRITICAL
Network 		phpzag phpzag SQL injection with start and length parameters in Records.php for phpzag live add edit delete data tables records with ajax php mysql CWE-89
SQL Injection 		CVE-2020-8521 2024-11-21 14:38 2020-07-8 Show GitHub Exploit DB Packet Storm
199115 9.8 CRITICAL
Network 		phpzag phpzag SQL injection in order and column parameters in Records.php for phpzag live add edit delete data tables records with ajax php mysql CWE-89
SQL Injection 		CVE-2020-8520 2024-11-21 14:38 2020-07-8 Show GitHub Exploit DB Packet Storm
199116 9.8 CRITICAL
Network 		phpzag phpzag SQL injection with the search parameter in Records.php for phpzag live add edit delete data tables records with ajax php mysql CWE-89
SQL Injection 		CVE-2020-8519 2024-11-21 14:38 2020-07-8 Show GitHub Exploit DB Packet Storm
199117 8.8 HIGH
Network 		ui unifi_protect_firmware We have recently released new version of UniFi Protect firmware v1.13.3 and v1.14.10 for Unifi Cloud Key Gen2 Plus and UniFi Dream Machine Pro/UNVR respectively that fixes vulnerabilities found on Pr… CWE-78
OS Command  		CVE-2020-8188 2024-11-21 14:38 2020-07-3 Show GitHub Exploit DB Packet Storm
199118 6.5 MEDIUM
Network 		rubyonrails
fedoraproject 		rails
fedora 		A denial of service vulnerability exists in Rails <6.0.3.2 that allowed an untrusted user to run any pending migrations on a Rails app running in production. CWE-400
 Uncontrolled Resource Consumption 		CVE-2020-8185 2024-11-21 14:38 2020-07-3 Show GitHub Exploit DB Packet Storm
199119 4.1 MEDIUM
Network 		nextcloud deck Improper access control in Nextcloud Deck 1.0.0 allowed an attacker to inject tasks into other users decks. CWE-269
 Improper Privilege Management 		CVE-2020-8179 2024-11-21 14:38 2020-07-3 Show GitHub Exploit DB Packet Storm
199120 6.1 MEDIUM
Network 		shopify koa-shopify-auth A cross-site scripting vulnerability exists in koa-shopify-auth v3.1.61-v3.1.62 that allows an attacker to inject JS payloads into the `shop` parameter on the `/shopify/auth/enable_cookies` endpoint. CWE-79
Cross-site Scripting 		CVE-2020-8176 2024-11-21 14:38 2020-07-3 Show GitHub Exploit DB Packet Storm