Vulnerability Search Top

Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

Vulnerability Information Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":May 7, 2026, 6 p.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
226231	6.8	警告	Pluck CMS	-	Pluck の data/modules/blog/module_pages_site.php におけるディレクトリトラバーサルの脆弱性	CWE-22 パス・トラバーサル	CVE-2008-6842	2012-12-20 19:10	2009-07-2	Show	GitHub Exploit DB Packet Storm

226232	4.3	警告	tgs-cms	-	TGS Content Management におけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2008-6839	2012-12-20 19:10	2009-06-27	Show	GitHub Exploit DB Packet Storm

226233	4.3	警告	Zoph	-	Zoph の search.php におけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2008-6838	2012-12-20 19:10	2009-06-27	Show	GitHub Exploit DB Packet Storm

226234	7.5	危険	Zoph	-	Zoph における SQL インジェクションの脆弱性	CWE-89 SQLインジェクション	CVE-2008-6837	2012-12-20 19:10	2009-06-27	Show	GitHub Exploit DB Packet Storm

226235	5	警告	vicftps	-	VicFTPS におけるサービス運用妨害 (DoS) の脆弱性	CWE-20 不適切な入力確認	CVE-2008-6829	2012-12-20 19:10	2009-06-8	Show	GitHub Exploit DB Packet Storm

226236	6.8	警告	trixbox	-	Fonality trixbox CE の user/index.php におけるディレクトリトラバーサルの脆弱性	CWE-22 パス・トラバーサル	CVE-2008-6825	2012-12-20 19:10	2009-06-5	Show	GitHub Exploit DB Packet Storm

226237	4.3	警告	XOOPS	-	XOOPS の pmlite.php におけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2008-6885	2012-12-20 19:10	2008-12-7	Show	GitHub Exploit DB Packet Storm

226238	6.8	警告	XOOPS	-	XOOPS におけるディレクトリトラバーサルの脆弱性	CWE-22 パス・トラバーサル	CVE-2008-6884	2012-12-20 19:10	2008-12-7	Show	GitHub Exploit DB Packet Storm

226239	4.3	警告	シマンテック	-	Symantec Altiris Deployment Solution における権限を取得される脆弱性	CWE-310 暗号の問題	CVE-2008-6828	2012-12-20 19:10	2008-10-20	Show	GitHub Exploit DB Packet Storm

226240	6.8	警告	シマンテック	-	Symantec Altiris Deployment Solution の ListView コントロールにおけるシステム権限を取得される脆弱性	CWE-264 認可・権限・アクセス制御	CVE-2008-6827	2012-12-20 19:10	2008-10-20	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:May 8, 2026, 4:54 a.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
197991	9.8	CRITICAL Network	vmware	sd-wan_orchestrator	The SD-WAN Orchestrator 3.3.2, 3.4.x, and 4.0.x has default passwords allowing for a Pass-the-Hash Attack. SD-WAN Orchestrator ships with default passwords for predefined accounts which may lead to t…	CWE-1188 Insecure Default Initialization of Resource	CVE-2020-4001	2024-11-21 14:32	2020-11-25	Show	GitHub Exploit DB Packet Storm

197992	8.8	HIGH Network	vmware	sd-wan_orchestrator	The SD-WAN Orchestrator 3.3.2 prior to 3.3.2 P3, 3.4.x prior to 3.4.4, and 4.0.x prior to 4.0.1 allows for executing files through directory traversal. An authenticated SD-WAN Orchestrator user is ab…	CWE-22 Path Traversal	CVE-2020-4000	2024-11-21 14:32	2020-11-25	Show	GitHub Exploit DB Packet Storm

197993	8.8	HIGH Network	vmware	sd-wan_orchestrator	The SD-WAN Orchestrator 3.3.2 prior to 3.3.2 P3 and 3.4.x prior to 3.4.4 allows an access to set arbitrary authorization levels leading to a privilege escalation issue. An authenticated SD-WAN Orches…	NVD-CWE-noinfo	CVE-2020-3985	2024-11-21 14:32	2020-11-25	Show	GitHub Exploit DB Packet Storm

197994	6.5	MEDIUM Network	vmware	sd-wan_orchestrator	The SD-WAN Orchestrator 3.3.2 prior to 3.3.2 P3 and 3.4.x prior to 3.4.4 does not apply correct input validation which allows for SQL-injection. An authenticated SD-WAN Orchestrator user may exploit …	CWE-89 SQL Injection	CVE-2020-3984	2024-11-21 14:32	2020-11-25	Show	GitHub Exploit DB Packet Storm

197995	9.1	CRITICAL Network	vmware	identity_manager identity_manager_connector one_access vrealize_suite_lifecycle_manager cloud_foundation	VMware Workspace One Access, Access Connector, Identity Manager, and Identity Manager Connector address have a command injection vulnerability.	CWE-78 OS Command	CVE-2020-4006	2024-11-21 14:32	2020-11-24	Show	GitHub Exploit DB Packet Storm

197996	7.8	HIGH Local	vmware	cloud_foundation esxi	VMware ESXi (7.0 before ESXi70U1b-17168206, 6.7 before ESXi670-202011101-SG, 6.5 before ESXi650-202011301-SG) contains a privilege-escalation vulnerability that exists in the way certain system calls…	NVD-CWE-noinfo	CVE-2020-4005	2024-11-21 14:32	2020-11-21	Show	GitHub Exploit DB Packet Storm

197997	8.2	HIGH Local	vmware	fusion workstation cloud_foundation esxi	VMware ESXi (7.0 before ESXi70U1b-17168206, 6.7 before ESXi670-202011101-SG, 6.5 before ESXi650-202011301-SG), Workstation (15.x before 15.5.7), Fusion (11.x before 11.5.7) contain a use-after-free v…	CWE-416 Use After Free	CVE-2020-4004	2024-11-21 14:32	2020-11-21	Show	GitHub Exploit DB Packet Storm

197998	6.5	MEDIUM Network	ibm	mq_appliance	IBM MQ Appliance 9.1.CD and LTS could allow an authenticated user, under nondefault configuration to cause a data corruption attack due to an error when using segmented messages.	NVD-CWE-noinfo	CVE-2020-4592	2024-11-21 14:32	2020-11-19	Show	GitHub Exploit DB Packet Storm

197999	6.5	MEDIUM Network	ibm	sterling_b2b_integrator	IBM Sterling B2B Integrator Standard Edition 5.2.6.0 through 5.2.6.5 and 6.0.0.0 through 6.0.3.2 stores potentially highly sensitive information in log files that could be read by an authenticated us…	NVD-CWE-noinfo	CVE-2020-4566	2024-11-21 14:32	2020-11-17	Show	GitHub Exploit DB Packet Storm

198000	7.5	HIGH Network	ibm	sterling_file_gateway	IBM Sterling File Gateway 2.2.0.0 through 2.2.6.5 and 6.0.0.0 through 6.0.3.2 could allow a remote attacker to obtain sensitive information when a detailed technical error message is returned in the …	NVD-CWE-noinfo	CVE-2020-4476	2024-11-21 14:32	2020-11-17	Show	GitHub Exploit DB Packet Storm