Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":April 30, 2026, 6 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
227061 7.5 危険 SAP - SAP GUI および SAPSprint に含まれる SAPLPD におけるバッファオーバーフローの脆弱性 CWE-119
バッファエラー 		CVE-2008-0621 2012-12-20 18:34 2008-02-6 Show GitHub Exploit DB Packet Storm
227062 10 危険 SAP - SAP GUI および SAPSprint に含まれる SAPLPD におけるサービス運用妨害 (DoS) の脆弱性 CWE-119
バッファエラー 		CVE-2008-0620 2012-12-20 18:34 2008-02-6 Show GitHub Exploit DB Packet Storm
227063 7.5 危険 rmsoft
XOOPS		 - XOOPS 用の RMSOFT Gallery System モジュールにおける SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2008-0611 2012-12-20 18:34 2008-02-6 Show GitHub Exploit DB Packet Storm
227064 9.3 危険 UltraVNC - UltraVNC 用の vncviewer におけるスタックベースのバッファオーバーフローの脆弱性 CWE-119
バッファエラー 		CVE-2008-0610 2012-12-20 18:34 2008-02-6 Show GitHub Exploit DB Packet Storm
227065 6.8 警告 xlight ftp server - XLight FTP Server の LDAP 認証機能におけるアクセス制限を回避される脆弱性 CWE-255
証明書・パスワード管理 		CVE-2008-0604 2012-12-20 18:34 2008-02-6 Show GitHub Exploit DB Packet Storm
227066 4.3 警告 Skype Technologies S.A. - Windows 上で稼動する Skype の Internet Explorer Web コントロールにおけるクロスゾーンスクリプティングの脆弱性 CWE-94
コード・インジェクション 		CVE-2008-0583 2012-12-20 18:34 2008-02-4 Show GitHub Exploit DB Packet Storm
227067 4.3 警告 Skype Technologies S.A. - Windows 上で稼動する Skype の Internet Explorer Web コントロールにおけるクロスゾーンスクリプティングの脆弱性 CWE-94
コード・インジェクション 		CVE-2008-0582 2012-12-20 18:34 2008-02-4 Show GitHub Exploit DB Packet Storm
227068 4.3 警告 トリップワイヤ - Tripwire Enterprise の Web 管理ログインページにおけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2008-0578 2012-12-20 18:34 2008-02-4 Show GitHub Exploit DB Packet Storm
227069 4.3 警告 webSPELL - webSPELL の admin/admincenter.php におけるクロスサイトリクエストフォージェリの脆弱性 CWE-352
同一生成元ポリシー違反 		CVE-2008-0575 2012-12-20 18:34 2008-02-4 Show GitHub Exploit DB Packet Storm
227070 4.3 警告 webSPELL - webSPELL の index.php におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2008-0574 2012-12-20 18:34 2008-02-4 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:April 30, 2026, 4:58 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
199381 7.5 HIGH
Network 		sick package_analytics SICK Package Analytics software up to and including version V04.0.0 are vulnerable due to incorrect default permissions settings. An unauthorized attacker could read sensitive data from the system by… CWE-276
Incorrect Default Permissions  		CVE-2020-2077 2024-11-21 14:24 2020-07-29 Show GitHub Exploit DB Packet Storm
199382 9.8 CRITICAL
Network 		sick package_analytics SICK Package Analytics software up to and including version V04.0.0 are vulnerable to an authentication bypass by directly interfacing with the REST API. An attacker can send unauthorized requests, b… CWE-306
Missing Authentication for Critical Function 		CVE-2020-2076 2024-11-21 14:24 2020-07-29 Show GitHub Exploit DB Packet Storm
199383 5.4 MEDIUM
Network 		jenkins jenkins Jenkins 2.244 and earlier, LTS 2.235.1 and earlier does not escape the upstream job's display name shown as part of a build cause, resulting in a stored cross-site scripting vulnerability. CWE-79
Cross-site Scripting 		CVE-2020-2221 2024-11-21 14:24 2020-07-16 Show GitHub Exploit DB Packet Storm
199384 5.4 MEDIUM
Network 		jenkins jenkins Jenkins 2.244 and earlier, LTS 2.235.1 and earlier does not escape the agent name in the build time trend page, resulting in a stored cross-site scripting vulnerability. CWE-79
Cross-site Scripting 		CVE-2020-2220 2024-11-21 14:24 2020-07-16 Show GitHub Exploit DB Packet Storm
199385 8.1 HIGH
Network 		paloaltonetworks pan-os An OS Command Injection vulnerability in the PAN-OS GlobalProtect portal allows an unauthenticated network based attacker to execute arbitrary OS commands with root privileges. An attacker requires s… CWE-78
OS Command  		CVE-2020-2034 2024-11-21 14:24 2020-07-9 Show GitHub Exploit DB Packet Storm
199386 4.9 MEDIUM
Network 		paloaltonetworks pan-os An integer underflow vulnerability in the dnsproxyd component of the PAN-OS management interface allows authenticated administrators to issue a command from the command line interface that causes the… CWE-191
 Integer Underflow (Wrap or Wraparound) 		CVE-2020-2031 2024-11-21 14:24 2020-07-9 Show GitHub Exploit DB Packet Storm
199387 7.2 HIGH
Network 		paloaltonetworks pan-os An OS Command Injection vulnerability in the PAN-OS management interface that allows authenticated administrators to execute arbitrary OS commands with root privileges. This issue impacts PAN-OS 8.1 … CWE-78
OS Command  		CVE-2020-2030 2024-11-21 14:24 2020-07-9 Show GitHub Exploit DB Packet Storm
199388 5.4 MEDIUM
Network 		jenkins link_column Jenkins Link Column Plugin 1.0 and earlier does not filter URLs of links created by users with View/Configure permission, resulting in a stored cross-site scripting vulnerability. CWE-79
Cross-site Scripting 		CVE-2020-2219 2024-11-21 14:24 2020-07-3 Show GitHub Exploit DB Packet Storm
199389 3.3 LOW
Local 		hp_application_lifecycle_management_quality_center_project hp_application_lifecycle_management_quality_center Jenkins HP ALM Quality Center Plugin 1.6 and earlier stores a password unencrypted in its global configuration file on the Jenkins master where it can be viewed by users with access to the master fil… CWE-522
 Insufficiently Protected Credentials 		CVE-2020-2218 2024-11-21 14:24 2020-07-3 Show GitHub Exploit DB Packet Storm
199390 6.1 MEDIUM
Network 		praqma compatibility_action_storage Jenkins Compatibility Action Storage Plugin 1.0 and earlier does not escape the content coming from the MongoDB in the testConnection form validation endpoint, resulting in a reflected cross-site scr… CWE-79
Cross-site Scripting 		CVE-2020-2217 2024-11-21 14:24 2020-07-3 Show GitHub Exploit DB Packet Storm