Vulnerability Search Top

Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

Vulnerability Information Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":June 3, 2026, 2:01 p.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
231751	10	危険	Vonage	-	Vonage VoIP Telephone Adapter における管理アクセス権限を取得される脆弱性	-	CVE-2007-3047	2012-12-20 18:19	2007-06-5	Show	GitHub Exploit DB Packet Storm

231752	4.3	警告	シマンテック	-	Symantec Client Security および SAV CE などで使用される Symantec Reporting Server における総当たり攻撃を実行される脆弱性	-	CVE-2007-3022	2012-12-20 18:19	2007-06-5	Show	GitHub Exploit DB Packet Storm

231753	7.5	危険	シマンテック	-	Symantec Client Security および SAV CE などで使用される Symantec Reporting Server における任意の実行可能なファイルを作成される脆弱性	-	CVE-2007-3021	2012-12-20 18:19	2007-06-5	Show	GitHub Exploit DB Packet Storm

231754	9.3	危険	zenturi	-	Zenturi ProgramChecker の sasatl.dll におけるバッファオーバーフローの脆弱性	CWE-119 バッファエラー	CVE-2007-2987	2012-12-20 18:19	2007-06-1	Show	GitHub Exploit DB Packet Storm

231755	7.8	危険	techno dreams	-	Techno Dreams Web Directory / Search Engine におけるデータベースをダウンロードされる脆弱性	-	CVE-2007-2979	2012-12-20 18:19	2007-05-31	Show	GitHub Exploit DB Packet Storm

231756	7.5	危険	Wanewsletter	-	WAnewsletter の newsletter.php における PHP リモートファイルインクルージョンの脆弱性	-	CVE-2007-2969	2012-12-20 18:19	2007-05-31	Show	GitHub Exploit DB Packet Storm

231757	7.5	危険	scallywag.org	-	Scallywag におけるディレクトリトラバーサルの脆弱性	-	CVE-2007-2960	2012-12-20 18:19	2007-05-31	Show	GitHub Exploit DB Packet Storm

231758	6.8	警告	sylpheed-claws Sylpheed	-	Sylpheed および Sylpheed-Claws の src/inc.c におけるフォーマットストリングの脆弱性	-	CVE-2007-2958	2012-12-20 18:19	2007-08-27	Show	GitHub Exploit DB Packet Storm

231759	6.8	警告	シマンテック	-	Norton AntiVirus などの製品で使用される NavComUI.dll における任意のコードを実行される脆弱性	-	CVE-2007-2955	2012-12-20 18:19	2007-08-9	Show	GitHub Exploit DB Packet Storm

231760	5	警告	rmforum	-	RMForum におけるデータベースをダウンロードされる脆弱性	-	CVE-2007-2945	2012-12-20 18:19	2007-05-30	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:June 3, 2026, 4:18 a.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
211031	6.1	MEDIUM Network	homeautomation_project	homeautomation	In HomeAutomation 3.3.2 input passed via the 'redirect' GET parameter in 'api.php' script is not properly verified before being used to redirect users. This can be exploited to redirect a user to an …	CWE-601 Open Redirect	CVE-2020-21998	2024-11-21 14:12	2021-04-28	Show	GitHub Exploit DB Packet Storm

211032	8.8	HIGH Network	homeautomation_project	homeautomation	HomeAutomation 3.3.2 is affected by Cross Site Request Forgery (CSRF). The application interface allows users to perform certain actions via HTTP requests without performing any validity checks to ve…	CWE-352 Origin Validation Error	CVE-2020-21989	2024-11-21 14:12	2021-04-28	Show	GitHub Exploit DB Packet Storm

211033	6.1	MEDIUM Network	homeautomation_project	homeautomation	HomeAutomation 3.3.2 is affected by persistent Cross Site Scripting (XSS). XSS vulnerabilities occur when input passed via several parameters to several scripts is not properly sanitized before being…	CWE-79 Cross-site Scripting	CVE-2020-21987	2024-11-21 14:12	2021-04-28	Show	GitHub Exploit DB Packet Storm

211034	4.8	MEDIUM Network	x2engine	x2crm	Cross Site Scripting (XSS) in X2engine X2CRM v7.1 and older allows remote attackers to obtain sensitive information by injecting arbitrary web script or HTML via the "First Name" and "Last Name" fiel…	CWE-79 Cross-site Scripting	CVE-2020-21088	2024-11-21 14:12	2021-04-14	Show	GitHub Exploit DB Packet Storm

211035	6.1	MEDIUM Network	x2engine	x2crm	Cross Site Scripting (XSS) in X2Engine X2CRM v6.9 and older allows remote attackers to execute arbitrary code by injecting arbitrary web script or HTML via the "New Name" field of the "Rename a Modul…	CWE-79 Cross-site Scripting	CVE-2020-21087	2024-11-21 14:12	2021-04-14	Show	GitHub Exploit DB Packet Storm

211036	8.8	HIGH Network	indionetworks	unibox_u50_firmware unibox_u500_firmware unibox_u1000_firmware unibox_u2500_firmware unibox_u5000_firmware	Unibox SMB 2.4 and UniBox Enterprise Series 2.4 and UniBox Campus Series 2.4 contain a cross-site request forgery (CSRF) vulnerability in /tools/network-trace, /list_users, /list_byod?usertype=raduse…	CWE-352 Origin Validation Error	CVE-2020-21884	2024-11-21 14:12	2021-04-9	Show	GitHub Exploit DB Packet Storm

211037	8.8	HIGH Network	indionetworks	unibox_u50_firmware unibox_u500_firmware unibox_u1000_firmware unibox_u2500_firmware unibox_u5000_firmware	Unibox U-50 2.4 and UniBox Enterprise Series 2.4 and UniBox Campus Series 2.4 contain a OS command injection vulnerability in /tools/ping, which can leads to complete device takeover.	CWE-78 OS Command	CVE-2020-21883	2024-11-21 14:12	2021-04-9	Show	GitHub Exploit DB Packet Storm

211038	4.3	MEDIUM Network	wuzhicms	wuzhicms	Directory traversal in coreframe/app/template/admin/index.php in WUZHI CMS 4.1.0 allows attackers to list files in arbitrary directories via the dir parameter.	CWE-22 Path Traversal	CVE-2020-21590	2024-11-21 14:12	2021-04-3	Show	GitHub Exploit DB Packet Storm

211039	5.5	MEDIUM Local	coreftp	core_ftp	Buffer overflow in Core FTP LE v2.2 allows local attackers to cause a denial or service (crash) via a long string in the Setup->Users->Username editbox.	CWE-120 Classic Buffer Overflow	CVE-2020-21588	2024-11-21 14:12	2021-04-3	Show	GitHub Exploit DB Packet Storm

211040	9.8	CRITICAL Network	emlog	emlog	Vulnerability in emlog v6.0.0 allows user to upload webshells via zip plugin module.	CWE-434 Unrestricted Upload of File with Dangerous Type	CVE-2020-21585	2024-11-21 14:12	2021-04-3	Show	GitHub Exploit DB Packet Storm