Vulnerability Search Top

Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

Vulnerability Information Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":April 30, 2026, 6 p.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
227131	6	警告	taskfreak	-	TaskFreak! の index.php における SQL インジェクションの脆弱性	CWE-89 SQLインジェクション	CVE-2008-0270	2012-12-20 18:34	2008-01-15	Show	GitHub Exploit DB Packet Storm

227132	6.8	警告	wavelink media	-	TutorialCMS の activate.php における SQL インジェクションの脆弱性	CWE-89 SQLインジェクション	CVE-2008-0254	2012-12-20 18:34	2008-01-15	Show	GitHub Exploit DB Packet Storm

227133	5	警告	php webquest	-	PHP Webquest におけるデータベースの資格情報を取得される脆弱性	CWE-200 情報漏えい	CVE-2008-0249	2012-12-20 18:34	2008-01-11	Show	GitHub Exploit DB Packet Storm

227134	9.3	危険	streamaudio	-	StreamAudio ChainCast ProxyManager の ccpm_0237.dll におけるバッファオーバーフローの脆弱性	CWE-119 バッファエラー	CVE-2008-0248	2012-12-20 18:34	2008-01-11	Show	GitHub Exploit DB Packet Storm

227135	10	危険	uploadscript	-	UploadScript の admin.php における管理者の権限を取得される脆弱性	CWE-264 認可・権限・アクセス制御	CVE-2008-0246	2012-12-20 18:34	2008-01-11	Show	GitHub Exploit DB Packet Storm

227136	7.5	危険	uploadscript	-	UploadImage の admin.php における管理者の権限を取得される脆弱性	CWE-264 認可・権限・アクセス制御	CVE-2008-0245	2012-12-20 18:34	2008-01-11	Show	GitHub Exploit DB Packet Storm

227137	10	危険	SAP	-	SAP MaxDB における任意のコマンドを実行される脆弱性	CWE-20 不適切な入力確認	CVE-2008-0244	2012-12-20 18:34	2008-01-11	Show	GitHub Exploit DB Packet Storm

227138	5.8	警告	サン・マイクロシステムズ	-	Sun Java System Identity Manager の /idm/user/login.jsp におけるオープンリダイレクトの脆弱性	CWE-20 不適切な入力確認	CVE-2008-0241	2012-12-20 18:34	2008-01-9	Show	GitHub Exploit DB Packet Storm

227139	4.3	警告	サン・マイクロシステムズ	-	Sun Java System Identity Manager の /idm/help/index.jsp におけるフィッシング攻撃を実行される脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2008-0240	2012-12-20 18:34	2008-01-9	Show	GitHub Exploit DB Packet Storm

227140	4.3	警告	サン・マイクロシステムズ	-	Sun Java System Identity Manager におけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2008-0239	2012-12-20 18:34	2008-01-9	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:April 30, 2026, 4:58 a.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
197911	5.3	MEDIUM Network	atlassian	jira jira_software_data_center jira_server	Affected versions of Atlassian Jira Server and Data Center allow unauthenticated remote attackers to view custom field and custom SLA names via an Information Disclosure vulnerability in the mobile s…	NVD-CWE-noinfo	CVE-2020-36235	2024-11-21 14:29	2021-02-15	Show	GitHub Exploit DB Packet Storm

197912	4.8	MEDIUM Network	atlassian	jira data_center jira_server jira_data_center	Affected versions of Atlassian Jira Server and Data Center allow remote attackers to inject arbitrary HTML or JavaScript via a Cross-Site Scripting (XSS) vulnerability in the Screens Modal view. The …	CWE-79 Cross-site Scripting	CVE-2020-36234	2024-11-21 14:29	2021-02-15	Show	GitHub Exploit DB Packet Storm

197913	9.8	CRITICAL Network	genivi debian	diagnostic_log_and_trace debian_linux	The daemon in GENIVI diagnostic log and trace (DLT), is vulnerable to a heap-based buffer overflow that could allow an attacker to remotely execute arbitrary code on the DLT-Daemon (versions prior to…	CWE-787 Out-of-bounds Write	CVE-2020-36244	2024-11-21 14:29	2021-02-10	Show	GitHub Exploit DB Packet Storm

197914	8.8	HIGH Network	open-emr	openemr	The Patient Portal of OpenEMR 5.0.2.1 is affected by a Command Injection vulnerability in /interface/main/backup.php. To exploit the vulnerability, an authenticated attacker can send a POST request t…	CWE-78 OS Command	CVE-2020-36243	2024-11-21 14:29	2021-02-8	Show	GitHub Exploit DB Packet Storm

197915	9.1	CRITICAL Network	cryptography.io fedoraproject oracle	cryptography fedora communications_cloud_native_core_network_function_cloud_native_environment	In the cryptography package before 3.3.2 for Python, certain sequences of update calls to symmetrically encrypt multi-GB values could result in an integer overflow and buffer overflow, as demonstrate…	CWE-787 CWE-190 Out-of-bounds Write Integer Overflow or Wraparound	CVE-2020-36242	2024-11-21 14:29	2021-02-8	Show	GitHub Exploit DB Packet Storm

197916	5.5	MEDIUM Local	gnome fedoraproject	gnome-autoar fedora	autoar-extractor.c in GNOME gnome-autoar through 0.2.4, as used by GNOME Shell, Nautilus, and other software, allows Directory Traversal during extraction because it lacks a check of whether a file's…	CWE-22 CWE-59 Path Traversal Link Following	CVE-2020-36241	2024-11-21 14:29	2021-02-5	Show	GitHub Exploit DB Packet Storm

197917	4.3	MEDIUM Network	atlassian	jira jira_software_data_center jira_server jira_data_center	Affected versions of Atlassian Jira Server and Data Center allow remote attackers to view the metadata of boards they should not have access to via an Insecure Direct Object References (IDOR) vulnera…	CWE-639 Authorization Bypass Through User-Controlled Key	CVE-2020-36231	2024-11-21 14:29	2021-02-2	Show	GitHub Exploit DB Packet Storm

197918	7.5	HIGH Network	openldap debian apple apache	openldap debian_linux mac_os_x macos bookkeeper	A flaw was discovered in OpenLDAP before 2.4.57 leading in an assertion failure in slapd in the X.509 DN parsing in decode.c ber_next_element, resulting in denial of service.	CWE-617 Reachable Assertion	CVE-2020-36230	2024-11-21 14:29	2021-01-27	Show	GitHub Exploit DB Packet Storm

197919	7.5	HIGH Network	openldap debian apple	openldap debian_linux mac_os_x macos	A flaw was discovered in ldap_X509dn2bv in OpenLDAP before 2.4.57 leading to a slapd crash in the X.509 DN parsing in ad_keystring, resulting in denial of service.	CWE-843 Type Confusion	CVE-2020-36229	2024-11-21 14:29	2021-01-27	Show	GitHub Exploit DB Packet Storm

197920	7.5	HIGH Network	openldap debian apple	openldap debian_linux macos	An integer underflow was discovered in OpenLDAP before 2.4.57 leading to a slapd crash in the Certificate List Exact Assertion processing, resulting in denial of service.	CWE-191 Integer Underflow (Wrap or Wraparound)	CVE-2020-36228	2024-11-21 14:29	2021-01-27	Show	GitHub Exploit DB Packet Storm