Vulnerability Search Top

Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

Vulnerability Information Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":May 7, 2026, 10 a.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
226071	4.3	警告	xt:Commerce	-	xt:Commerce の advanced_search_result.php におけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2008-6044	2012-12-20 19:10	2009-02-3	Show	GitHub Exploit DB Packet Storm

226072	7.5	危険	phpprobid	-	PPB における SQL インジェクションの脆弱性	CWE-89 SQLインジェクション	CVE-2008-6043	2012-12-20 19:10	2009-02-3	Show	GitHub Exploit DB Packet Storm

226073	7.5	危険	wsnlinks	-	WSN Links の comments.php における SQL インジェクションの脆弱性	CWE-89 SQLインジェクション	CVE-2008-6033	2012-12-20 19:10	2009-02-3	Show	GitHub Exploit DB Packet Storm

226074	7.5	危険	wsnlinks	-	WSN Links Free の comments.php における SQL インジェクションの脆弱性	CWE-89 SQLインジェクション	CVE-2008-6032	2012-12-20 19:10	2009-02-3	Show	GitHub Exploit DB Packet Storm

226075	7.5	危険	wsnlinks	-	WSN Links の vote.php における SQL インジェクションの脆弱性	CWE-89 SQLインジェクション	CVE-2008-6031	2012-12-20 19:10	2009-02-3	Show	GitHub Exploit DB Packet Storm

226076	7.5	危険	university of queensland	-	University of Queensland Library Fez の list.php における SQL インジェクションの脆弱性	CWE-89 SQLインジェクション	CVE-2008-6028	2012-12-20 19:10	2009-02-3	Show	GitHub Exploit DB Packet Storm

226077	7.5	危険	xnova	-	Xnova の includes/todofleetcontrol.php における PHP リモートファイルインクルージョンの脆弱性	CWE-94 コード・インジェクション	CVE-2008-6023	2012-12-20 19:10	2009-02-2	Show	GitHub Exploit DB Packet Storm

226078	7.5	危険	xnova	-	Xnova の includes/todofleetcontrol.php における PHP リモートファイルインクルージョンの脆弱性	CWE-94 コード・インジェクション	CVE-2008-6022	2012-12-20 19:10	2009-02-2	Show	GitHub Exploit DB Packet Storm

226079	7.5	危険	rianxosencabos cms	-	Rianxosencabos CMS の scripts/links.php における SQL インジェクションの脆弱性	CWE-89 SQLインジェクション	CVE-2008-6014	2012-12-20 19:10	2009-01-30	Show	GitHub Exploit DB Packet Storm

226080	7.5	危険	sg real estate portal	-	SG Real Estate Portal の index.php における SQL インジェクションの脆弱性	CWE-89 SQLインジェクション	CVE-2008-6011	2012-12-20 19:10	2009-01-30	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:May 7, 2026, 4:22 a.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
198361	9.8	CRITICAL Network	qualcomm	apq8009_firmware apq8017_firmware apq8053_firmware apq8096au_firmware apq8098_firmware mdm9206_firmware mdm9207c_firmware mdm9607_firmware msm8905_firmware msm8909w_firmwar…	Possible null-pointer dereference can occur while parsing mp4 clip with corrupted sample table atoms in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdrag…	CWE-476 CWE-129 NULL Pointer Dereference Improper Validation of Array Index	CVE-2020-3660	2024-11-21 14:31	2020-06-22	Show	GitHub Exploit DB Packet Storm

198362	9.1	CRITICAL Network	qualcomm	apq8009_firmware apq8017_firmware apq8053_firmware apq8096au_firmware apq8098_firmware kamorta_firmware mdm9206_firmware mdm9207c_firmware mdm9607_firmware msm8905_firmware…	Possible null-pointer dereference can occur while parsing mp4 clip with corrupted sample table atoms in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdrag…	CWE-125 CWE-476 Out-of-bounds Read NULL Pointer Dereference	CVE-2020-3658	2024-11-21 14:31	2020-06-22	Show	GitHub Exploit DB Packet Storm

198363	7.8	HIGH Local	qualcomm	kamorta_firmware qcs605_firmware rennell_firmware saipan_firmware sdm670_firmware sdm710_firmware sdm845_firmware sm6150_firmware sm7150_firmware sm8150_firmware sm8250_…	Use after free issue in camera applications when used randomly over multiple operations due to pointer not set to NULL after free/destroy of the object in Snapdragon Consumer IOT, Snapdragon Mobile i…	CWE-416 Use After Free	CVE-2020-3642	2024-11-21 14:31	2020-06-22	Show	GitHub Exploit DB Packet Storm

198364	7.8	HIGH Local	qualcomm	apq8053_firmware apq8096au_firmware apq8098_firmware msm8909w_firmware msm8917_firmware msm8920_firmware msm8937_firmware msm8940_firmware msm8953_firmware msm8996au_firmwa…	Stack based overflow If the maximum number of arguments allowed per request in perflock exceeds in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon …	CWE-787 Out-of-bounds Write	CVE-2020-3635	2024-11-21 14:31	2020-06-22	Show	GitHub Exploit DB Packet Storm

198365	7.8	HIGH Local	qualcomm	apq8053_firmware apq8096au_firmware apq8098_firmware msm8905_firmware msm8909w_firmware msm8917_firmware msm8920_firmware msm8937_firmware msm8940_firmware msm8953_firmware…	Any application can bind to it and exercise the APIs due to no protection for AIDL uimlpaservice in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon…	CWE-276 Incorrect Default Permissions	CVE-2020-3626	2024-11-21 14:31	2020-06-22	Show	GitHub Exploit DB Packet Storm

198366	9.8	CRITICAL Network	qualcomm	apq8009_firmware apq8017_firmware apq8053_firmware apq8076_firmware apq8096_firmware apq8096au_firmware apq8098_firmware ipq6018_firmware ipq8074_firmware mdm9206_firmware<…	Possible buffer overflow while copying the frame to local buffer due to lack of check of length before copying in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Ele…	CWE-120 Classic Buffer Overflow	CVE-2020-3614	2024-11-21 14:31	2020-06-22	Show	GitHub Exploit DB Packet Storm

198367	3.3	LOW Local	geovision	gv-gf192x_firmware	GeoVision Door Access Control device family improperly stores and controls access to system logs, any users can read these logs.	CWE-532 Inclusion of Sensitive Information in Log Files	CVE-2020-3930	2024-11-21 14:31	2020-06-12	Show	GitHub Exploit DB Packet Storm

198368	5.9	MEDIUM Network	usavisionsys	geovision_gv-as210_firmware geovision_gv-as410_firmware geovision_gv-as810_firmware geovision_gv-as1010_firmware geovision_gv-gf192x_firmware	GeoVision Door Access Control device family employs shared cryptographic private keys for SSH and HTTPS. Attackers may conduct MITM attack with the derived keys and plaintext recover of encrypted mes…	CWE-326 Inadequate Encryption Strength	CVE-2020-3929	2024-11-21 14:31	2020-06-12	Show	GitHub Exploit DB Packet Storm

198369	9.8	CRITICAL Network	usavisionsys	geovision_gv-as210_firmware geovision_gv-as410_firmware geovision_gv-as810_firmware geovision_gv-as1010_firmware geovision_gv-gf192x_firmware	GeoVision Door Access Control device family is hardcoded with a root password, which adopting an identical password in all devices.	CWE-798 Use of Hard-coded Credentials	CVE-2020-3928	2024-11-21 14:31	2020-06-12	Show	GitHub Exploit DB Packet Storm

198370	6.5	MEDIUM Network	apple	mac_os_x	This issue was addressed with improved checks. This issue is fixed in macOS Catalina 10.15.5. Importing a maliciously crafted calendar invitation may exfiltrate user information.	NVD-CWE-noinfo	CVE-2020-3882	2024-11-21 14:31	2020-06-10	Show	GitHub Exploit DB Packet Storm