Vulnerability Search Top

Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

Vulnerability Information Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":May 7, 2026, 6 p.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
226961	4.4	警告	stephenjungels	-	Plait の plaiter における任意のファイルを上書きされる脆弱性	CWE-59 リンク解釈の問題	CVE-2008-4085	2012-12-20 18:52	2008-09-15	Show	GitHub Exploit DB Packet Storm

226962	7.5	危険	stash	-	Stash の admin/login.php における認証を回避される脆弱性	CWE-287 不適切な認証	CVE-2008-4081	2012-12-20 18:52	2008-09-15	Show	GitHub Exploit DB Packet Storm

226963	6.8	警告	stash	-	Stash における SQL インジェクションの脆弱性	CWE-89 SQLインジェクション	CVE-2008-4080	2012-12-20 18:52	2008-09-15	Show	GitHub Exploit DB Packet Storm

226964	7.5	危険	zanfi solutions	-	Zanfi Autodealers CMS AutOnline の index.php における SQL インジェクションの脆弱性	CWE-89 SQLインジェクション	CVE-2008-4074	2012-12-20 18:52	2008-09-15	Show	GitHub Exploit DB Packet Storm

226965	7.5	危険	zanfi solutions	-	Zanfi Autodealers CMS AutOnline の index.php における SQL インジェクションの脆弱性	CWE-89 SQLインジェクション	CVE-2008-4073	2012-12-20 18:52	2008-09-15	Show	GitHub Exploit DB Packet Storm

226966	7.5	危険	phsdev	-	phsBlog の index.php における SQL インジェクションの脆弱性	CWE-89 SQLインジェクション	CVE-2008-4072	2012-12-20 18:52	2008-09-15	Show	GitHub Exploit DB Packet Storm

226967	7.5	危険	texmedia	-	Million Pixel Script の tops_top.php における SQL インジェクションの脆弱性	CWE-89 SQLインジェクション	CVE-2008-4055	2012-12-20 18:52	2008-09-11	Show	GitHub Exploit DB Packet Storm

226968	4.6	警告	トレンドマイクロ	-	Trend Micro NSC モジュールの Trend Micro Personal Firewall サービスにおけるアクセス制限を回避される脆弱性	CWE-287 不適切な認証	CVE-2008-3866	2012-12-20 18:52	2009-01-16	Show	GitHub Exploit DB Packet Storm

226969	10	危険	トレンドマイクロ	-	Trend Micro NSC モジュールのファイアーウォールにおけるヒープベースのバッファオーバーフローの脆弱性	CWE-119 バッファエラー	CVE-2008-3865	2012-12-20 18:52	2009-01-16	Show	GitHub Exploit DB Packet Storm

226970	5	警告	トレンドマイクロ	-	Trend Micro NSC モジュールのファイアーウォールサービスにおけるサービス運用妨害 (DoS) の脆弱性	CWE-20 不適切な入力確認	CVE-2008-3864	2012-12-20 18:52	2009-01-16	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:May 7, 2026, 4:22 a.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
210591	7.5	HIGH Network	gitlab	gitlab	GitLab EE/CE 8.17 to 12.9 is vulnerable to information leakage when querying a merge request widget.	CWE-200 Information Exposure	CVE-2020-10976	2024-11-21 13:56	2020-04-9	Show	GitHub Exploit DB Packet Storm

210592	4.3	MEDIUM Network	gitlab	gitlab	GitLab EE/CE 10.8 to 12.9 is leaking metadata and comments on vulnerabilities to unauthorized users on the vulnerability feedback page.	NVD-CWE-noinfo	CVE-2020-10975	2024-11-21 13:56	2020-04-9	Show	GitHub Exploit DB Packet Storm

210593	5.5	MEDIUM Local	codeblocks	code\	A buffer overflow vulnerability in Code::Blocks 17.12 allows an attacker to execute arbitrary code via a crafted project file.	CWE-120 Classic Buffer Overflow	CVE-2020-10814	2024-11-21 13:56	2020-04-9	Show	GitHub Exploit DB Packet Storm

210594	6.5	MEDIUM Network	greenbrowser_project	greenbrowser	GreenBrowser before version 1.2 has a vulnerability where apps that rely on URL Parsing to verify that a given URL is pointing to a trust server may be susceptible to many different ways to get URL p…	NVD-CWE-Other	CVE-2020-11000	2024-11-21 13:56	2020-04-9	Show	GitHub Exploit DB Packet Storm

210595	5.6	MEDIUM Network	qemu	qemu	hw/net/tulip.c in QEMU 4.2.0 has a buffer overflow during the copying of tx/rx buffers because the frame size is not validated against the r/w data length.	CWE-787 Out-of-bounds Write	CVE-2020-11102	2024-11-21 13:56	2020-04-7	Show	GitHub Exploit DB Packet Storm

210596	5.3	MEDIUM Network	mediawiki	mediawiki	In MediaWiki before 1.34.1, users can add various Cascading Style Sheets (CSS) classes (which can affect what content is shown or hidden in the user interface) to arbitrary DOM nodes via HTML content…	CWE-74 Injection	CVE-2020-10960	2024-11-21 13:56	2020-04-4	Show	GitHub Exploit DB Packet Storm

210597	8.8	HIGH Network	apachefriends	xampp	An issue was discovered in XAMPP before 7.2.29, 7.3.x before 7.3.16 , and 7.4.x before 7.4.4 on Windows. An unprivileged user can change a .exe configuration in xampp-contol.ini for all users (includ…	CWE-732 Incorrect Permission Assignment for Critical Resource	CVE-2020-11107	2024-11-21 13:56	2020-04-3	Show	GitHub Exploit DB Packet Storm

210598	8.8	HIGH Network	haproxy debian redhat fedoraproject canonical opensuse	haproxy debian_linux openshift_container_platform fedora ubuntu_linux leap	In hpack_dht_insert in hpack-tbl.c in the HPACK decoder in HAProxy 1.8 through 2.x before 2.1.4, a remote attacker can write arbitrary bytes around a certain location on the heap via a crafted HTTP/2…	CWE-787 Out-of-bounds Write	CVE-2020-11100	2024-11-21 13:56	2020-04-3	Show	GitHub Exploit DB Packet Storm

210599	9.8	CRITICAL Network	alienform2_project	alienform2	Jon Hedley AlienForm2 (typically installed as af.cgi or alienform.cgi) 2.0.2 is vulnerable to Remote Command Execution via eval injection, a different issue than CVE-2002-0934. An unauthenticated, re…	CWE-94 Code Injection	CVE-2020-10948	2024-11-21 13:56	2020-04-2	Show	GitHub Exploit DB Packet Storm

210600	7.5	HIGH Network	avast	antivirus	An issue was discovered in Avast Antivirus before 20. The aswTask RPC endpoint for the TaskEx library in the Avast Service (AvastSvc.exe) allows attackers to launch the Repair App RPC call from a Low…	NVD-CWE-noinfo	CVE-2020-10868	2024-11-21 13:56	2020-04-2	Show	GitHub Exploit DB Packet Storm