Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":June 3, 2026, 10 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
231761 6.8 警告 webavis - Webavis の class/class.php における PHP リモートファイルインクルージョンの脆弱性 - CVE-2007-2943 2012-12-20 18:19 2007-05-30 Show GitHub Exploit DB Packet Storm
231762 7.5 危険 troforum - TROforum の admin/admin.php における PHP リモートファイルインクルージョンの脆弱性 - CVE-2007-2937 2012-12-20 18:19 2007-05-30 Show GitHub Exploit DB Packet Storm
231763 10 危険 リアルネットワークス - RealNetworks GameHouse dldisplay ActiveX コントロール におけるバッファオーバーフローの脆弱性 - CVE-2007-2924 2012-12-20 18:19 2007-06-19 Show GitHub Exploit DB Packet Storm
231764 9.3 危険 zoomify - ZActiveX.dll の Zoomify Viewer ActiveX コントロールにおけるスタックベースのバッファーオーバーフローの脆弱性 - CVE-2007-2920 2012-12-20 18:19 2007-06-11 Show GitHub Exploit DB Packet Storm
231765 4.3 警告 rm easymail - RM EasyMail Plus におけるクロスサイトスクリプティングの脆弱性 - CVE-2007-2915 2012-12-20 18:19 2007-05-30 Show GitHub Exploit DB Packet Storm
231766 4.3 警告 psychostats - PsychoStats におけるクロスサイトスクリプティングの脆弱性 - CVE-2007-2914 2012-12-20 18:19 2007-05-30 Show GitHub Exploit DB Packet Storm
231767 4.9 警告 ssl-explorer - SSL-Explorer における JavaScript などを含むリダイレクト URL を入力される脆弱性 CWE-119
バッファエラー 		CVE-2007-2907 2012-12-20 18:19 2007-05-30 Show GitHub Exploit DB Packet Storm
231768 5 警告 サン・マイクロシステムズ - Java Embedding プラグインにおけるサービス運用妨害 (DoS) の脆弱性 - CVE-2007-2906 2012-12-20 18:19 2007-05-30 Show GitHub Exploit DB Packet Storm
231769 4.3 警告 サン・マイクロシステムズ - Sun Java System Messaging Server におけるクロスサイトスクリプティングの脆弱性 - CVE-2007-2904 2012-12-20 18:19 2007-05-23 Show GitHub Exploit DB Packet Storm
231770 6.8 警告 scallywag.org - Scallywag における PHP リモートファイルインクルージョンの脆弱性 CWE-94
コード・インジェクション 		CVE-2007-2900 2012-12-20 18:19 2007-05-30 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:June 3, 2026, 4:18 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
211061 7.8 HIGH
Local 		pdfresurrect_project
debian
fedoraproject 		pdfresurrect
debian_linux
fedora 		PDFResurrect before 0.20 lack of header validation checks causes heap-buffer-overflow in pdf_get_version(). CWE-787
 Out-of-bounds Write 		CVE-2020-20740 2024-11-21 14:12 2020-11-21 Show GitHub Exploit DB Packet Storm
211062 5.3 MEDIUM
Network 		libvips
debian
fedoraproject 		libvips
debian_linux
fedora 		im_vips2dz in /libvips/libvips/deprecated/im_vips2dz.c in libvips before 8.8.2 has an uninitialized variable which may cause the leakage of remote server path or stack address. CWE-909
 Missing Initialization of Resource 		CVE-2020-20739 2024-11-21 14:12 2020-11-21 Show GitHub Exploit DB Packet Storm
211063 7.2 HIGH
Network 		fastadmin fastadmin In fastadmin V1.0.0.20191212_beta, when a user with administrator rights has logged in, a malicious parameter can be passed for SQL injection in URL /admin/ajax/weigh. CWE-89
SQL Injection 		CVE-2020-21665 2024-11-21 14:12 2020-11-18 Show GitHub Exploit DB Packet Storm
211064 7.2 HIGH
Network 		fastadmin-tp6_project fastadmin-tp6 In fastadmin-tp6 v1.0, in the file app/admin/controller/Ajax.php the 'table' parameter passed is not filtered so a malicious parameter can be passed for SQL injection. CWE-89
SQL Injection 		CVE-2020-21667 2024-11-21 14:12 2020-11-14 Show GitHub Exploit DB Packet Storm
211065 6.1 MEDIUM
Network 		broadleafcommerce broadleaf_commerce Broadleaf Commerce 5.1.14-GA is affected by cross-site scripting (XSS) due to a slow HTTP post vulnerability. CWE-79
Cross-site Scripting 		CVE-2020-21266 2024-11-21 14:12 2020-10-29 Show GitHub Exploit DB Packet Storm
211066 6.5 MEDIUM
Network 		libarchive libarchive Heap-based buffer overflow in archive_string_append_from_wcs() (archive_string.c) in libarchive-3.4.1dev allows remote attackers to cause a denial of service (out-of-bounds write in heap memory resul… CWE-787
 Out-of-bounds Write 		CVE-2020-21674 2024-11-21 14:12 2020-10-16 Show GitHub Exploit DB Packet Storm
211067 8.8 HIGH
Network 		pluck-cms pluck An issue was discovered in Pluck CMS 4.7.10-dev2 and 4.7.11. There is a file upload vulnerability that can cause a remote command execution via admin.php?action=files. CWE-434
 Unrestricted Upload of File with Dangerous Type  		CVE-2020-21564 2024-11-21 14:12 2020-10-1 Show GitHub Exploit DB Packet Storm
211068 7.7 HIGH
Network 		halo halo There is an Arbitrary file deletion vulnerability in halo v1.1.3. A backup function in the background allows a user, when deleting their backup files, to delete any files on the system through direct… CWE-22
Path Traversal 		CVE-2020-21527 2024-11-21 14:12 2020-10-1 Show GitHub Exploit DB Packet Storm
211069 9.8 CRITICAL
Network 		halo halo An Arbitrary file writing vulnerability in halo v1.1.3. In an interface to write files in the background, a directory traversal check is performed on the input path parameter, but the startsWith func… CWE-22
Path Traversal 		CVE-2020-21526 2024-11-21 14:12 2020-10-1 Show GitHub Exploit DB Packet Storm
211070 7.5 HIGH
Network 		halo halo Halo V1.1.3 is affected by: Arbitrary File reading. In an interface that reads files in halo v1.1.3, a directory traversal check is performed on the input path parameter, but the startsWith function … CWE-22
Path Traversal 		CVE-2020-21525 2024-11-21 14:12 2020-10-1 Show GitHub Exploit DB Packet Storm