Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":May 6, 2026, 6 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
226371 9.3 危険 WordPress.org - WordPress の wp-includes/theme.php におけるディレクトリトラバーサルの脆弱性 CWE-22
パス・トラバーサル 		CVE-2008-4769 2012-12-20 18:52 2008-04-2 Show GitHub Exploit DB Packet Storm
226372 7.5 危険 tlm cms - TLM CMS における SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2008-4768 2012-12-20 18:52 2008-10-28 Show GitHub Exploit DB Packet Storm
226373 9 危険 PHPNUKE - PHP-Nuke の DownloadsPlus モジュールにおける任意のコードを実行される脆弱性 CWE-20
不適切な入力確認 		CVE-2008-4767 2012-12-20 18:52 2008-10-28 Show GitHub Exploit DB Packet Storm
226374 4.3 警告 wikidsystems - WiKID wClient-PHP の sample.php におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2008-4763 2012-12-20 18:52 2008-10-27 Show GitHub Exploit DB Packet Storm
226375 5 警告 php-daily - PHP-Daily の download_file.php におけるディレクトリトラバーサルの脆弱性 CWE-22
パス・トラバーサル 		CVE-2008-4758 2012-12-20 18:52 2008-10-27 Show GitHub Exploit DB Packet Storm
226376 7.5 危険 php-daily - PHP-Daily における SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2008-4757 2012-12-20 18:52 2008-10-27 Show GitHub Exploit DB Packet Storm
226377 4.3 警告 php-daily - PHP-Daily の add_prest_date.php におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2008-4756 2012-12-20 18:52 2008-10-27 Show GitHub Exploit DB Packet Storm
226378 7.5 危険 pozscripts - PozScripts Classified Auctions Script の gotourl.php における SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2008-4755 2012-12-20 18:52 2008-10-27 Show GitHub Exploit DB Packet Storm
226379 5.8 警告 scripts-for-sites - SFS Ez Forum の forum.php における SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2008-4754 2012-12-20 18:52 2008-10-27 Show GitHub Exploit DB Packet Storm
226380 7.5 危険 tech logic - TlNews における認証を回避される脆弱性 CWE-287
不適切な認証 		CVE-2008-4752 2012-12-20 18:52 2008-10-27 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:May 7, 2026, 4:22 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
197551 7.5 HIGH
Network 		buddypress buddypress In BuddyPress before 5.1.2, requests to a certain REST API endpoint can result in private user data getting exposed. Authentication is not needed. This has been patched in version 5.1.2. CWE-200
Information Exposure 		CVE-2020-5244 2024-11-21 14:33 2020-02-25 Show GitHub Exploit DB Packet Storm
197552 6.5 MEDIUM
Network 		dnnsoftware dotnetnuke DNN (formerly DotNetNuke) through 9.4.4 has Insecure Permissions. CWE-669
CWE-434
 Incorrect Resource Transfer Between Spheres
 Unrestricted Upload of File with Dangerous Type  		CVE-2020-5188 2024-11-21 14:33 2020-02-25 Show GitHub Exploit DB Packet Storm
197553 8.8 HIGH
Network 		dnnsoftware dotnetnuke DNN (formerly DotNetNuke) through 9.4.4 allows Path Traversal (issue 2 of 2). CWE-22
Path Traversal 		CVE-2020-5187 2024-11-21 14:33 2020-02-25 Show GitHub Exploit DB Packet Storm
197554 5.4 MEDIUM
Network 		dnnsoftware dotnetnuke DNN (formerly DotNetNuke) through 9.4.4 allows XSS (issue 1 of 2). CWE-79
Cross-site Scripting 		CVE-2020-5186 2024-11-21 14:33 2020-02-25 Show GitHub Exploit DB Packet Storm
197555 7.5 HIGH
Network 		uap-core_project uap-core uap-core before 0.7.3 is vulnerable to a denial of service attack when processing crafted User-Agent strings. Some regexes are vulnerable to regular expression denial of service (REDoS) due to overla… CWE-1333
 Inefficient Regular Expression Complexity 		CVE-2020-5243 2024-11-21 14:33 2020-02-21 Show GitHub Exploit DB Packet Storm
197556 8.8 HIGH
Network 		openhab openhab openHAB before 2.5.2 allow a remote attacker to use REST calls to install the EXEC binding or EXEC transformation service and execute arbitrary commands on the system with the privileges of the user … CWE-863
 Incorrect Authorization 		CVE-2020-5242 2024-11-21 14:33 2020-02-21 Show GitHub Exploit DB Packet Storm
197557 5.3 MEDIUM
Physics 		dell chengming_3980_firmware
g3_3579_firmware
g3_3590_firmware
g3_3779_firmware
g5_5587_firmware
g5_5590_firmware
g7_7588_firmware
g7_7590_firmware
g7_7790_firmware
embedded_box… 		Affected Dell Client platforms contain a BIOS Setup configuration authentication bypass vulnerability in the pre-boot Intel Rapid Storage Response Technology (iRST) Manager menu. An attacker with phy… CWE-306
Missing Authentication for Critical Function 		CVE-2020-5326 2024-11-21 14:33 2020-02-22 Show GitHub Exploit DB Packet Storm
197558 4.4 MEDIUM
Local 		dell g3_3579_firmware
g3_3779_firmware
g3_15_3590_firmware
g5_15_5590_firmware
g5_5090_firmware
g5_5587_firmware
g7_15_7590_firmware
g7_17_7790_firmware
g7_7588_firmware
inspiro… 		Dell Client Consumer and Commercial Platforms contain an Arbitrary File Overwrite Vulnerability. The vulnerability is limited to the Dell Firmware Update Utility during the time window while being ex… CWE-59
Link Following 		CVE-2020-5324 2024-11-21 14:33 2020-02-22 Show GitHub Exploit DB Packet Storm
197559 8.8 HIGH
Network 		mailu mailu In Mailu before version 1.7, an authenticated user can exploit a vulnerability in Mailu fetchmail script and gain full access to a Mailu instance. Mailu servers that have open registration or untrust… NVD-CWE-noinfo
CVE-2020-5239 2024-11-21 14:33 2020-02-13 Show GitHub Exploit DB Packet Storm
197560 5.4 MEDIUM
Network 		matestack ui-core matestack-ui-core (RubyGem) before 0.7.4 is vulnerable to XSS/Script injection. This vulnerability is patched in version 0.7.4. CWE-79
Cross-site Scripting 		CVE-2020-5241 2024-11-21 14:33 2020-02-13 Show GitHub Exploit DB Packet Storm