Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":May 24, 2026, 6 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
231461 10 危険 stephen craton - Stephen Craton Chatness の admin/options.php における classes/vars.php などの設定ファイルを読まれる脆弱性 - CVE-2007-2147 2012-12-20 18:19 2007-04-19 Show GitHub Exploit DB Packet Storm
231462 7.5 危険 shoutpro - ShoutPro の shoutbox.php における shouts.php へ任意の PHP コードを挿入される脆弱性 - CVE-2007-2141 2012-12-20 18:19 2007-04-19 Show GitHub Exploit DB Packet Storm
231463 7.5 危険 rha7 downloads - XOOPS 用の rha7downloads モジュールにおける SQL インジェクションの脆弱性 - CVE-2007-2107 2012-12-20 18:19 2007-04-18 Show GitHub Exploit DB Packet Storm
231464 6.8 警告 wabbit - Wabbit PHP Gallery の showpic.php におけるクロスサイトスクリプティングの脆弱性 - CVE-2007-2098 2012-12-20 18:19 2007-04-18 Show GitHub Exploit DB Packet Storm
231465 7.5 危険 tsdisplay4xoops - TSD4XOOPS の blocks/tsdisplay4xoops_block2.php における PHP リモートファイルインクルージョンの脆弱性 CWE-94
コード・インジェクション 		CVE-2007-2091 2012-12-20 18:19 2007-04-18 Show GitHub Exploit DB Packet Storm
231466 6.8 警告 tumusika evolution - TuMusika Evolution の index.php におけるクロスサイトスクリプティングの脆弱性 - CVE-2007-2090 2012-12-20 18:19 2007-04-18 Show GitHub Exploit DB Packet Storm
231467 7.5 危険 pl-php - pL-PHP の admin.php における認証を回避される脆弱性 - CVE-2007-2007 2012-12-20 18:19 2007-04-12 Show GitHub Exploit DB Packet Storm
231468 7.5 危険 pl-php - pL-PHP の login.php における SQL インジェクションの脆弱性 - CVE-2007-2006 2012-12-20 18:19 2007-04-12 Show GitHub Exploit DB Packet Storm
231469 7.5 危険 raphael limbach - Crea-Book の admin/admin.php における SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2007-2000 2012-12-20 18:19 2007-04-12 Show GitHub Exploit DB Packet Storm
231470 4.3 警告 Youngzsoft - CmailServer WebMail の mail/signup.asp におけるクロスサイトスクリプティングの脆弱性 - CVE-2007-1991 2012-12-20 18:19 2007-04-12 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:May 25, 2026, 4:01 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
211421 8.1 HIGH
Network 		bt_ctroms_terminal_project bt_ctroms_terminal An issue was discovered in BT CTROMS Terminal OS Port Portal CT-464. Account takeover can occur because the password-reset feature discloses the verification token. Upon a getverificationcode.jsp req… CWE-319
CWE-522
Cleartext Transmission of Sensitive Information
 Insufficiently Protected Credentials 		CVE-2020-14930 2024-11-21 14:04 2020-06-20 Show GitHub Exploit DB Packet Storm
211422 7.5 HIGH
Network 		alpine_project
fedoraproject
debian 		alpine
fedora
debian_linux 		Alpine before 2.23 silently proceeds to use an insecure connection after a /tls is sent in certain circumstances involving PREAUTH, which is a less secure behavior than the alternative of closing the… NVD-CWE-Other
CVE-2020-14929 2024-11-21 14:04 2020-06-20 Show GitHub Exploit DB Packet Storm
211423 4.8 MEDIUM
Network 		naviwebs navigate_cms Navigate CMS 2.9 allows XSS via the Alias or Real URL field of the "Web Sites > Create > Aliases > Add" screen. CWE-79
Cross-site Scripting 		CVE-2020-14927 2024-11-21 14:04 2020-06-20 Show GitHub Exploit DB Packet Storm
211424 5.4 MEDIUM
Network 		cmsmadesimple cms_made_simple CMS Made Simple 2.2.14 allows XSS via a Search Term to the admin/moduleinterface.php?mact=ModuleManager page. CWE-79
Cross-site Scripting 		CVE-2020-14926 2024-11-21 14:04 2020-06-20 Show GitHub Exploit DB Packet Storm
211425 3.2 LOW
Local 		qemu
fedoraproject
redhat 		qemu
fedora
extra_packages_for_enterprise_linux
enterprise_linux
openstack_platform 		An infinite loop flaw was found in the USB xHCI controller emulation of QEMU while computing the length of the Transfer Request Block (TRB) Ring. This flaw allows a privileged guest user to hang the … CWE-835
 Loop with Unreachable Exit Condition ('Infinite Loop') 		CVE-2020-14394 2024-11-21 14:03 2022-08-18 Show GitHub Exploit DB Packet Storm
211426 5.6 MEDIUM
Local 		redhat jboss_a-mq A flaw was found in Red Hat AMQ Broker in a way that a XEE attack can be done via Broker's configuration files, leading to denial of service and information disclosure. CWE-611
XXE 		CVE-2020-14379 2024-11-21 14:03 2022-08-17 Show GitHub Exploit DB Packet Storm
211427 7.5 HIGH
Network 		moodle moodle In Moodle before 3.9.1, 3.8.4, 3.7.7 and 3.5.13, yui_combo needed to limit the amount of files it can load to help mitigate the risk of denial of service. CWE-770
 Allocation of Resources Without Limits or Throttling 		CVE-2020-14322 2024-11-21 14:03 2022-08-17 Show GitHub Exploit DB Packet Storm
211428 8.8 HIGH
Network 		moodle moodle In Moodle before 3.9.1, 3.8.4, 3.7.7 and 3.5.13, teachers of a course were able to assign themselves the manager role within that course. CWE-863
 Incorrect Authorization 		CVE-2020-14321 2024-11-21 14:03 2022-08-17 Show GitHub Exploit DB Packet Storm
211429 6.1 MEDIUM
Network 		moodle moodle In Moodle before 3.9.1, 3.8.4 and 3.7.7, the filter in the admin task log required extra sanitizing to prevent a reflected XSS risk. CWE-79
Cross-site Scripting 		CVE-2020-14320 2024-11-21 14:03 2022-08-17 Show GitHub Exploit DB Packet Storm
211430 9.8 CRITICAL
Network 		mitsubishielectric m_commdtm-hart
gx_works3
gx_works2
gx_logviewer
gt_softgot2000
gt_softgot1000
gt_designer3
fr_configurator2
ezsocket
data_transfer
cw_configurator
cpu_module_logging_… 		Successful exploitation of this vulnerability for multiple Mitsubishi Electric Factory Automation Engineering Software Products of various versions could allow an attacker to escalate privilege and e… NVD-CWE-noinfo
CVE-2020-14496 2024-11-21 14:03 2022-05-20 Show GitHub Exploit DB Packet Storm