Vulnerability Search Top

Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

Vulnerability Information Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":May 9, 2026, 4 p.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
227291	6.8	警告	yourownbux	-	YourOwnBux の memberstats.php における SQL インジェクションの脆弱性	CWE-89 SQLインジェクション	CVE-2008-4093	2012-12-20 18:52	2008-09-15	Show	GitHub Exploit DB Packet Storm

227292	6.8	警告	source workshop	-	Web Directory Script の index.php における SQL インジェクションの脆弱性	CWE-89 SQLインジェクション	CVE-2008-4091	2012-12-20 18:52	2008-09-15	Show	GitHub Exploit DB Packet Storm

227293	7.5	危険	source workshop	-	Reciprocal Links Manager の index.php における SQL インジェクションの脆弱性	CWE-89 SQLインジェクション	CVE-2008-4086	2012-12-20 18:52	2008-09-15	Show	GitHub Exploit DB Packet Storm

227294	4.4	警告	stephenjungels	-	Plait の plaiter における任意のファイルを上書きされる脆弱性	CWE-59 リンク解釈の問題	CVE-2008-4085	2012-12-20 18:52	2008-09-15	Show	GitHub Exploit DB Packet Storm

227295	7.5	危険	stash	-	Stash の admin/login.php における認証を回避される脆弱性	CWE-287 不適切な認証	CVE-2008-4081	2012-12-20 18:52	2008-09-15	Show	GitHub Exploit DB Packet Storm

227296	6.8	警告	stash	-	Stash における SQL インジェクションの脆弱性	CWE-89 SQLインジェクション	CVE-2008-4080	2012-12-20 18:52	2008-09-15	Show	GitHub Exploit DB Packet Storm

227297	7.5	危険	zanfi solutions	-	Zanfi Autodealers CMS AutOnline の index.php における SQL インジェクションの脆弱性	CWE-89 SQLインジェクション	CVE-2008-4074	2012-12-20 18:52	2008-09-15	Show	GitHub Exploit DB Packet Storm

227298	7.5	危険	zanfi solutions	-	Zanfi Autodealers CMS AutOnline の index.php における SQL インジェクションの脆弱性	CWE-89 SQLインジェクション	CVE-2008-4073	2012-12-20 18:52	2008-09-15	Show	GitHub Exploit DB Packet Storm

227299	7.5	危険	phsdev	-	phsBlog の index.php における SQL インジェクションの脆弱性	CWE-89 SQLインジェクション	CVE-2008-4072	2012-12-20 18:52	2008-09-15	Show	GitHub Exploit DB Packet Storm

227300	7.5	危険	texmedia	-	Million Pixel Script の tops_top.php における SQL インジェクションの脆弱性	CWE-89 SQLインジェクション	CVE-2008-4055	2012-12-20 18:52	2008-09-11	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:May 9, 2026, 5:07 a.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
210151	7.3	HIGH Local	beckhoff	twincat_extended_automation_runtime	The default installation path of the TwinCAT XAR 3.1 software in all versions is underneath C:\TwinCAT. If the directory does not exist it and further subdirectories are created with permissions whic…	CWE-276 Incorrect Default Permissions	CVE-2020-12510	2024-11-21 13:59	2020-11-20	Show	GitHub Exploit DB Packet Storm

210152	6.5	MEDIUM Network	endress	rsg35_firmware rsg45_firmware orsg35_firmware orsg45_firmware	Endress+Hauser Ecograph T (Neutral/Private Label) (RSG35, ORSG35) and Memograph M (Neutral/Private Label) (RSG45, ORSG45) with Firmware version V2.0.0 and above is prone to exposure of sensitive info…	CWE-200 Information Exposure	CVE-2020-12496	2024-11-21 13:59	2020-11-20	Show	GitHub Exploit DB Packet Storm

210153	8.8	HIGH Network	endress	rsg35_firmware rsg45_firmware orsg35_firmware orsg45_firmware	Endress+Hauser Ecograph T (Neutral/Private Label) (RSG35, ORSG35) with Firmware version prior to V2.0.0 is prone to improper privilege management. The affected device has a web-based user interface w…	CWE-269 Improper Privilege Management	CVE-2020-12495	2024-11-21 13:59	2020-11-20	Show	GitHub Exploit DB Packet Storm

210154	7.5	HIGH Network	symantec	endpoint_detection_and_response	Symantec Endpoint Detection & Response, prior to 4.5, may be susceptible to an information disclosure issue, which is a type of vulnerability that could potentially allow unauthorized access to data.	NVD-CWE-noinfo	CVE-2020-12593	2024-11-21 13:59	2020-11-19	Show	GitHub Exploit DB Packet Storm

210155	9.8	CRITICAL Network	intel	open_webrtc_toolkit	Insufficient control flow management in the Open WebRTC Toolkit before version 4.3.1 may allow an unauthenticated user to potentially enable escalation of privilege via network access.	NVD-CWE-Other	CVE-2020-12338	2024-11-21 13:59	2020-11-14	Show	GitHub Exploit DB Packet Storm

210156	8.8	HIGH Adjacent	intel	proset\/wireless_wifi	Insufficient control flow management in some Intel(R) PROSet/Wireless WiFi products before version 21.110 may allow an unauthenticated user to potentially enable escalation of privilege via adjacent …	NVD-CWE-noinfo	CVE-2020-12313	2024-11-21 13:59	2020-11-14	Show	GitHub Exploit DB Packet Storm

210157	6.5	MEDIUM Network	intel	data_center_manager	Improper permissions in the Intel(R) Data Center Manager Console before version 3.6.2 may allow an authenticated user to potentially enable denial of service via network access.	CWE-281 Improper Preservation of Permissions	CVE-2020-12353	2024-11-21 13:59	2020-11-13	Show	GitHub Exploit DB Packet Storm

210158	7.8	HIGH Local	intel	extreme_tuning_utility	Improper access control in the Intel(R) XTU before version 6.5.1.360 may allow an authenticated user to potentially enable escalation of privilege via local access.	NVD-CWE-noinfo	CVE-2020-12350	2024-11-21 13:59	2020-11-13	Show	GitHub Exploit DB Packet Storm

210159	6.5	MEDIUM Network	intel	data_center_manager	Improper input validation in the Intel(R) Data Center Manager Console before version 3.6.2 may allow an authenticated user to potentially enable information disclosure via network access.	CWE-20 Improper Input Validation	CVE-2020-12349	2024-11-21 13:59	2020-11-13	Show	GitHub Exploit DB Packet Storm

210160	8.8	HIGH Network	intel	data_center_manager	Improper input validation in the Intel(R) Data Center Manager Console before version 3.6.2 may allow an authenticated user to potentially enable escalation of privilege via network access.	CWE-20 Improper Input Validation	CVE-2020-12347	2024-11-21 13:59	2020-11-13	Show	GitHub Exploit DB Packet Storm