Vulnerability Search Top

Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

Vulnerability Information Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":May 24, 2026, 6 p.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
248881	4.3	警告	アップル PNG Development Group サン・マイクロシステムズ	-	libpng の pngset.c における一つずれエラーの脆弱性	CWE-189 数値処理の問題	CVE-2007-5266	2012-04-18 18:51	2007-10-18	Show	GitHub Exploit DB Packet Storm

248882	4.3	警告	アップルサイバートラスト株式会社 PNG Development Group サン・マイクロシステムズ VMware レッドハット	-	libpng における初期化されていないメモリ内の情報の一部を読まれる脆弱性	CWE-200 情報漏えい	CVE-2009-2042	2012-04-18 18:50	2009-06-12	Show	GitHub Exploit DB Packet Storm

248883	7.5	危険	アップルサイバートラスト株式会社 PNG Development Group サン・マイクロシステムズレッドハット	-	libpng の PNG ファイル処理における任意のコードを実行される脆弱性	CWE-189 数値処理の問題	CVE-2008-1382	2012-04-18 17:58	2008-04-14	Show	GitHub Exploit DB Packet Storm

248884	5	警告	アップルサイバートラスト株式会社 PNG Development Group サン・マイクロシステムズレッドハット	-	libpng の複数のチャンクハンドラにおけるサービス運用妨害 (DoS) の脆弱性	CWE-20 不適切な入力確認	CVE-2007-5269	2012-04-18 17:57	2007-10-8	Show	GitHub Exploit DB Packet Storm

248885	6.8	警告	ニュートンアップルサイバートラスト株式会社 Mozilla Foundation PNG Development Group サン・マイクロシステムズフェンリル株式会社レッドハット	-	libpng が適切にエレメントポインタを初期化しない脆弱性	CWE-94 コード・インジェクション	CVE-2009-0040	2012-04-18 17:54	2009-03-4	Show	GitHub Exploit DB Packet Storm

248886	4.3	警告	サン・マイクロシステムズ PNG Development Group	-	libpng におけるサービス運用妨害 (DoS) 状態の脆弱性	CWE-399 リソース管理の問題	CVE-2008-3964	2012-04-18 17:52	2008-09-11	Show	GitHub Exploit DB Packet Storm

248887	4.3	警告	フォーティネット Panda Security Doctor Web アラジン	-	複数の製品の ELF ファイルパーサにおけるマルウェア検知を回避される脆弱性	CWE-264 認可・権限・アクセス制御	CVE-2012-1447	2012-04-18 17:38	2012-03-21	Show	GitHub Exploit DB Packet Storm

248888	6.8	警告	Squid-cache.org	-	Gopher の gopherToHTML 関数におけるバッファオーバーフローの脆弱性	CWE-DesignError	CVE-2011-3205	2012-04-18 17:28	2011-08-28	Show	GitHub Exploit DB Packet Storm

248889	7.8	危険	マイクロソフト日本電気	-	Microsoft .NET Framework におけるサービス運用妨害 (CPU 資源の消費) の脆弱性	CWE-399 リソース管理の問題	CVE-2011-3414	2012-04-18 17:07	2011-12-29	Show	GitHub Exploit DB Packet Storm

248890	5	警告	リアルネットワークス	-	RealNetworks Helix Server および Helix Mobile Server におけるサービス運用妨害 (DoS) の脆弱性	CWE-20 不適切な入力確認	CVE-2012-2268	2012-04-18 15:30	2012-04-17	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:May 24, 2026, 4:05 a.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
198841	9.8	CRITICAL Network	spritesheet-js_project	spritesheet-js	This affects all versions of package spritesheet-js. It depends on a vulnerable package platform-command. The injection point is located in line 32 in lib/generator.js, which is triggered by main ent…	CWE-78 OS Command	CVE-2020-7782	2024-11-21 14:37	2021-02-9	Show	GitHub Exploit DB Packet Storm

198842	9.8	CRITICAL Network	freediskspace_project	freediskproject	This affects all versions of package freediskspace. The vulnerability arises out of improper neutralization of arguments in line 71 of freediskspace.js.	CWE-78 OS Command	CVE-2020-7775	2024-11-21 14:37	2021-02-3	Show	GitHub Exploit DB Packet Storm

198843	5.5	MEDIUM Local	mcafee	agent	Missing Authorization vulnerability in McAfee Agent (MA) for Windows prior to 5.7.1 allows local users to block McAfee product updates by manipulating a directory used by MA for temporary files. The …	CWE-862 Missing Authorization	CVE-2020-7343	2024-11-21 14:37	2021-01-18	Show	GitHub Exploit DB Packet Storm

198844	9.8	CRITICAL Network	buns_project	buns	This affects all versions of package buns. The injection point is located in line 678 in index file lib/index.js in the exported function install(requestedModule).	CWE-78 OS Command	CVE-2020-7794	2024-11-21 14:37	2021-01-8	Show	GitHub Exploit DB Packet Storm

198845	9.8	CRITICAL Network	ts-process-promises_project	ts-process-promises	This affects all versions of package ts-process-promises. The injection point is located in line 45 in main entry of package in lib/process-promises.js. The vulnerability is demonstrated with the fol…	CWE-78 OS Command	CVE-2020-7784	2024-11-21 14:37	2021-01-8	Show	GitHub Exploit DB Packet Storm

198846	6.5	MEDIUM Network	mcafee	network_security_management	Cross Site Request Forgery vulnerability in McAfee Network Security Management (NSM) prior to 10.1.7.35 and NSM 9.x prior to 9.2.9.55 may allow an attacker to change the configuration of the Network …	CWE-352 Origin Validation Error	CVE-2020-7336	2024-11-21 14:37	2021-01-6	Show	GitHub Exploit DB Packet Storm

198847	9.8	CRITICAL Network	asciitable.js_project	asciitable.js	The package asciitable.js before 1.0.3 are vulnerable to Prototype Pollution via the main function.	CWE-1321 Improperly Controlled Modification of Object Prototype Attributes ('Prototype Pollution')	CVE-2020-7771	2024-11-21 14:37	2021-01-4	Show	GitHub Exploit DB Packet Storm

198848	9.8	CRITICAL Network	jiransecurity	spamsniper	Spamsniper 5.0 ~ 5.2.7 contain a stack-based buffer overflow vulnerability caused by improper boundary checks when parsing MAIL FROM command. It leads remote attacker to execute arbitrary code via cr…	CWE-787 Out-of-bounds Write	CVE-2020-7845	2024-11-21 14:37	2020-12-27	Show	GitHub Exploit DB Packet Storm

198849	8.8	HIGH Network	onstove	stove	A arbitrary code execution vulnerability exists in the way that the Stove client improperly validates input value. An attacker could execute arbitrary code when the user access to crafted web page. T…	CWE-20 Improper Input Validation	CVE-2020-7838	2024-11-21 14:37	2020-12-18	Show	GitHub Exploit DB Packet Storm

198850	9.8	CRITICAL Network	connection-tester_project	connection-tester	This affects the package connection-tester before 0.2.1. The injection point is located in line 15 in index.js. The following PoC demonstrates the vulnerability:	CWE-78 OS Command	CVE-2020-7781	2024-11-21 14:37	2020-12-17	Show	GitHub Exploit DB Packet Storm