Vulnerability Search Top

Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

Vulnerability Information Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":June 1, 2026, 6 p.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
231391	7.5	危険	rfactor	-	Image Space rFactor におけるサービス運用妨害 (DoS) の脆弱性	-	CVE-2007-4445	2012-12-20 18:33	2007-08-20	Show	GitHub Exploit DB Packet Storm

231392	7.5	危険	rfactor	-	Image Space rFactor におけるバッファオーバーフローの脆弱性	-	CVE-2007-4444	2012-12-20 18:33	2007-08-20	Show	GitHub Exploit DB Packet Storm

231393	7.5	危険	Pegasus Mail	-	Mercury Mail Transport System の MercuryS SMTP サーバにおけるスタックベースのバッファオーバーフローの脆弱性	CWE-119 バッファエラー	CVE-2007-4440	2012-12-20 18:33	2007-08-20	Show	GitHub Exploit DB Packet Storm

231394	7.5	危険	torrenttrader	-	TorrentTrader における SQL インジェクションの脆弱性	-	CVE-2007-4435	2012-12-20 18:33	2007-08-20	Show	GitHub Exploit DB Packet Storm

231395	4.6	警告	SUSE	-	SUSE Linux 上で稼動する rug プログラム用などの wrapper スクリプトにおける権限を取得される脆弱性	-	CVE-2007-4432	2012-12-20 18:33	2007-08-17	Show	GitHub Exploit DB Packet Storm

231396	5	警告	Skype Technologies S.A.	-	Skype におけるサービス運用妨害 (DoS) の脆弱性	CWE-noinfo 情報不足	CVE-2007-4429	2012-12-20 18:33	2007-08-20	Show	GitHub Exploit DB Packet Storm

231397	4.3	警告	universal ircd	-	ircu における任意の +x ユーザの隠された IP アドレスを特定される脆弱性	-	CVE-2007-4411	2012-12-20 18:33	2007-08-18	Show	GitHub Exploit DB Packet Storm

231398	6	警告	universal ircd	-	ircu における kick または de-op アクションを制限されない脆弱性	-	CVE-2007-4410	2012-12-20 18:33	2007-08-18	Show	GitHub Exploit DB Packet Storm

231399	5.1	警告	universal ircd	-	ircu における新規の Apass を設定される脆弱性	-	CVE-2007-4409	2012-12-20 18:33	2007-08-18	Show	GitHub Exploit DB Packet Storm

231400	5	警告	universal ircd	-	ircu における netjoin 時にチャンネルを乗っ取られる脆弱性	-	CVE-2007-4408	2012-12-20 18:33	2007-08-18	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:June 1, 2026, 4:12 a.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
210501	9.8	CRITICAL Network	ave	dominaplus 53ab-wbs_firmware ts01_firmware ts03x-v_firmware ts04x-v_firmware ts05_firmware ts05n-v_firmware	AVE DOMINAplus <=1.10.x suffers from an authentication bypass vulnerability due to missing control check when directly calling the autologin GET parameter in changeparams.php script. Setting the auto…	CWE-287 Improper Authentication	CVE-2020-21991	2024-11-21 14:12	2021-04-28	Show	GitHub Exploit DB Packet Storm

210502	6.1	MEDIUM Network	homeautomation_project	homeautomation	In HomeAutomation 3.3.2 input passed via the 'redirect' GET parameter in 'api.php' script is not properly verified before being used to redirect users. This can be exploited to redirect a user to an …	CWE-601 Open Redirect	CVE-2020-21998	2024-11-21 14:12	2021-04-28	Show	GitHub Exploit DB Packet Storm

210503	8.8	HIGH Network	homeautomation_project	homeautomation	HomeAutomation 3.3.2 is affected by Cross Site Request Forgery (CSRF). The application interface allows users to perform certain actions via HTTP requests without performing any validity checks to ve…	CWE-352 Origin Validation Error	CVE-2020-21989	2024-11-21 14:12	2021-04-28	Show	GitHub Exploit DB Packet Storm

210504	6.1	MEDIUM Network	homeautomation_project	homeautomation	HomeAutomation 3.3.2 is affected by persistent Cross Site Scripting (XSS). XSS vulnerabilities occur when input passed via several parameters to several scripts is not properly sanitized before being…	CWE-79 Cross-site Scripting	CVE-2020-21987	2024-11-21 14:12	2021-04-28	Show	GitHub Exploit DB Packet Storm

210505	4.8	MEDIUM Network	x2engine	x2crm	Cross Site Scripting (XSS) in X2engine X2CRM v7.1 and older allows remote attackers to obtain sensitive information by injecting arbitrary web script or HTML via the "First Name" and "Last Name" fiel…	CWE-79 Cross-site Scripting	CVE-2020-21088	2024-11-21 14:12	2021-04-14	Show	GitHub Exploit DB Packet Storm

210506	6.1	MEDIUM Network	x2engine	x2crm	Cross Site Scripting (XSS) in X2Engine X2CRM v6.9 and older allows remote attackers to execute arbitrary code by injecting arbitrary web script or HTML via the "New Name" field of the "Rename a Modul…	CWE-79 Cross-site Scripting	CVE-2020-21087	2024-11-21 14:12	2021-04-14	Show	GitHub Exploit DB Packet Storm

210507	8.8	HIGH Network	indionetworks	unibox_u50_firmware unibox_u500_firmware unibox_u1000_firmware unibox_u2500_firmware unibox_u5000_firmware	Unibox SMB 2.4 and UniBox Enterprise Series 2.4 and UniBox Campus Series 2.4 contain a cross-site request forgery (CSRF) vulnerability in /tools/network-trace, /list_users, /list_byod?usertype=raduse…	CWE-352 Origin Validation Error	CVE-2020-21884	2024-11-21 14:12	2021-04-9	Show	GitHub Exploit DB Packet Storm

210508	8.8	HIGH Network	indionetworks	unibox_u50_firmware unibox_u500_firmware unibox_u1000_firmware unibox_u2500_firmware unibox_u5000_firmware	Unibox U-50 2.4 and UniBox Enterprise Series 2.4 and UniBox Campus Series 2.4 contain a OS command injection vulnerability in /tools/ping, which can leads to complete device takeover.	CWE-78 OS Command	CVE-2020-21883	2024-11-21 14:12	2021-04-9	Show	GitHub Exploit DB Packet Storm

210509	4.3	MEDIUM Network	wuzhicms	wuzhicms	Directory traversal in coreframe/app/template/admin/index.php in WUZHI CMS 4.1.0 allows attackers to list files in arbitrary directories via the dir parameter.	CWE-22 Path Traversal	CVE-2020-21590	2024-11-21 14:12	2021-04-3	Show	GitHub Exploit DB Packet Storm

210510	5.5	MEDIUM Local	coreftp	core_ftp	Buffer overflow in Core FTP LE v2.2 allows local attackers to cause a denial or service (crash) via a long string in the Setup->Users->Username editbox.	CWE-120 Classic Buffer Overflow	CVE-2020-21588	2024-11-21 14:12	2021-04-3	Show	GitHub Exploit DB Packet Storm