Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":May 3, 2026, 6 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
226351 7.5 危険 YourFreeWorld.com - YourFreeWorld Scrolling Text Ads Script の tr1.php における SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2008-4885 2012-12-20 18:52 2008-11-3 Show GitHub Exploit DB Packet Storm
226352 7.5 危険 YourFreeWorld.com - YourFreeWorld Classifieds Hosting Script の tr.php における SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2008-4884 2012-12-20 18:52 2008-11-3 Show GitHub Exploit DB Packet Storm
226353 7.5 危険 YourFreeWorld.com - YourFreeWorld Blog Blaster Script の tr.php における SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2008-4883 2012-12-20 18:52 2008-11-3 Show GitHub Exploit DB Packet Storm
226354 7.5 危険 YourFreeWorld.com - YourFreeWorld Autoresponder Hosting Script の tr.php における SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2008-4882 2012-12-20 18:52 2008-11-3 Show GitHub Exploit DB Packet Storm
226355 7.5 危険 YourFreeWorld.com - YourFreeWorld Reminder Service Script の tr.php における SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2008-4881 2012-12-20 18:52 2008-11-3 Show GitHub Exploit DB Packet Storm
226356 10 危険 sepal - Sepal SPBOARD の board.cgi における任意のコマンドを実行される脆弱性 CWE-noinfo
情報不足 		CVE-2008-4873 2012-12-20 18:52 2008-10-31 Show GitHub Exploit DB Packet Storm
226357 7.2 危険 valgrind - valgrind における任意のプログラムを実行される脆弱性 CWE-Other
その他 		CVE-2008-4865 2012-12-20 18:52 2008-10-31 Show GitHub Exploit DB Packet Storm
226358 6.9 警告 rPath, Inc - rPath 上で稼動している initscripts における任意のファイルを削除される脆弱性 CWE-59
リンク解釈の問題 		CVE-2008-4832 2012-12-20 18:52 2008-11-12 Show GitHub Exploit DB Packet Storm
226359 9.3 危険 streamripper - Streamripper の lib/http.c におけるバッファオーバーフローの脆弱性 CWE-119
バッファエラー 		CVE-2008-4829 2012-12-20 18:52 2008-11-25 Show GitHub Exploit DB Packet Storm
226360 7.5 危険 Smarty - Smarty の libs/Smarty_Compiler.class.php における任意の PHP コードを実行される脆弱性 CWE-264
認可・権限・アクセス制御 		CVE-2008-4811 2012-12-20 18:52 2008-10-31 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:May 3, 2026, 4:06 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
198961 4.8 MEDIUM
Network 		employee_performance_evaluation_system_project employee_performance_evaluation_system Employee Performance Evaluation System in PHP/MySQLi with Source Code 1.0 is affected by cross-site scripting (XSS) in the Admin Portal in the Task and Description fields. CWE-79
Cross-site Scripting 		CVE-2020-35272 2024-11-21 14:27 2021-01-21 Show GitHub Exploit DB Packet Storm
198962 4.8 MEDIUM
Network 		employee_performance_evaluation_system_project employee_performance_evaluation_system Employee Performance Evaluation System in PHP/MySQLi with Source Code 1.0 is affected by cross-site scripting (XSS) in the Employees, First Name and Last Name fields. CWE-79
Cross-site Scripting 		CVE-2020-35271 2024-11-21 14:27 2021-01-21 Show GitHub Exploit DB Packet Storm
198963 7.5 HIGH
Network 		erlang
fedoraproject 		erlang\/otp
fedora 		An issue was discovered in Erlang/OTP before 23.2.2. The ssl application 10.2 accepts and trusts an invalid X.509 certificate chain to a trusted root Certification Authority. CWE-295
Improper Certificate Validation  		CVE-2020-35733 2024-11-21 14:27 2021-01-15 Show GitHub Exploit DB Packet Storm
198964 5.4 MEDIUM
Network 		enviragallery envira_gallery A stored cross-site scripting (XSS) issue in Envira Gallery Lite before 1.8.3.3 allows remote attackers to inject arbitrary JavaScript/HTML code via a POST /wp-admin/post.php request with the post_ti… CWE-79
Cross-site Scripting 		CVE-2020-35582 2024-11-21 14:27 2021-01-15 Show GitHub Exploit DB Packet Storm
198965 5.4 MEDIUM
Network 		enviragallery envira_gallery A stored cross-site scripting (XSS) issue in Envira Gallery Lite before 1.8.3.3 allows remote attackers to inject arbitrary JavaScript/HTML code via a POST /wp-admin/admin-ajax.php request with the m… CWE-79
Cross-site Scripting 		CVE-2020-35581 2024-11-21 14:27 2021-01-15 Show GitHub Exploit DB Packet Storm
198966 8.8 HIGH
Network 		eclipse vert.x-web Vert.x-Web framework v4.0 milestone 1-4 does not perform a correct CSRF verification. Instead of comparing the CSRF token in the request with the CSRF token in the cookie, it compares the CSRF token … CWE-352
 Origin Validation Error 		CVE-2020-35217 2024-11-21 14:27 2021-01-20 Show GitHub Exploit DB Packet Storm
198967 7.2 HIGH
Network 		nagios nagios_xi An issue was discovered in the Manage Plugins page in Nagios XI before 5.8.0. Because the line-ending conversion feature is mishandled during a plugin upload, a remote, authenticated admin user can e… CWE-78
OS Command  		CVE-2020-35578 2024-11-21 14:27 2021-01-14 Show GitHub Exploit DB Packet Storm
198968 4.3 MEDIUM
Network 		php-fusion phpfusion PHPFusion version 9.03.90 is vulnerable to CSRF attack which leads to deletion of all shoutbox messages by the attacker on behalf of the logged in victim. CWE-352
 Origin Validation Error 		CVE-2020-35687 2024-11-21 14:27 2021-01-14 Show GitHub Exploit DB Packet Storm
198969 7.8 HIGH
Local 		soundresearch dchu_model_software_component_modules The SECOMN service in Sound Research DCHU model software component modules (APO) through 2.0.9.17, delivered on HP Windows 10 computers, may allow escalation of privilege via a fake DLL. (As a resolu… CWE-426
 Untrusted Search Path 		CVE-2020-35686 2024-11-21 14:27 2021-01-13 Show GitHub Exploit DB Packet Storm
198970 7.8 HIGH
Local 		clusterlabs
debian 		crmsh
debian_linux 		An issue was discovered in ClusterLabs crmsh through 4.2.1. Local attackers able to call "crm history" (when "crm" is run) were able to execute commands via shell code injection to the crm history co… CWE-78
OS Command  		CVE-2020-35459 2024-11-21 14:27 2021-01-13 Show GitHub Exploit DB Packet Storm