Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":May 9, 2026, 2 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
227251 7.8 危険 powerportal - PowerPortal におけるディレクトリトラバーサルの脆弱性 CWE-22
パス・トラバーサル 		CVE-2008-4361 2012-12-20 18:52 2008-09-30 Show GitHub Exploit DB Packet Storm
227252 10 危険 spaw editor - SPAW Editor PHP Edtion の class/theme.class.php における脆弱性 CWE-20
不適切な入力確認 		CVE-2008-4358 2012-12-20 18:52 2008-09-30 Show GitHub Exploit DB Packet Storm
227253 7.5 危険 Powie - Powie pLink の linkto.php における SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2008-4357 2012-12-20 18:52 2008-09-30 Show GitHub Exploit DB Packet Storm
227254 7.5 危険 Powie - Powie PSCRIPT Forum の showprofil.php における SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2008-4355 2012-12-20 18:52 2008-09-30 Show GitHub Exploit DB Packet Storm
227255 7.5 危険 phpsmartcom - phpSmartCom の inc/pages/viewprofile.php における SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2008-4352 2012-12-20 18:52 2008-09-30 Show GitHub Exploit DB Packet Storm
227256 7.5 危険 phpsmartcom - phpSmartCom の index.php におけるディレクトリトラバーサルの脆弱性 CWE-22
パス・トラバーサル 		CVE-2008-4351 2012-12-20 18:52 2008-09-30 Show GitHub Exploit DB Packet Storm
227257 7.5 危険 vblogix - vbLOGIX Tutorial Script の main.php における SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2008-4350 2012-12-20 18:52 2008-09-30 Show GitHub Exploit DB Packet Storm
227258 4.3 警告 s0nic - s0nic Paranews の news.php におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2008-4349 2012-12-20 18:52 2008-09-30 Show GitHub Exploit DB Packet Storm
227259 7.5 危険 Powie - Powie pNews の newskom.php における SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2008-4347 2012-12-20 18:52 2008-09-30 Show GitHub Exploit DB Packet Storm
227260 7.5 危険 talkback - TalkBack におけるディレクトリトラバーサルの脆弱性 CWE-22
パス・トラバーサル 		CVE-2008-4346 2012-12-20 18:52 2008-09-30 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:May 9, 2026, 5:07 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
196761 7.5 HIGH
Network 		dovecot
fedoraproject 		dovecot
fedora 		lib-smtp in submission-login and lmtp in Dovecot 2.3.9 before 2.3.9.3 mishandles truncated UTF-8 data in command parameters, as demonstrated by the unauthenticated triggering of a submission-login in… CWE-835
 Loop with Unreachable Exit Condition ('Infinite Loop') 		CVE-2020-7046 2024-11-21 14:36 2020-02-13 Show GitHub Exploit DB Packet Storm
196762 7.5 HIGH
Network 		opensuse wicked An ni_dhcp4_fsm_process_dhcp4_packet memory leak in openSUSE wicked 0.6.55 and earlier allows network attackers to cause a denial of service by sending DHCP4 packets with a different client-id. CWE-401
 Missing Release of Memory after Effective Lifetime 		CVE-2020-7217 2024-11-21 14:36 2020-02-11 Show GitHub Exploit DB Packet Storm
196763 9.1 CRITICAL
Network 		php
tenable
oracle
opensuse
debian 		php
tenable.sc
communications_diameter_signaling_router
leap
debian_linux 		When using certain mbstring functions to convert multibyte encodings, in PHP versions 7.2.x below 7.2.27, 7.3.x below 7.3.14 and 7.4.x below 7.4.2 it is possible to supply data that will cause functi… CWE-125
Out-of-bounds Read 		CVE-2020-7060 2024-11-21 14:36 2020-02-10 Show GitHub Exploit DB Packet Storm
196764 9.1 CRITICAL
Network 		php
tenable
oracle
opensuse
debian 		php
tenable.sc
communications_diameter_signaling_router
leap
debian_linux 		When using fgetss() function to read data with stripping tags, in PHP versions 7.2.x below 7.2.27, 7.3.x below 7.3.14 and 7.4.x below 7.4.2 it is possible to supply data that will cause this function… CWE-125
Out-of-bounds Read 		CVE-2020-7059 2024-11-21 14:36 2020-02-10 Show GitHub Exploit DB Packet Storm
196765 9.8 CRITICAL
Network 		bosch bosch_video_management_system_mobile_video_service
divar_ip_3000_firmware
divar_ip_7000_firmware 		Deserialization of Untrusted Data in the BVMS Mobile Video Service (BVMS MVS) allows an unauthenticated remote attacker to execute arbitrary code on the system. This affects Bosch BVMS versions 10.0 … CWE-502
 Deserialization of Untrusted Data 		CVE-2020-6770 2024-11-21 14:36 2020-02-8 Show GitHub Exploit DB Packet Storm
196766 7.5 HIGH
Network 		bosch video_management_system_viewer
video_management_system 		A path traversal vulnerability in the Bosch Video Management System (BVMS) NoTouch deployment allows an unauthenticated remote attacker to read arbitrary files from the Central Server. This affects B… CWE-22
Path Traversal 		CVE-2020-6768 2024-11-21 14:36 2020-02-8 Show GitHub Exploit DB Packet Storm
196767 9.1 CRITICAL
Network 		bosch video_streaming_gateway
divar_ip_2000_firmware
divar_ip_5000_firmware 		Missing Authentication for Critical Function in the Bosch Video Streaming Gateway (VSG) allows an unauthenticated remote attacker to retrieve and set arbitrary configuration data of the Video Streami… CWE-306
Missing Authentication for Critical Function 		CVE-2020-6769 2024-11-21 14:36 2020-02-8 Show GitHub Exploit DB Packet Storm
196768 9.8 CRITICAL
Network 		schmid-telecom zi_620_v400_firmware Schmid ZI 620 V400 VPN 090 routers allow an attacker to execute OS commands as root via shell metacharacters to an entry on the SSH subcommand menu, as demonstrated by ping. CWE-78
OS Command  		CVE-2020-6760 2024-11-21 14:36 2020-02-7 Show GitHub Exploit DB Packet Storm
196769 6.5 MEDIUM
Network 		sos-berlin jobscheduler An XML External Entity (XEE) vulnerability exists in the JOC Cockpit component of SOS JobScheduler 1.12 and 1.13.2 allows attackers to read files from the server via an entity declaration in any of t… CWE-776
XML Entity Expansion 		CVE-2020-6856 2024-11-21 14:36 2020-02-7 Show GitHub Exploit DB Packet Storm
196770 6.5 MEDIUM
Network 		sos-berlin jobscheduler A large or infinite loop vulnerability in the JOC Cockpit component of SOS JobScheduler 1.11 and 1.13.2 allows attackers to parameterize housekeeping jobs in a way that exhausts system resources and … CWE-835
 Loop with Unreachable Exit Condition ('Infinite Loop') 		CVE-2020-6855 2024-11-21 14:36 2020-02-7 Show GitHub Exploit DB Packet Storm