Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":May 6, 2026, 10 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
226101 7.5 危険 PHP-Fusion - PHP-Fusion の readmore.php における SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2008-5946 2012-12-20 19:10 2009-01-22 Show GitHub Exploit DB Packet Storm
226102 7.8 危険 zkesoft - AyeView におけるサービス運用妨害 (メモリ消費またはアプリケーションクラッシュ) の脆弱性 CWE-20
不適切な入力確認 		CVE-2008-5937 2012-12-20 19:10 2009-01-21 Show GitHub Exploit DB Packet Storm
226103 5 警告 the net guys - The Net Guys ASPired2Blog におけるユーザ名などを含むデータベースファイルをダウンロードされる脆弱性 CWE-264
認可・権限・アクセス制御 		CVE-2008-5931 2012-12-20 19:10 2009-01-21 Show GitHub Exploit DB Packet Storm
226104 7.5 危険 the net guys - The Net Guys ASPired2Blog の admin/blog_comments.asp における SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2008-5930 2012-12-20 19:10 2009-01-21 Show GitHub Exploit DB Packet Storm
226105 5 警告 vpasp - VP-ASP Shopping Cart におけるパスワードを含むデータベースをダウンロードされる脆弱性 CWE-264
認可・権限・アクセス制御 		CVE-2008-5929 2012-12-20 19:10 2009-01-21 Show GitHub Exploit DB Packet Storm
226106 7.5 危険 umerinc - Umer Inc Songs Portal の albums.php における SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2008-5921 2012-12-20 19:10 2009-01-21 Show GitHub Exploit DB Packet Storm
226107 7.5 危険 tigris - WebSVN の utils.inc における任意の PHP コードを実行される脆弱性 CWE-94
コード・インジェクション 		CVE-2008-5920 2012-12-20 19:10 2009-01-20 Show GitHub Exploit DB Packet Storm
226108 6.8 警告 tigris - WebSVN の rss.php におけるディレクトリトラバーサルの脆弱性 CWE-22
パス・トラバーサル 		CVE-2008-5919 2012-12-20 19:10 2009-01-20 Show GitHub Exploit DB Packet Storm
226109 4.3 警告 tigris - WebSVN の index.php におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2008-5918 2012-12-20 19:10 2009-01-20 Show GitHub Exploit DB Packet Storm
226110 7.5 危険 xrdp - xrdp の rdp/rdp_rdp.c における脆弱性 CWE-20
不適切な入力確認 		CVE-2008-5904 2012-12-20 19:10 2009-01-15 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:May 6, 2026, 4:08 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
199251 9.8 CRITICAL
Network 		fangfa fdcms FDCMS (also known as Fangfa Content Management System) 4.0 allows remote attackers to get a webshell in the background via Front/lib/Action/FindexAction.class.php. CWE-434
 Unrestricted Upload of File with Dangerous Type  		CVE-2020-35442 2024-11-21 14:27 2021-06-3 Show GitHub Exploit DB Packet Storm
199252 9.8 CRITICAL
Network 		fangfa fdcms FDCMS (aka Fangfa Content Management System) 4.0 contains a front-end SQL injection via Admin/Lib/Action/FloginAction.class.php. CWE-89
SQL Injection 		CVE-2020-35441 2024-11-21 14:27 2021-06-3 Show GitHub Exploit DB Packet Storm
199253 7.0 HIGH
Local 		redhat openshift An insecure modification flaw in the /etc/kubernetes/kubeconfig file was found in OpenShift. This flaw allows an attacker with access to a running container which mounts /etc/kubernetes or has local … - CVE-2020-35514 2024-11-21 14:27 2021-06-2 Show GitHub Exploit DB Packet Storm
199254 5.9 MEDIUM
Network 		redhat jboss-remoting A flaw was found in jboss-remoting in versions before 5.0.20.SP1-redhat-00001. A malicious attacker could cause threads to hold up forever in the EJB server by writing a sequence of bytes correspondi… - CVE-2020-35510 2024-11-21 14:27 2021-06-2 Show GitHub Exploit DB Packet Storm
199255 6.0 MEDIUM
Local 		qemu
fedoraproject 		qemu
fedora 		A NULL pointer dereference flaw was found in the megasas-gen2 SCSI host bus adapter emulation of QEMU in versions before and including 6.0. This issue occurs in the megasas_command_cancelled() callba… - CVE-2020-35503 2024-11-21 14:27 2021-06-2 Show GitHub Exploit DB Packet Storm
199256 6.7 MEDIUM
Local 		qemu qemu A use-after-free vulnerability was found in the am53c974 SCSI host bus adapter emulation of QEMU in versions before 6.0.0 during the handling of the 'Information Transfer' command (CMD_TI). This flaw… - CVE-2020-35506 2024-11-21 14:27 2021-05-28 Show GitHub Exploit DB Packet Storm
199257 4.4 MEDIUM
Local 		qemu
debian 		qemu
debian_linux 		A NULL pointer dereference flaw was found in the am53c974 SCSI host bus adapter emulation of QEMU in versions before 6.0.0. This issue occurs while handling the 'Information Transfer' command. This f… CWE-476
 NULL Pointer Dereference 		CVE-2020-35505 2024-11-21 14:27 2021-05-28 Show GitHub Exploit DB Packet Storm
199258 6.0 MEDIUM
Local 		qemu
fedoraproject
debian 		qemu
fedora
debian_linux 		A NULL pointer dereference flaw was found in the SCSI emulation support of QEMU in versions before 6.0.0. This flaw allows a privileged guest user to crash the QEMU process on the host, resulting in … CWE-476
 NULL Pointer Dereference 		CVE-2020-35504 2024-11-21 14:27 2021-05-28 Show GitHub Exploit DB Packet Storm
199259 7.5 HIGH
Network 		searchblox searchblox A local file inclusion vulnerability in the FileServlet in all SearchBlox before 9.2.2 allows remote, unauthenticated users to read arbitrary files from the operating system via a /searchblox/servlet… CWE-22
Path Traversal 		CVE-2020-35580 2024-11-21 14:27 2021-05-21 Show GitHub Exploit DB Packet Storm
199260 6.1 MEDIUM
Network 		kamalkhan kk_star_ratings Cross Site Scripting (XSS) vulnerability in the kk Star Ratings plugin before 4.1.5. CWE-79
Cross-site Scripting 		CVE-2020-35438 2024-11-21 14:27 2021-05-11 Show GitHub Exploit DB Packet Storm