Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":May 5, 2026, noon

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
227171 10 危険 サン・マイクロシステムズ - SPARC Enterprise T5120 および T5220 サーバの特定の間違った Sun Solaris イメージにおける権限を取得される脆弱性 CWE-264
認可・権限・アクセス制御 		CVE-2008-1369 2012-12-20 18:52 2008-03-18 Show GitHub Exploit DB Packet Storm
227172 5 警告 トレンドマイクロ - Trend Micro OfficeScan Corporate Edition におけるサービス運用妨害 (DoS) の脆弱性 CWE-20
不適切な入力確認 		CVE-2008-1366 2012-12-20 18:52 2008-03-17 Show GitHub Exploit DB Packet Storm
227173 6.4 警告 トレンドマイクロ - Trend Micro OfficeScan Corporate Edition におけるスタックベースのバッファオーバーフローの脆弱性 CWE-119
バッファエラー 		CVE-2008-1365 2012-12-20 18:34 2008-03-17 Show GitHub Exploit DB Packet Storm
227174 4.3 警告 Zabbix - ZABBIX の zabbix_agentd におけるサービス運用妨害 (DoS) の脆弱性 CWE-DesignError
CVE-2008-1353 2012-12-20 18:34 2008-03-17 Show GitHub Exploit DB Packet Storm
227175 4.9 警告 SCO - SCO UnixWare の pkgadd および pkgrm におけるディレクトリトラバーサルの脆弱性 CWE-22
パス・トラバーサル 		CVE-2008-1343 2012-12-20 18:34 2008-02-27 Show GitHub Exploit DB Packet Storm
227176 4.3 警告 polymita technologies - Polymita BPM-Suite などの search 機能におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2008-1342 2012-12-20 18:34 2008-03-17 Show GitHub Exploit DB Packet Storm
227177 6.8 警告 woltlab - wBB の index.php におけるクロスサイトリクエストフォージェリの脆弱性 CWE-352
同一生成元ポリシー違反 		CVE-2008-1323 2012-12-20 18:34 2008-03-13 Show GitHub Exploit DB Packet Storm
227178 9.3 危険 versant - Borland CaliberRM などで使用される Versant Object Database における任意のコマンドを実行される脆弱性 CWE-DesignError
CVE-2008-1319 2012-12-20 18:34 2008-03-13 Show GitHub Exploit DB Packet Storm
227179 6.8 警告 qt-cute - QT-cute QuickTalk フォーラムの qtf_ind_search_ov.php における SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2008-1316 2012-12-20 18:34 2008-03-13 Show GitHub Exploit DB Packet Storm
227180 7.5 危険 PHPNUKE - PHP-Nuke 用の ZClassifieds モジュールにおける SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2008-1315 2012-12-20 18:34 2008-03-13 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:May 5, 2026, 4:51 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
196991 7.5 HIGH
Network 		cesnet perun In Perun before version 3.9.1, VO or group manager can modify configuration of the LDAP extSource to retrieve all from Perun LDAP. Issue is fixed in version 3.9.1 by sanitisation of the input. CWE-732
 Incorrect Permission Assignment for Critical Resource 		CVE-2020-5281 2024-11-21 14:33 2020-03-26 Show GitHub Exploit DB Packet Storm
196992 7.5 HIGH
Network 		typelevel http4s http4s before versions 0.18.26, 0.20.20, and 0.21.2 has a local file inclusion vulnerability. This vulnerability applies to all users of org.http4s.server.staticcontent.FileService, org.http4s.server… CWE-22
Path Traversal 		CVE-2020-5280 2024-11-21 14:33 2020-03-26 Show GitHub Exploit DB Packet Storm
196993 6.8 MEDIUM
Network 		sustainsys saml2 Saml2 Authentication services for ASP.NET (NuGet package Sustainsys.Saml2) greater than 2.0.0, and less than version 2.5.0 has a faulty implementation of Token Replay Detection. Token Replay Detectio… CWE-294
Authentication Bypass by Capture-replay  		CVE-2020-5261 2024-11-21 14:33 2020-03-25 Show GitHub Exploit DB Packet Storm
196994 4.1 MEDIUM
Local 		pyup safety The command-line "safety" package for Python has a potential security issue. There are two Python characteristics that allow malicious code to “poison-pill” command-line Safety package detection rout… NVD-CWE-noinfo
CVE-2020-5252 2024-11-21 14:33 2020-03-24 Show GitHub Exploit DB Packet Storm
196995 4.8 MEDIUM
Network 		rubyonrails
debian
fedoraproject
opensuse 		actionview
debian_linux
fedora
leap 		In ActionView before versions 6.0.2.2 and 5.2.4.2, there is a possible XSS vulnerability in ActionView's JavaScript literal escape helpers. Views that use the `j` or `escape_javascript` methods may b… - CVE-2020-5267 2024-11-21 14:33 2020-03-20 Show GitHub Exploit DB Packet Storm
196996 5.5 MEDIUM
Local 		easybuild_project easybuild In EasyBuild before version 4.1.2, the GitHub Personal Access Token (PAT) used by EasyBuild for the GitHub integration features (like `--new-pr`, `--fro,-pr`, etc.) is shown in plain text in EasyBuil… CWE-922
 Insecure Storage of Sensitive Information 		CVE-2020-5262 2024-11-21 14:33 2020-03-20 Show GitHub Exploit DB Packet Storm
196997 8.5 HIGH
Network 		labdigital wagtail-2fa In wagtail-2fa before 1.4.1, any user with access to the CMS can view and delete other users 2FA devices by going to the correct path. The user does not require special permissions in order to do so.… CWE-863
 Incorrect Authorization 		CVE-2020-5240 2024-11-21 14:33 2020-03-14 Show GitHub Exploit DB Packet Storm
196998 8.1 HIGH
Network 		thoughtbot administrate In Administrate (rubygem) before version 0.13.0, when sorting by attributes on a dashboard, the direction parameter was not validated before being interpolated into the SQL query. This could present … CWE-89
SQL Injection 		CVE-2020-5257 2024-11-21 14:33 2020-03-14 Show GitHub Exploit DB Packet Storm
196999 9.8 CRITICAL
Network 		fatfreeframework fat-free_framework In Fat-Free Framework 3.7.1, attackers can achieve arbitrary code execution if developers choose to pass user controlled input (e.g., $_REQUEST, $_GET, or $_POST) to the framework's Clear method. CWE-94
CWE-20
Code Injection
 Improper Input Validation  		CVE-2020-5203 2024-11-21 14:33 2020-03-11 Show GitHub Exploit DB Packet Storm
197000 8.6 HIGH
Network 		linuxfoundation dojox In affected versions of dojox (NPM package), the jqMix method is vulnerable to Prototype Pollution. Prototype Pollution refers to the ability to inject properties into existing JavaScript language co… CWE-74
Injection 		CVE-2020-5259 2024-11-21 14:33 2020-03-11 Show GitHub Exploit DB Packet Storm