Vulnerability Search Top

Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

Vulnerability Information Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":May 2, 2026, 6 p.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
227211	4.3	警告	torrenttrader	-	TorrentTrader Classic の account-inbox.php におけるクロスサイトリクエストフォージェリの脆弱性	CWE-352 同一生成元ポリシー違反	CVE-2008-1172	2012-12-20 18:34	2008-03-5	Show	GitHub Exploit DB Packet Storm

227212	7.8	危険	simm-comm	-	SCI Photo Chat Server の組み込まれた HTTP サーバにおけるディレクトリトラバーサルの脆弱性	CWE-22 パス・トラバーサル	CVE-2008-1169	2012-12-20 18:34	2008-03-5	Show	GitHub Exploit DB Packet Storm

227213	4.3	警告	sarg	-	Sarg におけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2008-1168	2012-12-20 18:34	2008-03-5	Show	GitHub Exploit DB Packet Storm

227214	10	危険	sarg	-	Sarg の useragent.c におけるスタックベースのバッファオーバーフローの脆弱性	CWE-119 バッファエラー	CVE-2008-1167	2012-12-20 18:34	2008-03-5	Show	GitHub Exploit DB Packet Storm

227215	7.5	危険	phpComasy	-	phpComasy の index.php における SQL インジェクションの脆弱性	CWE-89 SQLインジェクション	CVE-2008-1164	2012-12-20 18:34	2008-03-5	Show	GitHub Exploit DB Packet Storm

227216	7.5	危険	phparcadescript	-	phpArcadeScript の index.php における SQL インジェクションの脆弱性	CWE-89 SQLインジェクション	CVE-2008-1163	2012-12-20 18:34	2008-03-5	Show	GitHub Exploit DB Packet Storm

227217	7.5	危険	ZyXEL	-	ZyXEL ZyWALL における権限を取得される脆弱性	CWE-DesignError	CVE-2008-1160	2012-12-20 18:34	2008-03-24	Show	GitHub Exploit DB Packet Storm

227218	5.1	警告	The phpMyAdmin Project	-	phpMyAdmin における SQL インジェクションおよびクロスサイトリクエストフォージェリ攻撃を実行される脆弱性	CWE-352 CWE-89	CVE-2008-1149	2012-12-20 18:34	2008-03-3	Show	GitHub Exploit DB Packet Storm

227219	9.3	危険	synce	-	SynCE-dccm の vdccm の src/utils.cpp における任意のコマンドを実行される脆弱性	CWE-20 CWE-94	CVE-2008-1136	2012-12-20 18:34	2008-03-4	Show	GitHub Exploit DB Packet Storm

227220	4.3	警告	xrms crm	-	XRMS CRM の admin/users/self.php におけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2008-1129	2012-12-20 18:34	2008-03-3	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:May 2, 2026, 4:08 a.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
211261	7.8	HIGH Local	microsoft	windows_server_2008 windows_server_2012 windows_10 windows_8.1 windows_server_2016 windows_7 windows_rt_8.1 windows_server_2019	An elevation of privilege vulnerability exists in the way that the Windows Search Indexer handles objects in memory, aka 'Windows Search Indexer Elevation of Privilege Vulnerability'. This CVE ID is …	NVD-CWE-noinfo	CVE-2020-0625	2024-11-21 13:53	2020-01-15	Show	GitHub Exploit DB Packet Storm

211262	7.8	HIGH Local	microsoft	windows_server_2012 windows_10 windows_8.1 windows_server_2016 windows_7 windows_rt_8.1 windows_server_2019	An elevation of privilege vulnerability exists in the way that the Windows Search Indexer handles objects in memory, aka 'Windows Search Indexer Elevation of Privilege Vulnerability'. This CVE ID is …	NVD-CWE-noinfo	CVE-2020-0623	2024-11-21 13:53	2020-01-15	Show	GitHub Exploit DB Packet Storm

211263	8.8	HIGH Network	3cx debian	phone_system_firmware debian_linux	PhoneSystem Terminal in 3CX Phone System (Debian based installation) 16.0.0.1570 allows an authenticated attacker to run arbitrary commands with the phonesystem user privileges because of "<space><sp…	CWE-77 Command Injection	CVE-2019-9972	2024-11-21 13:52	2022-06-8	Show	GitHub Exploit DB Packet Storm

211264	8.8	HIGH Network	3cx debian	phone_system_firmware debian_linux	PhoneSystem Terminal in 3CX Phone System (Debian based installation) 16.0.0.1570 allows an attacker to gain root privileges by using sudo with the tcpdump command, without a password. This occurs bec…	CWE-269 Improper Privilege Management	CVE-2019-9971	2024-11-21 13:52	2022-06-8	Show	GitHub Exploit DB Packet Storm

211265	7.8	HIGH Local	google	android	In deletePackageVersionedInternal of PackageManagerService.java, there is a possible way to exit Screen Pinning due to a permissions bypass. This could lead to local escalation of privilege with no a…	NVD-CWE-noinfo	CVE-2020-0025	2024-11-21 13:52	2021-03-11	Show	GitHub Exploit DB Packet Storm

211266	5.5	MEDIUM Local	google	android	In the Broadcom Nexus firmware, there is an insecure default password. This could lead to local information disclosure in the kernel with no additional execution privileges needed. User interaction i…	CWE-1188 Insecure Default Initialization of Resource	CVE-2020-0019	2024-11-21 13:52	2020-12-15	Show	GitHub Exploit DB Packet Storm

211267	7.8	HIGH Local	google	android	In the Broadcom Nexus firmware, there is an insecure default password. This could lead to local escalation of privilege in the kernel with no additional execution privileges needed. User interaction …	CWE-798 Use of Hard-coded Credentials	CVE-2020-0016	2024-11-21 13:52	2020-12-15	Show	GitHub Exploit DB Packet Storm

211268	7.8	HIGH Local	google	android	In addWindow of WindowManagerService.java, there is a possible window overlay attack due to an insecure default value. This could lead to local escalation of privilege via tapjacking with no addition…	CWE-1188 Insecure Default Initialization of Resource	CVE-2020-0099	2024-11-21 13:52	2020-12-15	Show	GitHub Exploit DB Packet Storm

211269	7.8	HIGH Local	google	android	In the audio server, there is a missing permission check. This could lead to local escalation of privilege regarding audio settings with no additional execution privileges needed. User interaction is…	CWE-862 Missing Authorization	CVE-2020-0089	2024-11-21 13:52	2020-09-19	Show	GitHub Exploit DB Packet Storm

211270	7.8	HIGH Local	google	android	In screencap, there is a possible command injection due to improper input validation. This could lead to local escalation of privilege in a system process with User execution privileges needed. User …	CWE-20 CWE-77 Improper Input Validation Command Injection	CVE-2020-0130	2024-11-21 13:52	2020-09-18	Show	GitHub Exploit DB Packet Storm