Vulnerability Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":May 7, 2026, 6 p.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
227641	4.3	警告	xrms crm	-	XRMS CRM の admin/users/self.php におけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2008-1129	2012-12-20 18:34	2008-03-3	Show	GitHub Exploit DB Packet Storm

227642	6.8	警告	phpmytourney	-	phpMyTourney の tourney/index.php における PHP リモートファイルインクルージョンの脆弱性	CWE-94 コード・インジェクション	CVE-2008-1128	2012-12-20 18:34	2008-03-3	Show	GitHub Exploit DB Packet Storm

227643	5	警告	podcast generator	-	Podcast Generator におけるディレクトリトラバーサルの脆弱性	CWE-22 パス・トラバーサル	CVE-2008-1125	2012-12-20 18:34	2008-03-3	Show	GitHub Exploit DB Packet Storm

227644	6.8	警告	podcast generator	-	Podcast Generator における PHP リモートファイルインクルージョンの脆弱性	CWE-94 コード・インジェクション	CVE-2008-1124	2012-12-20 18:34	2008-03-3	Show	GitHub Exploit DB Packet Storm

227645	6.8	警告	sitebuilder	-	SiteBuilder Elite における PHP リモートファイルインクルージョンの脆弱性	CWE-94 コード・インジェクション	CVE-2008-1123	2012-12-20 18:34	2008-03-3	Show	GitHub Exploit DB Packet Storm

227646	9.3	危険	rising antivirus international	-	Rising Antivirus Online Scanner の Web Scan Object ActiveX コントロールにおける任意のコードを強制的にダウンロードされる脆弱性	CWE-DesignError	CVE-2008-1116	2012-12-20 18:34	2008-03-3	Show	GitHub Exploit DB Packet Storm

227647	7.8	危険	Vocera	-	Cisco Unified Wireless IP Phone 7921 におけるハッシュされたパスワードを盗まれる脆弱性	CWE-200 情報漏えい	CVE-2008-1113	2012-12-20 18:34	2008-03-3	Show	GitHub Exploit DB Packet Storm

227648	6.8	警告	Xine	-	xine-lib の xineplug_dmx_asf.so プラグインにおけるバッファオーバーフローの脆弱性	CWE-119 バッファエラー	CVE-2008-1110	2012-12-20 18:34	2008-02-29	Show	GitHub Exploit DB Packet Storm

227649	6.8	警告	quantum game library	-	Quantum Game Library における PHP リモートファイルインクルージョンの脆弱性	CWE-94 コード・インジェクション	CVE-2008-1069	2012-12-20 18:34	2008-02-28	Show	GitHub Exploit DB Packet Storm

227650	6.8	警告	portail web php	-	Portail Web Php における PHP リモートファイルインクルージョンの脆弱性	CWE-94 コード・インジェクション	CVE-2008-1068	2012-12-20 18:34	2008-02-28	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:May 7, 2026, 4:22 a.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
210131	9.8	CRITICAL Network	3xlogic	infinias_eidc32_firmware infinias_eidc32_web	3xLOGIC Infinias eIDC32 2.213 devices with Web 1.107 allow Authentication Bypass via CMD.HTM?CMD= because authentication depends on the client side's interpretation of the <KEY>MYKEY</KEY> substring.	CWE-287 CWE-319 Improper Authentication Cleartext Transmission of Sensitive Information	CVE-2020-11542	2024-11-21 13:58	2020-04-5	Show	GitHub Exploit DB Packet Storm

210132	5.5	MEDIUM Local	ivanti	workspace_control	Ivanti Workspace Control before 10.4.30.0, when SCCM integration is enabled, allows local users to obtain sensitive information (keying material).	NVD-CWE-noinfo	CVE-2020-11533	2024-11-21 13:58	2020-04-5	Show	GitHub Exploit DB Packet Storm

210133	6.1	MEDIUM Network	getgrav	grav	Common/Grav.php in Grav before 1.7 has an Open Redirect. This is partially fixed in 1.6.23 and still present in 1.6.x.	CWE-601 Open Redirect	CVE-2020-11529	2024-11-21 13:58	2020-04-5	Show	GitHub Exploit DB Packet Storm

210134	7.5	HIGH Network	bit2spr_project	bit2spr	bit2spr 1992-06-07 has a stack-based buffer overflow (129-byte write) in conv_bitmap in bit2spr.c via a long line in a bitmap file.	CWE-787 Out-of-bounds Write	CVE-2020-11528	2024-11-21 13:58	2020-04-5	Show	GitHub Exploit DB Packet Storm

210135	7.5	HIGH Network	zohocorp	manageengine_opmanager	In Zoho ManageEngine OpManager before 12.4.181, an unauthenticated remote attacker can send a specially crafted URI to read arbitrary files.	NVD-CWE-noinfo	CVE-2020-11527	2024-11-21 13:58	2020-04-5	Show	GitHub Exploit DB Packet Storm

210136	9.8	CRITICAL Network	zohocorp	manageengine_adselfservice_plus	Zoho ManageEngine ADSelfService Plus before 5815 allows unauthenticated remote code execution.	NVD-CWE-noinfo	CVE-2020-11518	2024-11-21 13:58	2020-04-4	Show	GitHub Exploit DB Packet Storm

210137	7.4	HIGH Network	gnu debian opensuse canonical fedoraproject	gnutls debian_linux leap ubuntu_linux fedora	GnuTLS 3.6.x before 3.6.13 uses incorrect cryptography for DTLS. The earliest affected version is 3.6.3 (2018-07-16) because of an error in a 2017-10-06 commit. The DTLS client always uses 32 '\0' by…	CWE-330 Use of Insufficiently Random Values	CVE-2020-11501	2024-11-21 13:58	2020-04-3	Show	GitHub Exploit DB Packet Storm

210138	7.5	HIGH Network	zoom	meetings	Zoom Client for Meetings through 4.6.9 uses the ECB mode of AES for video and audio encryption. Within a meeting, all participants use a single 128-bit key.	CWE-327 Use of a Broken or Risky Cryptographic Algorithm	CVE-2020-11500	2024-11-21 13:58	2020-04-3	Show	GitHub Exploit DB Packet Storm

210139	6.1	MEDIUM Network	firmware_analysis_and_comparison_tool_project	firmware_analysis_and_comparison_tool	Firmware Analysis and Comparison Tool (FACT) 3 has Stored XSS when updating analysis details via a localhost web request, as demonstrated by mishandling of the tags and version fields in helperFuncti…	CWE-79 Cross-site Scripting	CVE-2020-11499	2024-11-21 13:58	2020-04-3	Show	GitHub Exploit DB Packet Storm

210140	8.8	HIGH Network	slack	nebula	Slack Nebula through 1.1.0 contains a relative path vulnerability that allows a low-privileged attacker to execute code in the context of the root user via tun_darwin.go or tun_windows.go. A user can…	CWE-22 Path Traversal	CVE-2020-11498	2024-11-21 13:58	2020-04-3	Show	GitHub Exploit DB Packet Storm

Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed