Vulnerability Search Top

Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

Vulnerability Information Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":June 7, 2026, 6 p.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
231821	6.8	警告	skulltag team	-	Huffman 解凍アルゴリズムにおけるヒープベースのバッファオーバーフローの脆弱性	-	CVE-2007-4537	2012-12-20 18:33	2007-08-27	Show	GitHub Exploit DB Packet Storm

231822	4.6	警告	torrenttrader	-	TorrentTrader における任意の PHP コードを実行される脆弱性	-	CVE-2007-4536	2012-12-20 18:33	2007-08-24	Show	GitHub Exploit DB Packet Storm

231823	4.3	警告	vavoom	-	Vavoom の str.cpp におけるサービス運用妨害 (DoS) の脆弱性	-	CVE-2007-4535	2012-12-20 18:33	2007-08-24	Show	GitHub Exploit DB Packet Storm

231824	7.5	危険	vavoom	-	Vavoom の p_thinker.cpp におけるバッファオーバーフローの脆弱性	-	CVE-2007-4534	2012-12-20 18:33	2007-08-24	Show	GitHub Exploit DB Packet Storm

231825	6.8	警告	vavoom	-	Vavoom の sv_main.cpp におけるフォーマットストリングの脆弱性	-	CVE-2007-4533	2012-12-20 18:33	2007-08-24	Show	GitHub Exploit DB Packet Storm

231826	4.3	警告	TeamSpeak Systems GmbH	-	TeamSpeak Server におけるクロスサイトスクリプティングの脆弱性	-	CVE-2007-4530	2012-12-20 18:33	2007-08-24	Show	GitHub Exploit DB Packet Storm

231827	8.5	危険	TeamSpeak Systems GmbH	-	TeamSpeak Server の WebAdmin インターフェースにおける登録したユーザに特定の権限を割り当てられる脆弱性	-	CVE-2007-4529	2012-12-20 18:33	2007-08-24	Show	GitHub Exploit DB Packet Storm

231828	7.5	危険	phphq	-	phphq.Net phUploader の phUploader.php における任意のコードをアップロードされる脆弱性	-	CVE-2007-4527	2012-12-20 18:33	2007-08-24	Show	GitHub Exploit DB Packet Storm

231829	7.5	危険	phpress	-	PhPress の adisplay.php における PHP リモートファイルインクルージョンの脆弱性	-	CVE-2007-4524	2012-12-20 18:33	2007-08-24	Show	GitHub Exploit DB Packet Storm

231830	3.5	注意	ripe website manager	-	Ripe Website Manager におけるクロスサイトスクリプティングの脆弱性	-	CVE-2007-4523	2012-12-20 18:33	2007-08-24	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:June 7, 2026, 4:13 a.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
210801	6.1	MEDIUM Network	osticket	osticket	osTicket before 1.14.3 allows XSS via a crafted filename to DraftAjaxAPI::_uploadInlineImage() in include/ajax.draft.php.	CWE-79 Cross-site Scripting	CVE-2020-24917	2024-11-21 14:16	2020-08-31	Show	GitHub Exploit DB Packet Storm

210802	8.8	HIGH Network	kleopatra_project fedoraproject opensuse	kleopatra fedora leap backports_sle	The Kleopatra component before 3.1.12 (and before 20.07.80) for GnuPG allows remote attackers to execute arbitrary code because openpgp4fpr: URLs are supported without safe handling of command-line o…	CWE-116 Improper Encoding or Escaping of Output	CVE-2020-24972	2024-11-21 14:16	2020-08-30	Show	GitHub Exploit DB Packet Storm

210803	5.3	MEDIUM Network	premid	premid	managers/socketManager.ts in PreMiD through 2.1.3 has a locally hosted socketio web server (port 3020) open to all origins, which allows attackers to obtain sensitive Discord user information.	CWE-862 Missing Authorization	CVE-2020-24928	2024-11-21 14:16	2020-08-30	Show	GitHub Exploit DB Packet Storm

210804	6.5	MEDIUM Network	stiltsoft	table_filter_and_charts_for_confluence_server	The Table Filter and Charts for Confluence Server app before 5.3.26 (for Atlassian Confluence) allows SSRF via the "Table from CSV" macro (URL parameter).	CWE-918 Server-Side Request Forgery (SSRF)	CVE-2020-24898	2024-11-21 14:16	2020-08-30	Show	GitHub Exploit DB Packet Storm

210805	8.9	HIGH Network	stiltsoft	table_filter_and_charts_for_confluence_server	The Table Filter and Charts for Confluence Server app before 5.3.25 (for Atlassian Confluence) allow remote attackers to inject arbitrary HTML or JavaScript via cross site scripting (XSS) through the…	CWE-79 Cross-site Scripting	CVE-2020-24897	2024-11-21 14:16	2020-08-30	Show	GitHub Exploit DB Packet Storm

210806	9.8	CRITICAL Network	mpxj oracle	mpxj primavera_unifier	MPXJ through 8.1.3 allows XXE attacks. This affects the GanttProjectReader and PhoenixReader components.	CWE-611 XXE	CVE-2020-25020	2024-11-21 14:16	2020-08-30	Show	GitHub Exploit DB Packet Storm

210807	7.5	HIGH Network	jitsi	meet_electron	jitsi-meet-electron (aka Jitsi Meet Electron) before 2.3.0 calls the Electron shell.openExternal function without verifying that the URL is for an http or https resource, in some circumstances.	CWE-345 Insufficient Verification of Data Authenticity	CVE-2020-25019	2024-11-21 14:16	2020-08-30	Show	GitHub Exploit DB Packet Storm

210808	9.1	CRITICAL Network	rgb-rust_project	rgb-rust	A safety violation was discovered in the rgb crate before 0.8.20 for Rust, leading to (for example) dereferencing of arbitrary pointers or disclosure of uninitialized memory. This occurs because stru…	CWE-119 CWE-843 Incorrect Access of Indexable Resource ('Range Error') Type Confusion	CVE-2020-25016	2024-11-21 14:16	2020-08-30	Show	GitHub Exploit DB Packet Storm

210809	7.8	HIGH Local	br-automation	automation_studio automation_net\/pvi	Unquoted Search Path or Element vulnerability in B&R Industrial Automation Automation Studio, B&R Industrial Automation NET/PVI allows Target Programs with Elevated Privileges.This issue affects Auto…	-	CVE-2020-24682	2024-11-21 14:15	2024-02-2	Show	GitHub Exploit DB Packet Storm

210810	8.8	HIGH Local	br-automation	automation_studio	Incorrect Permission Assignment for Critical Resource vulnerability in B&R Industrial Automation Automation Studio allows Privilege Escalation.This issue affects Automation Studio: from 4.6.0 through…	-	CVE-2020-24681	2024-11-21 14:15	2024-02-2	Show	GitHub Exploit DB Packet Storm