Vulnerability Search Top

Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

Vulnerability Information Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":May 23, 2026, noon

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
231241	9.3	危険	zoomify	-	ZActiveX.dll の Zoomify Viewer ActiveX コントロールにおけるスタックベースのバッファーオーバーフローの脆弱性	-	CVE-2007-2920	2012-12-20 18:19	2007-06-11	Show	GitHub Exploit DB Packet Storm

231242	4.3	警告	rm easymail	-	RM EasyMail Plus におけるクロスサイトスクリプティングの脆弱性	-	CVE-2007-2915	2012-12-20 18:19	2007-05-30	Show	GitHub Exploit DB Packet Storm

231243	4.3	警告	psychostats	-	PsychoStats におけるクロスサイトスクリプティングの脆弱性	-	CVE-2007-2914	2012-12-20 18:19	2007-05-30	Show	GitHub Exploit DB Packet Storm

231244	4.9	警告	ssl-explorer	-	SSL-Explorer における JavaScript などを含むリダイレクト URL を入力される脆弱性	CWE-119 バッファエラー	CVE-2007-2907	2012-12-20 18:19	2007-05-30	Show	GitHub Exploit DB Packet Storm

231245	5	警告	サン・マイクロシステムズ	-	Java Embedding プラグインにおけるサービス運用妨害 (DoS) の脆弱性	-	CVE-2007-2906	2012-12-20 18:19	2007-05-30	Show	GitHub Exploit DB Packet Storm

231246	4.3	警告	サン・マイクロシステムズ	-	Sun Java System Messaging Server におけるクロスサイトスクリプティングの脆弱性	-	CVE-2007-2904	2012-12-20 18:19	2007-05-23	Show	GitHub Exploit DB Packet Storm

231247	6.8	警告	scallywag.org	-	Scallywag における PHP リモートファイルインクルージョンの脆弱性	CWE-94 コード・インジェクション	CVE-2007-2900	2012-12-20 18:19	2007-05-30	Show	GitHub Exploit DB Packet Storm

231248	4.3	警告	シマンテック	-	Windows 上で稼動する Symantec ESM マネージャなどにおけるサービス運用妨害 (DoS) の脆弱性	-	CVE-2007-2896	2012-12-20 18:19	2007-05-24	Show	GitHub Exploit DB Packet Storm

231249	10	危険	サン・マイクロシステムズ	-	Sun Java Web Proxy Server の sockd におけるスタックベースのバッファオーバーフローの脆弱性	-	CVE-2007-2881	2012-12-20 18:19	2007-05-25	Show	GitHub Exploit DB Packet Storm

231250	7.8	危険	windy road	-	Vistered Little の skins/common.css.php におけるディレクトリトラバーサルの脆弱性	-	CVE-2007-2934	2012-12-20 18:19	2006-08-29	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:May 23, 2026, 4:08 a.m.

No	CVSS	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
294021	-	akunamachata oscommerce	paypal_express_module oscommerce	The PayPal Express module in osCommerce does not verify that the server hostname matches a domain name in the subject's Common Name (CN) or subjectAltName field of the X.509 certificate, which allows…	CWE-20 Improper Input Validation	CVE-2012-5795	2024-11-21 10:45	2012-11-5	Show	GitHub Exploit DB Packet Storm

294022	-	moneybookers oscommerce	moneybookers oscommerce	The MoneyBookers module in osCommerce does not verify that the server hostname matches a domain name in the subject's Common Name (CN) or subjectAltName field of the X.509 certificate, which allows m…	CWE-20 Improper Input Validation	CVE-2012-5794	2024-11-21 10:45	2012-11-5	Show	GitHub Exploit DB Packet Storm

294023	-	oscommerce harald_ponce_de_leon	oscommerce authorize.net	The Authorize.Net module in osCommerce does not verify that the server hostname matches a domain name in the subject's Common Name (CN) or subjectAltName field of the X.509 certificate, which allows …	CWE-20 Improper Input Validation	CVE-2012-5793	2024-11-21 10:45	2012-11-5	Show	GitHub Exploit DB Packet Storm

294024	-	oscommerce sagepay	oscommerce sage_pay_direct_module	The Sage Pay Direct module in osCommerce does not verify that the server hostname matches a domain name in the subject's Common Name (CN) or subjectAltName field of the X.509 certificate, which allow…	CWE-20 Improper Input Validation	CVE-2012-5792	2024-11-21 10:45	2012-11-5	Show	GitHub Exploit DB Packet Storm

294025	-	paypal	invoicing	PayPal Invoicing does not verify that the server hostname matches a domain name in the subject's Common Name (CN) or subjectAltName field of the X.509 certificate, which allows man-in-the-middle atta…	CWE-20 Improper Input Validation	CVE-2012-5791	2024-11-21 10:45	2012-11-5	Show	GitHub Exploit DB Packet Storm

294026	-	paypal	payments_standard	PayPal Payments Standard PHP Library 20120427 does not verify that the server hostname matches a domain name in the subject's Common Name (CN) or subjectAltName field of the X.509 certificate, which …	CWE-20 Improper Input Validation	CVE-2012-5790	2024-11-21 10:45	2012-11-5	Show	GitHub Exploit DB Packet Storm

294027	-	paypal	payments_standard	PayPal Payments Standard PHP Library before 20120427 does not verify that the server hostname matches a domain name in the subject's Common Name (CN) or subjectAltName field of the X.509 certificate,…	CWE-20 Improper Input Validation	CVE-2012-5789	2024-11-21 10:45	2012-11-5	Show	GitHub Exploit DB Packet Storm

294028	-	paypal	ipn	The PayPal IPN utility does not verify that the server hostname matches a domain name in the subject's Common Name (CN) or subjectAltName field of the X.509 certificate, which allows man-in-the-middl…	CWE-20 Improper Input Validation	CVE-2012-5788	2024-11-21 10:45	2012-11-5	Show	GitHub Exploit DB Packet Storm

294029	-	paypal	merchant_sdk	The PayPal merchant SDK does not verify that the server hostname matches a domain name in the subject's Common Name (CN) or subjectAltName field of the X.509 certificate, which allows man-in-the-midd…	CWE-20 Improper Input Validation	CVE-2012-5787	2024-11-21 10:45	2012-11-5	Show	GitHub Exploit DB Packet Storm

294030	-	apache	cxf	The wsdl_first_https sample code in distribution/src/main/release/samples/wsdl_first_https/src/main/ in Apache CXF before 2.7.0 does not verify that the server hostname matches a domain name in the s…	CWE-20 Improper Input Validation	CVE-2012-5786	2024-11-21 10:45	2012-11-5	Show	GitHub Exploit DB Packet Storm