Vulnerability Search Top

Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

Vulnerability Information Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":April 30, 2026, 6 p.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
227001	4.3	警告	schoolwires	-	Schoolwires Academic Portal の browse.asp におけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2008-0909	2012-12-20 18:34	2008-02-22	Show	GitHub Exploit DB Packet Storm

227002	7.5	危険	schoolwires	-	browse.asp の Schoolwires Academic Portal における SQL インジェクションの脆弱性	CWE-89 SQLインジェクション	CVE-2008-0908	2012-12-20 18:34	2008-02-22	Show	GitHub Exploit DB Packet Storm

227003	7.5	危険	PHPNUKE	-	PHP-Nuke 用の Inhalt モジュールにおける SQL インジェクションの脆弱性	CWE-89 SQLインジェクション	CVE-2008-0907	2012-12-20 18:34	2008-02-22	Show	GitHub Exploit DB Packet Storm

227004	7.5	危険	PHPNUKE	-	PHP-Nuke の Docum モジュールにおける SQL インジェクションの脆弱性	CWE-89 SQLインジェクション	CVE-2008-0906	2012-12-20 18:34	2008-02-22	Show	GitHub Exploit DB Packet Storm

227005	7.5	危険	レッドハット	-	Red Hat Directory Server で使用されている Red Hat Administration Server における管理者操作を実行される脆弱性	CWE-264 認可・権限・アクセス制御	CVE-2008-0893	2012-12-20 18:34	2008-04-15	Show	GitHub Exploit DB Packet Storm

227006	4.6	警告	レッドハット	-	Red Hat Directory Server における JAR ファイルを変更される脆弱性	CWE-264 認可・権限・アクセス制御	CVE-2008-0890	2012-12-20 18:34	2008-03-11	Show	GitHub Exploit DB Packet Storm

227007	2.1	注意	レッドハット	-	Red Hat Directory Server における任意のコードを実行される脆弱性	CWE-264 認可・権限・アクセス制御	CVE-2008-0889	2012-12-20 18:34	2008-03-19	Show	GitHub Exploit DB Packet Storm

227008	7.5	危険	PHPNUKE	-	PHP-Nuke 用の Okul モジュールにおける SQL インジェクションの脆弱性	CWE-89 SQLインジェクション	CVE-2008-0881	2012-12-20 18:34	2008-02-21	Show	GitHub Exploit DB Packet Storm

227009	7.5	危険	PHPNUKE	-	PHP-Nuke 用の EasyContent モジュールにおける SQL インジェクションの脆弱性	CWE-89 SQLインジェクション	CVE-2008-0880	2012-12-20 18:34	2008-02-21	Show	GitHub Exploit DB Packet Storm

227010	7.5	危険	PHPNUKE	-	PHP-Nuke 用の Web_Links モジュールにおける SQL インジェクションの脆弱性	CWE-89 SQLインジェクション	CVE-2008-0879	2012-12-20 18:34	2008-02-21	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:April 30, 2026, 4:58 a.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
199321	9.8	CRITICAL Network	sophos	cyberoamos	An SQL injection vulnerability in the WebAdmin of Cyberoam OS through 2020-12-04 allows unauthenticated attackers to execute arbitrary SQL statements remotely.	CWE-89 SQL Injection	CVE-2020-29574	2024-11-21 14:24	2020-12-12	Show	GitHub Exploit DB Packet Storm

199322	9.8	CRITICAL Network	docker	registry	Versions of the Official registry Docker images through 2.7.0 contain a blank password for the root user. Systems deployed using affected versions of the registry container may allow a remote attacke…	CWE-521 Weak Password Requirements	CVE-2020-29591	2024-11-21 14:24	2020-12-12	Show	GitHub Exploit DB Packet Storm

199323	9.8	CRITICAL Network	lanatmservice	m3_atm_monitoring_system	In Lan ATMService M3 ATM Monitoring System 6.1.0, a remote attacker able to use a default cookie value, such as PHPSESSID=LANIT-IMANAGER, can achieve control over the system because of Insufficient S…	CWE-613 Insufficient Session Expiration	CVE-2020-29667	2024-11-21 14:24	2020-12-10	Show	GitHub Exploit DB Packet Storm

199324	5.3	MEDIUM Network	lanatmservice	m3_atm_monitoring_system	In Lan ATMService M3 ATM Monitoring System 6.1.0, due to a directory-listing vulnerability, a remote attacker can view log files, located in /websocket/logs/, that contain a user's cookie values and …	NVD-CWE-Other	CVE-2020-29666	2024-11-21 14:24	2020-12-10	Show	GitHub Exploit DB Packet Storm

199325	3.7	LOW Network	sympa fedoraproject debian	sympa fedora debian_linux	Sympa before 6.2.59b.2 allows remote attackers to obtain full SOAP API access by sending any arbitrary string (except one from an expired cookie) as the cookie value to authenticateAndRun.	CWE-287 CWE-565 Improper Authentication Reliance on Cookies without Validation and Integrity Checking	CVE-2020-29668	2024-11-21 14:24	2020-12-10	Show	GitHub Exploit DB Packet Storm

199326	7.8	HIGH Local	paloaltonetworks	cortex_xdr_agent	A local privilege escalation vulnerability exists in Palo Alto Networks Cortex XDR Agent on the Windows platform that allows an authenticated local Windows user to execute programs with SYSTEM privil…	CWE-427 Uncontrolled Search Path Element	CVE-2020-2049	2024-11-21 14:24	2020-12-10	Show	GitHub Exploit DB Packet Storm

199327	5.5	MEDIUM Local	paloaltonetworks	cortex_xdr_agent	An improper handling of exceptional conditions vulnerability in Cortex XDR Agent allows a local authenticated Windows user to create files in the software's internal program directory that prevents t…	CWE-755 Improper Handling of Exceptional Conditions	CVE-2020-2020	2024-11-21 14:24	2020-12-10	Show	GitHub Exploit DB Packet Storm

199328	9.8	CRITICAL Network	flexense	dupscout	A buffer overflow in the web server of Flexense DupScout Enterprise 10.0.18 allows a remote anonymous attacker to execute code as SYSTEM by overflowing the sid parameter via a GET /settings&sid= atta…	CWE-120 Classic Buffer Overflow	CVE-2020-29659	2024-11-21 14:24	2020-12-10	Show	GitHub Exploit DB Packet Storm

199329	7.8	HIGH Local	linux fedoraproject debian netapp broadcom oracle	linux_kernel fedora debian_linux active_iq_unified_manager fabric_operating_system solidfire_baseboard_management_controller_firmware h410c_firmware a700s_firmware 8300_firmwa…	A locking issue was discovered in the tty subsystem of the Linux kernel through 5.9.13. drivers/tty/tty_jobctrl.c allows a use-after-free attack against TIOCSPGRP, aka CID-54ffccbf053b.	CWE-416 CWE-667 Use After Free Improper Locking	CVE-2020-29661	2024-11-21 14:24	2020-12-10	Show	GitHub Exploit DB Packet Storm

199330	4.4	MEDIUM Local	linux fedoraproject debian netapp broadcom	linux_kernel fedora debian_linux active_iq_unified_manager fabric_operating_system solidfire_baseboard_management_controller_firmware h410c_firmware a700s_firmware 8300_firmwa…	A locking inconsistency issue was discovered in the tty subsystem of the Linux kernel through 5.9.13. drivers/tty/tty_io.c and drivers/tty/tty_jobctrl.c may allow a read-after-free attack against TIO…	CWE-416 CWE-667 Use After Free Improper Locking	CVE-2020-29660	2024-11-21 14:24	2020-12-10	Show	GitHub Exploit DB Packet Storm