Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":May 8, 2026, 4 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
226581 7.5 危険 PreProject.com - Pre Projects Pre Real Estate Listings の login.php における SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2008-6798 2012-12-20 19:10 2009-05-7 Show GitHub Exploit DB Packet Storm
226582 7.5 危険 PreProject.com - Pre Projects Pre Real Estate Listings の manager/login.php における SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2008-6796 2012-12-20 19:10 2009-05-7 Show GitHub Exploit DB Packet Storm
226583 7.5 危険 sfs ez pub - SFS EZ Pub Site の directory.php における SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2008-6794 2012-12-20 19:10 2009-05-7 Show GitHub Exploit DB Packet Storm
226584 7.5 危険 scripts-for-sites - SFS EZ Adult Directory の directory.php における SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2008-6784 2012-12-20 19:10 2009-05-1 Show GitHub Exploit DB Packet Storm
226585 7.5 危険 scripts-for-sites - SFS EZ Home Business Directory の directory.php における SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2008-6783 2012-12-20 19:10 2009-05-1 Show GitHub Exploit DB Packet Storm
226586 7.5 危険 scripts-for-sites - SFS EZ Hosting Directory の directory.php における SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2008-6782 2012-12-20 19:10 2009-05-1 Show GitHub Exploit DB Packet Storm
226587 7.5 危険 scripts-for-sites - SFS Gaming Directory の directory.php における SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2008-6781 2012-12-20 19:10 2009-05-1 Show GitHub Exploit DB Packet Storm
226588 7.5 危険 scripts-for-sites - SFS SFS EZ Affiliate の directory.php における SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2008-6780 2012-12-20 19:10 2009-05-1 Show GitHub Exploit DB Packet Storm
226589 7.5 危険 PHPNUKE - PHP-Nuke 用の Sarkilar モジュールにおける SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2008-6779 2012-12-20 19:10 2009-05-1 Show GitHub Exploit DB Packet Storm
226590 7.5 危険 scripts-for-sites - SFS EZ Auction の viewfaqs.php における SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2008-6778 2012-12-20 19:10 2009-05-1 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:May 8, 2026, 4:54 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
211011 5.5 MEDIUM
Local 		hdfgroup hdf5 An issue was discovered in HDF5 through 1.12.0. A heap-based buffer over-read exists in the function H5O__layout_decode() located in H5Olayout.c. It allows an attacker to cause Denial of Service. CWE-125
Out-of-bounds Read 		CVE-2020-10811 2024-11-21 13:56 2020-03-23 Show GitHub Exploit DB Packet Storm
211012 5.5 MEDIUM
Local 		hdfgroup hdf5 An issue was discovered in HDF5 through 1.12.0. A NULL pointer dereference exists in the function H5AC_unpin_entry() located in H5AC.c. It allows an attacker to cause Denial of Service. CWE-476
 NULL Pointer Dereference 		CVE-2020-10810 2024-11-21 13:56 2020-03-23 Show GitHub Exploit DB Packet Storm
211013 5.5 MEDIUM
Local 		hdfgroup hdf5 An issue was discovered in HDF5 through 1.12.0. A heap-based buffer overflow exists in the function Decompress() located in decompress.c. It can be triggered by sending a crafted file to the gif2h5 b… CWE-787
 Out-of-bounds Write 		CVE-2020-10809 2024-11-21 13:56 2020-03-23 Show GitHub Exploit DB Packet Storm
211014 8.8 HIGH
Network 		vestacp vesta_control_panel Vesta Control Panel (VestaCP) through 0.9.8-26 allows Command Injection via the schedule/backup Backup Listing Endpoint. The attacker must be able to create a crafted filename on the server, as demon… CWE-78
OS Command  		CVE-2020-10808 2024-11-21 13:56 2020-03-23 Show GitHub Exploit DB Packet Storm
211015 5.3 MEDIUM
Network 		mitre caldera auth_svc in Caldera before 2.6.5 allows authentication bypass (for REST API requests) via a forged "localhost" string in the HTTP Host header. CWE-290
 Authentication Bypass by Spoofing 		CVE-2020-10807 2024-11-21 13:56 2020-03-23 Show GitHub Exploit DB Packet Storm
211016 9.8 CRITICAL
Network 		ez ez_publish-kernel
ez_publish-legacy 		eZ Publish Kernel before 5.4.14.1, 6.x before 6.13.6.2, and 7.x before 7.5.6.2 and eZ Publish Legacy before 5.4.14.1, 2017 before 2017.12.7.2, and 2019 before 2019.03.4.2 allow remote attackers to ex… CWE-434
 Unrestricted Upload of File with Dangerous Type  		CVE-2020-10806 2024-11-21 13:56 2020-03-23 Show GitHub Exploit DB Packet Storm
211017 5.4 MEDIUM
Network 		phpmyadmin
debian
fedoraproject
opensuse
suse 		phpmyadmin
debian_linux
fedora
leap
backports_sle
package_hub 		In phpMyAdmin 4.x before 4.9.5 and 5.x before 5.0.2, a SQL injection vulnerability was discovered where malicious code could be used to trigger an XSS attack through retrieving and displaying results… CWE-79
CWE-89
Cross-site Scripting
SQL Injection 		CVE-2020-10803 2024-11-21 13:56 2020-03-22 Show GitHub Exploit DB Packet Storm
211018 8.0 HIGH
Network 		phpmyadmin
debian
fedoraproject
opensuse
suse 		phpmyadmin
debian_linux
fedora
leap
backports_sle
package_hub 		In phpMyAdmin 4.x before 4.9.5 and 5.x before 5.0.2, a SQL injection vulnerability has been discovered where certain parameters are not properly escaped when generating certain queries for search act… CWE-89
SQL Injection 		CVE-2020-10802 2024-11-21 13:56 2020-03-22 Show GitHub Exploit DB Packet Storm
211019 8.0 HIGH
Network 		phpmyadmin
fedoraproject
opensuse
suse 		phpmyadmin
fedora
leap
backports_sle
package_hub 		In phpMyAdmin 4.x before 4.9.5 and 5.x before 5.0.2, a SQL injection vulnerability was found in retrieval of the current username (in libraries/classes/Server/Privileges.php and libraries/classes/Use… CWE-89
SQL Injection 		CVE-2020-10804 2024-11-21 13:56 2020-03-22 Show GitHub Exploit DB Packet Storm
211020 8.1 HIGH
Network 		lix_project lix lix through 15.8.7 allows man-in-the-middle attackers to execute arbitrary code by modifying the HTTP client-server data stream so that the Location header is associated with attacker-controlled exec… NVD-CWE-noinfo
CVE-2020-10800 2024-11-21 13:56 2020-03-22 Show GitHub Exploit DB Packet Storm