Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":June 12, 2026, 12:01 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
248591 4.3 警告 Intermesh - Group-Office における重要な情報を取得される脆弱性 - CVE-2007-2720 2012-06-26 15:46 2007-05-16 Show GitHub Exploit DB Packet Storm
248592 6.8 警告 eqdkp - EQdkp におけるクロスサイトスクリプティングの脆弱性 - CVE-2007-2716 2012-06-26 15:46 2007-05-16 Show GitHub Exploit DB Packet Storm
248593 7.5 危険 feindt computerservice - News-Script の newsadmin.php における PHP リモートファイルインクルージョンの脆弱性 - CVE-2007-2708 2012-06-26 15:46 2007-05-16 Show GitHub Exploit DB Packet Storm
248594 7.5 危険 Geeklog - Media Gallery の maint/ftpmedia.php における PHP リモートファイルインクルージョンの脆弱性 - CVE-2007-2706 2012-06-26 15:46 2007-05-16 Show GitHub Exploit DB Packet Storm
248595 7.8 危険 BEAシステムズ - BEA WebLogic Integration の Test View Console におけるディレクトリトラバーサルの脆弱性 - CVE-2007-2705 2012-06-26 15:46 2007-05-15 Show GitHub Exploit DB Packet Storm
248596 3.6 注意 BEAシステムズ - BEA WebLogic Portal GA における特権を有するリソースへアクセスされる脆弱性 - CVE-2007-2703 2012-06-26 15:46 2007-05-15 Show GitHub Exploit DB Packet Storm
248597 3.5 注意 BEAシステムズ - BEA WebLogic Portal GA の GroupSpace アプリケーションにおけるクロスサイトスクリプティングの脆弱性 - CVE-2007-2702 2012-06-26 15:46 2007-05-15 Show GitHub Exploit DB Packet Storm
248598 7.5 危険 アップル
アドビシステムズ		 - Adobe CS3 で使用される Adobe Version Cue CS3 Server のインストーラにおけるファイアウォールルールを回避される脆弱性 - CVE-2007-2682 2012-06-26 15:46 2007-05-16 Show GitHub Exploit DB Packet Storm
248599 7.5 危険 b2evolution - b2evolution の blogs/index.php におけるディレクトリトラバーサルの脆弱性 - CVE-2007-2681 2012-06-26 15:46 2007-05-14 Show GitHub Exploit DB Packet Storm
248600 7.5 危険 censura - Censura の includes/funcs_vendors.php における SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2007-2673 2012-06-26 15:46 2007-05-14 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:June 12, 2026, 4:20 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
210281 8.1 HIGH
Network 		bouncycastle
apache
oracle 		legion-of-the-bouncy-castle-java-crytography-api
karaf
peoplesoft_enterprise_peopletools
webcenter_portal
utilities_framework
banking_extensibility_workbench
banking_virtual_account… 		An issue was discovered in Legion of the Bouncy Castle BC Java 1.65 and 1.66. The OpenBSDBCrypt.checkPassword utility method compared incorrect data when checking the password, allowing incorrect pas… NVD-CWE-Other
CVE-2020-28052 2024-11-21 14:22 2020-12-18 Show GitHub Exploit DB Packet Storm
210282 7.3 HIGH
Network 		datatables datatables.net All versions of package datatables.net are vulnerable to Prototype Pollution due to an incomplete fix for https://snyk.io/vuln/SNYK-JS-DATATABLESNET-598806. CWE-1321
 Improperly Controlled Modification of Object Prototype Attributes ('Prototype Pollution') 		CVE-2020-28458 2024-11-21 14:22 2020-12-16 Show GitHub Exploit DB Packet Storm
210283 7.2 HIGH
Network 		alumni_management_system_project alumni_management_system A Remote Code Execution vulnerability exists in DourceCodester Alumni Management System 1.0. An authenticated attacker can upload arbitrary file in the gallery.php page and executing it on the server… CWE-434
 Unrestricted Upload of File with Dangerous Type  		CVE-2020-28072 2024-11-21 14:22 2020-12-16 Show GitHub Exploit DB Packet Storm
210284 4.8 MEDIUM
Network 		s-cart s-cart This affects the package s-cart/core before 4.4. The search functionality of the admin dashboard in core/src/Admin/Controllers/AdminOrderController.phpindex is vulnerable to XSS. CWE-79
Cross-site Scripting 		CVE-2020-28457 2024-11-21 14:22 2020-12-16 Show GitHub Exploit DB Packet Storm
210285 6.1 MEDIUM
Network 		s-cart s-cart The package s-cart/core before 4.4 are vulnerable to Cross-site Scripting (XSS) via the admin panel. CWE-79
Cross-site Scripting 		CVE-2020-28456 2024-11-21 14:22 2020-12-16 Show GitHub Exploit DB Packet Storm
210286 5.5 MEDIUM
Local 		foxitsoftware foxit_reader
phantompdf 		An issue was discovered in Foxit Reader and PhantomPDF 10.1.0.37527 and earlier. There is a null pointer access/dereference while opening a crafted PDF file, leading the application to crash (denial … CWE-476
 NULL Pointer Dereference 		CVE-2020-28203 2024-11-21 14:22 2020-12-15 Show GitHub Exploit DB Packet Storm
210287 9.8 CRITICAL
Network 		js-data js-data All versions of package js-data are vulnerable to Prototype Pollution via the deepFillIn function. NVD-CWE-Other
CVE-2020-28442 2024-11-21 14:22 2020-12-15 Show GitHub Exploit DB Packet Storm
210288 7.3 HIGH
Network 		siemens sicam_a8000_cp-8000_firmware
sicam_a8000_cp-8021_firmware
sicam_a8000_cp-8022_firmware 		A vulnerability has been identified in SICAM A8000 CP-8000 (All versions < V16), SICAM A8000 CP-8021 (All versions < V16), SICAM A8000 CP-8022 (All versions < V16). A web server misconfiguration of t… CWE-327
 Use of a Broken or Risky Cryptographic Algorithm 		CVE-2020-28396 2024-11-21 14:22 2020-12-15 Show GitHub Exploit DB Packet Storm
210289 9.8 CRITICAL
Network 		corenlp-js-interface_project corenlp-js-interface All versions of package corenlp-js-interface are vulnerable to Command Injection via the main function. CWE-78
OS Command  		CVE-2020-28440 2024-11-21 14:22 2020-12-12 Show GitHub Exploit DB Packet Storm
210290 9.8 CRITICAL
Network 		corenlp-js-prefab_project corenlp-js-prefab This affects all versions of package corenlp-js-prefab. The injection point is located in line 10 in 'index.js.' It depends on a vulnerable package 'corenlp-js-interface.' Vulnerability can be exploi… CWE-78
OS Command  		CVE-2020-28439 2024-11-21 14:22 2020-12-12 Show GitHub Exploit DB Packet Storm