Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":May 9, 2026, 6 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
226721 7.5 危険 turnkeyforms - TurnkeyForms Business Survey Pro の survey_results_text.php における SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2008-6349 2012-12-20 19:10 2009-03-2 Show GitHub Exploit DB Packet Storm
226722 4.3 警告 ticklespace - Drupal 用の Answers モジュールにおけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2008-6413 2012-12-20 19:10 2008-09-18 Show GitHub Exploit DB Packet Storm
226723 4.3 警告 sadi samami - Multi Languages WebShop Online の detail.php におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2008-6267 2012-12-20 19:10 2009-02-25 Show GitHub Exploit DB Packet Storm
226724 6.8 警告 xt:Commerce - xt:Commerce における SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2008-6304 2012-12-20 19:10 2008-11-20 Show GitHub Exploit DB Packet Storm
226725 7.5 危険 TYPO3 Association - TYPO3 用の TU-Clausthal Staff エクステンションにおける SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2008-6344 2012-12-20 19:10 2009-02-27 Show GitHub Exploit DB Packet Storm
226726 4.3 警告 TYPO3 Association - TYPO3 用の TU-Clausthal ODIN エクステンションにおけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2008-6343 2012-12-20 19:10 2009-02-27 Show GitHub Exploit DB Packet Storm
226727 4.3 警告 TYPO3 Association - TYPO3 用の SB Universal Plugin エクステンションにおけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2008-6341 2012-12-20 19:10 2009-02-27 Show GitHub Exploit DB Packet Storm
226728 7.5 危険 weber-ebusiness - TYPO3 用の WEBERkommunal Facilities エクステンションにおける SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2008-6338 2012-12-20 19:10 2009-02-27 Show GitHub Exploit DB Packet Storm
226729 4.3 警告 rightscripts - Text Lines Rearrange Script の download.php におけるディレクトリトラバーサルの脆弱性 CWE-22
パス・トラバーサル 		CVE-2008-6336 2012-12-20 19:10 2009-02-27 Show GitHub Exploit DB Packet Storm
226730 7.5 危険 simplecustomer - Simple Customer の login.php における SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2008-6332 2012-12-20 19:10 2009-02-27 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:May 10, 2026, 4:58 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
210621 7.5 HIGH
Network 		bilanc bilanc An issue was discovered in Programi Bilanc build 007 release 014 31.01.2020 and possibly below. It relies on broken encryption with a weak and guessable static encryption key. CWE-798
 Use of Hard-coded Credentials 		CVE-2020-11719 2024-11-21 13:58 2020-12-24 Show GitHub Exploit DB Packet Storm
210622 9.8 CRITICAL
Network 		bilanc bilanc An issue was discovered in Programi Bilanc build 007 release 014 31.01.2020 and possibly below. During the installation, it sets up administrative access by default with the account admin and passwor… CWE-798
 Use of Hard-coded Credentials 		CVE-2020-11720 2024-11-21 13:58 2020-12-24 Show GitHub Exploit DB Packet Storm
210623 7.4 HIGH
Network 		bilanc bilanc An issue was discovered in Programi Bilanc build 007 release 014 31.01.2020 and below. Its software-update packages are downloaded via cleartext HTTP. CWE-319
Cleartext Transmission of Sensitive Information 		CVE-2020-11718 2024-11-21 13:58 2020-12-24 Show GitHub Exploit DB Packet Storm
210624 9.8 CRITICAL
Network 		bilanc bilanc An issue was discovered in Programi 014 31.01.2020. It has multiple SQL injection vulnerabilities. CWE-89
SQL Injection 		CVE-2020-11717 2024-11-21 13:58 2020-12-22 Show GitHub Exploit DB Packet Storm
210625 3.3 LOW
Local 		audacityteam
fedoraproject 		audacity
fedora 		Audacity through 2.3.3 saves temporary files to /var/tmp/audacity-$USER by default. After Audacity creates the temporary directory, it sets its permissions to 755. Any user on the system can read and… CWE-276
Incorrect Default Permissions  		CVE-2020-11867 2024-11-21 13:58 2020-12-1 Show GitHub Exploit DB Packet Storm
210626 9.8 CRITICAL
Network 		oppo ovoicemanager OvoiceManager has system permission to write vulnerability reports for arbitrary files, affected product is com.oppo.ovoicemanager V2.0.1. CWE-732
 Incorrect Permission Assignment for Critical Resource 		CVE-2020-11831 2024-11-21 13:58 2020-11-20 Show GitHub Exploit DB Packet Storm
210627 9.8 CRITICAL
Network 		oppo qualityprotect QualityProtect has a vulnerability to execute arbitrary system commands, affected product is com.oppo.qualityprotect V2.0. NVD-CWE-noinfo
CVE-2020-11830 2024-11-21 13:58 2020-11-20 Show GitHub Exploit DB Packet Storm
210628 9.8 CRITICAL
Network 		oppo coloros Dynamic loading of services in the backup and restore SDK leads to elevated privileges, affected product is com.coloros.codebook V2.0.0_5493e40_200722. NVD-CWE-noinfo
CVE-2020-11829 2024-11-21 13:58 2020-11-20 Show GitHub Exploit DB Packet Storm
210629 9.8 CRITICAL
Network 		microfocus arcsight_logger Arbitrary code execution vulnerability on Micro Focus ArcSight Logger product, affecting all version prior to 7.1.1. The vulnerability could be remotely exploited resulting in the execution of arbitr… CWE-94
Code Injection 		CVE-2020-11851 2024-11-21 13:58 2020-11-17 Show GitHub Exploit DB Packet Storm
210630 6.1 MEDIUM
Network 		microfocus arcsight_logger Cross-Site Scripting vulnerability on Micro Focus ArcSight Logger product, affecting all version prior to 7.1.1. The vulnerability could be remotely exploited resulting in Cross-Site Scripting (XSS) CWE-79
Cross-site Scripting 		CVE-2020-11860 2024-11-21 13:58 2020-11-17 Show GitHub Exploit DB Packet Storm