Vulnerability Search Top

Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

Vulnerability Information Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":May 13, 2026, 6 p.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
245301	5	警告	assetman	-	AssetMan の download_pdf.php におけるディレクトリトラバーサルの脆弱性	-	CVE-2007-1427	2012-06-26 15:46	2007-03-12	Show	GitHub Exploit DB Packet Storm

245302	7.8	危険	astrocam	-	AstroCam の Web インターフェースにおけるサービス運用妨害 (DoS) の脆弱性	CWE-20 不適切な入力確認	CVE-2007-1426	2012-06-26 15:46	2007-03-12	Show	GitHub Exploit DB Packet Storm

245303	7.5	危険	duyuru scripti	-	fystyq Duyuru Scripti の goster.asp における SQL インジェクションの脆弱性	-	CVE-2007-1422	2012-06-26 15:46	2007-03-12	Show	GitHub Exploit DB Packet Storm

245304	10	危険	Coppermine Photo Gallery	-	CPG における PHP リモートファイルインクルージョンの脆弱性	-	CVE-2007-1414	2012-06-26 15:46	2007-03-12	Show	GitHub Exploit DB Packet Storm

245305	7.5	危険	gaziyapboz	-	GaziYapBoz Game Portal の kategori.asp における SQL インジェクションの脆弱性	-	CVE-2007-1410	2012-06-26 15:46	2007-03-10	Show	GitHub Exploit DB Packet Storm

245306	10	危険	edgewall	-	Trac における詳細不明な脆弱性	-	CVE-2007-1406	2012-06-26 15:46	2007-03-10	Show	GitHub Exploit DB Packet Storm

245307	10	危険	fish	-	FiSH の ExtractRnick 関数におけるスタックベースのバッファオーバーフローの脆弱性	-	CVE-2007-1397	2012-06-26 15:46	2007-03-10	Show	GitHub Exploit DB Packet Storm

245308	10	危険	flat chat	-	Flat Chat の startsession.php における PHP リモートファイルインクルージョンの脆弱性	-	CVE-2007-1394	2012-06-26 15:46	2007-03-10	Show	GitHub Exploit DB Packet Storm

245309	10	危険	geo soft	-	Magic CMS の mysave.php における PHP リモートファイルインクルージョンの脆弱性	-	CVE-2007-1393	2012-06-26 15:46	2007-03-10	Show	GitHub Exploit DB Packet Storm

245310	4.3	警告	dynaliens	-	dynaliens におけるクロスサイトスクリプティングの脆弱性	-	CVE-2007-1390	2012-06-26 15:46	2007-03-10	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:May 13, 2026, 5:05 a.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
219801	6.1	MEDIUM Network	snapappointments	bootstrap-select	bootstrap-select before 1.13.6 allows Cross-Site Scripting (XSS). It does not escape title values in OPTION elements. This may allow attackers to execute arbitrary JavaScript in a victim's browser.	CWE-79 Cross-site Scripting	CVE-2019-20921	2024-11-21 13:39	2020-10-1	Show	GitHub Exploit DB Packet Storm

219802	8.1	HIGH Network	handlebarsjs	handlebars	Handlebars before 3.0.8 and 4.x before 4.5.3 is vulnerable to Arbitrary Code Execution. The lookup helper fails to properly validate templates, allowing attackers to submit templates that execute arb…	CWE-94 Code Injection	CVE-2019-20920	2024-11-21 13:39	2020-10-1	Show	GitHub Exploit DB Packet Storm

219803	4.7	MEDIUM Local	perl fedoraproject canonical debian opensuse	dbi fedora ubuntu_linux debian_linux leap	An issue was discovered in the DBI module before 1.643 for Perl. The hv_fetch() documentation requires checking for NULL and the code does that. But, shortly thereafter, it calls SvOK(profile), causi…	CWE-476 NULL Pointer Dereference	CVE-2019-20919	2024-11-21 13:39	2020-09-18	Show	GitHub Exploit DB Packet Storm

219804	6.5	MEDIUM Network	inspircd	inspircd	An issue was discovered in InspIRCd 3 before 3.1.0. The silence module contains a use after free vulnerability. This vulnerability can be used for remote crashing of an InspIRCd server by any user ab…	CWE-416 Use After Free	CVE-2019-20918	2024-11-21 13:39	2020-09-11	Show	GitHub Exploit DB Packet Storm

219805	6.5	MEDIUM Network	inspircd debian	inspircd debian_linux	An issue was discovered in InspIRCd 2 before 2.0.28 and 3 before 3.3.0. The mysql module contains a NULL pointer dereference when built against mariadb-connector-c 3.0.5 or newer. When combined with …	CWE-476 NULL Pointer Dereference	CVE-2019-20917	2024-11-21 13:39	2020-09-11	Show	GitHub Exploit DB Packet Storm

219806	7.5	HIGH Network	pypa opensuse debian oracle	pip leap debian_linux communications_cloud_native_core_policy communications_cloud_native_core_network_function_cloud_native_environment	The pip package before 19.2 for Python allows Directory Traversal when a URL is given in an install command, because a Content-Disposition header can have ../ in a filename, as demonstrated by overwr…	CWE-22 Path Traversal	CVE-2019-20916	2024-11-21 13:39	2020-09-5	Show	GitHub Exploit DB Packet Storm

219807	8.1	HIGH Network	gnu	libredwg	An issue was discovered in GNU LibreDWG through 0.9.3. Crafted input will lead to a heap-based buffer over-read in bit_write_TF in bits.c.	CWE-125 Out-of-bounds Read	CVE-2019-20915	2024-11-21 13:39	2020-07-17	Show	GitHub Exploit DB Packet Storm

219808	9.8	CRITICAL Network	gnu	libredwg	An issue was discovered in GNU LibreDWG through 0.9.3. There is a NULL pointer dereference in the function dwg_encode_common_entity_handle_data in common_entity_handle_data.spec.	CWE-476 NULL Pointer Dereference	CVE-2019-20914	2024-11-21 13:39	2020-07-17	Show	GitHub Exploit DB Packet Storm

219809	8.1	HIGH Network	gnu	libredwg	An issue was discovered in GNU LibreDWG through 0.9.3. Crafted input will lead to a heap-based buffer over-read in dwg_encode_entity in common_entity_data.spec.	CWE-125 Out-of-bounds Read	CVE-2019-20913	2024-11-21 13:39	2020-07-17	Show	GitHub Exploit DB Packet Storm

219810	8.8	HIGH Network	gnu	libredwg	An issue was discovered in GNU LibreDWG through 0.9.3. Crafted input will lead to a stack overflow in bits.c, possibly related to bit_read_TF.	CWE-787 Out-of-bounds Write	CVE-2019-20912	2024-11-21 13:39	2020-07-17	Show	GitHub Exploit DB Packet Storm