Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":May 14, 2026, 6:01 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
227351 6.5 警告 zeeways - Zeeways ZEEJOBSITE の editresume_next.php における任意のコードを実行される脆弱性 CWE-20
不適切な入力確認 		CVE-2008-6913 2012-12-20 19:10 2009-08-7 Show GitHub Exploit DB Packet Storm
227352 7.5 危険 zeeways - Zeeways SHAADICLONE における認証を回避される脆弱性 CWE-287
不適切な認証 		CVE-2008-6912 2012-12-20 19:10 2009-08-7 Show GitHub Exploit DB Packet Storm
227353 10 危険 ソフォス - Linux 用の Sophos SAVScan におけるサービス運用妨害 (DoS) の脆弱性 CWE-noinfo
情報不足 		CVE-2008-6904 2012-12-20 19:10 2009-08-5 Show GitHub Exploit DB Packet Storm
227354 4.3 警告 ソフォス - Sophos Anti-Virus などにおけるサービス運用妨害 (DoS) の脆弱性 CWE-399
リソース管理の問題 		CVE-2008-6903 2012-12-20 19:10 2009-08-5 Show GitHub Exploit DB Packet Storm
227355 9.3 危険 SaschArt - SaschArt SasCam Webcam Server 用の ActiveX コントロールにおけるバッファオーバーフローの脆弱性 CWE-119
バッファエラー 		CVE-2008-6898 2012-12-20 19:10 2009-08-5 Show GitHub Exploit DB Packet Storm
227356 4.3 警告 PreProject.com - Pre Classified Listings の signup.asp におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2008-6888 2012-12-20 19:10 2009-08-3 Show GitHub Exploit DB Packet Storm
227357 7.5 危険 PreProject.com - Pre Classified Listings の detailad.asp における SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2008-6887 2012-12-20 19:10 2009-08-3 Show GitHub Exploit DB Packet Storm
227358 5 警告 RSAセキュリティ - RSA EnVision における管理者のパスワードハッシュを取得される脆弱性 CWE-264
認可・権限・アクセス制御 		CVE-2008-6886 2012-12-20 19:10 2009-08-3 Show GitHub Exploit DB Packet Storm
227359 7.5 危険 scripts-for-sites - SFS EZ Career の content.php における SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2008-6867 2012-12-20 19:10 2009-07-14 Show GitHub Exploit DB Packet Storm
227360 7.5 危険 PHPNUKE - PHP-Nuke 用の Current_Issue モジュールにおける SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2008-6866 2012-12-20 19:10 2009-07-14 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:May 14, 2026, 4 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
201571 5.5 MEDIUM
Local 		google android An issue was discovered on Samsung mobile devices with O(8.x), P(9.0), and Q(10.0) software. Any application may establish itself as the default dialer, without user interaction. The Samsung ID is SV… NVD-CWE-noinfo
CVE-2020-35549 2024-11-21 14:27 2020-12-18 Show GitHub Exploit DB Packet Storm
201572 5.5 MEDIUM
Local 		google android An issue was discovered in Finder on Samsung mobile devices with Q(10.0) software. A call to a non-existent provider allows attackers to cause a denial of service. The Samsung ID is SVE-2020-18629 (D… NVD-CWE-noinfo
CVE-2020-35548 2024-11-21 14:27 2020-12-18 Show GitHub Exploit DB Packet Storm
201573 5.3 MEDIUM
Network 		mediawiki
debian
fedoraproject 		mediawiki
debian_linux
fedora 		An issue was discovered in MediaWiki before 1.35.1. Missing users (accounts that don't exist) and hidden users (accounts that have been explicitly hidden due to being abusive, or similar) that the vi… CWE-203
 Information Exposure Through Discrepancy 		CVE-2020-35480 2024-11-21 14:27 2020-12-18 Show GitHub Exploit DB Packet Storm
201574 6.1 MEDIUM
Network 		mediawiki
debian
fedoraproject 		mediawiki
debian_linux
fedora 		MediaWiki before 1.35.1 allows XSS via BlockLogFormatter.php. Language::translateBlockExpiry itself does not escape in all code paths. For example, the return of Language::userTimeAndDate is is alway… CWE-79
Cross-site Scripting 		CVE-2020-35479 2024-11-21 14:27 2020-12-18 Show GitHub Exploit DB Packet Storm
201575 6.1 MEDIUM
Network 		mediawiki
fedoraproject 		mediawiki
fedora 		MediaWiki before 1.35.1 allows XSS via BlockLogFormatter.php. MediaWiki:blanknamespace potentially can be output as raw HTML with SCRIPT tags via LogFormatter::makePageLink(). This affects MediaWiki … CWE-79
Cross-site Scripting 		CVE-2020-35478 2024-11-21 14:27 2020-12-18 Show GitHub Exploit DB Packet Storm
201576 5.3 MEDIUM
Network 		mediawiki
debian
fedoraproject 		mediawiki
debian_linux
fedora 		MediaWiki before 1.35.1 blocks legitimate attempts to hide log entries in some situations. If one sets MediaWiki:Mainpage to Special:MyLanguage/Main Page, visits a log entry on Special:Log, and toggl… CWE-670
 Always-Incorrect Control Flow Implementation 		CVE-2020-35477 2024-11-21 14:27 2020-12-18 Show GitHub Exploit DB Packet Storm
201577 7.5 HIGH
Network 		mediawiki
debian
fedoraproject 		mediawiki
debian_linux
fedora 		In MediaWiki before 1.35.1, the messages userrights-expiry-current and userrights-expiry-none can contain raw HTML. XSS can happen when a user visits Special:UserRights but does not have rights to ch… CWE-79
Cross-site Scripting 		CVE-2020-35475 2024-11-21 14:27 2020-12-18 Show GitHub Exploit DB Packet Storm
201578 6.1 MEDIUM
Network 		mediawiki
fedoraproject 		mediawiki
fedora 		In MediaWiki before 1.35.1, the combination of Html::rawElement and Message::text leads to XSS because the definition of MediaWiki:recentchanges-legend-watchlistexpiry can be changed onwiki so that t… CWE-79
Cross-site Scripting 		CVE-2020-35474 2024-11-21 14:27 2020-12-18 Show GitHub Exploit DB Packet Storm
201579 9.8 CRITICAL
Network 		spotweb_project spotweb Time-based SQL injection exists in Spotweb 1.4.9 via the query string. CWE-89
SQL Injection 		CVE-2020-35545 2024-11-21 14:27 2020-12-18 Show GitHub Exploit DB Packet Storm
201580 8.1 HIGH
Network 		fasterxml
netapp
debian
oracle 		jackson-databind
service_level_manager
debian_linux
webcenter_portal
application_testing_suite
banking_platform
agile_plm
sd-wan_edge
communications_services_gatekeeper
ret… 		FasterXML jackson-databind 2.x before 2.9.10.8 mishandles the interaction between serialization gadgets and typing, related to org.apache.commons.dbcp2.datasources.SharedPoolDataSource. CWE-502
 Deserialization of Untrusted Data 		CVE-2020-35491 2024-11-21 14:27 2020-12-18 Show GitHub Exploit DB Packet Storm