Vulnerability Search Top

Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

Vulnerability Information Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":May 12, 2026, 6 p.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
227671	7.5	危険	torrenttrader	-	TorrentTrader Classic の completed-advance.php における SQL インジェクションの脆弱性	CWE-89 SQLインジェクション	CVE-2008-4494	2012-12-20 18:52	2008-10-8	Show	GitHub Exploit DB Packet Storm

227672	7.5	危険	yourownbux	-	YourOwnBux の referrals.php における SQL インジェクションの脆弱性	CWE-89 SQLインジェクション	CVE-2008-4492	2012-12-20 18:52	2008-10-8	Show	GitHub Exploit DB Packet Storm

227673	10	危険	yerba	-	Yerba で使用される SACphp の index.php におけるディレクトリトラバーサルの脆弱性	CWE-22 パス・トラバーサル	CVE-2008-4486	2012-12-20 18:52	2008-10-7	Show	GitHub Exploit DB Packet Storm

227674	6.9	警告	Sympa	-	sympa の sympa.pl における任意のファイルを上書きされる脆弱性	CWE-59 リンク解釈の問題	CVE-2008-4476	2012-12-20 18:52	2008-10-7	Show	GitHub Exploit DB Packet Storm

227675	7.5	危険	Vastal I-Tech & Co.	-	Vastal I-Tech Freelance Zone の view_cresume.php における SQL インジェクションの脆弱性	CWE-89 SQLインジェクション	CVE-2008-4469	2012-12-20 18:52	2008-10-6	Show	GitHub Exploit DB Packet Storm

227676	7.5	危険	Vastal I-Tech & Co.	-	Vastal I-Tech Share Zone の view_news.php における SQL インジェクションの脆弱性	CWE-89 SQLインジェクション	CVE-2008-4468	2012-12-20 18:52	2008-10-6	Show	GitHub Exploit DB Packet Storm

227677	7.5	危険	Vastal I-Tech & Co.	-	Vastal I-Tech Toner Cart の show_series_ink.php における SQL インジェクションの脆弱性	CWE-89 SQLインジェクション	CVE-2008-4467	2012-12-20 18:52	2008-10-6	Show	GitHub Exploit DB Packet Storm

227678	7.5	危険	Vastal I-Tech & Co.	-	Vastal I-Tech Cosmetics Zone の view_products_cat.php における SQL インジェクションの脆弱性	CWE-89 SQLインジェクション	CVE-2008-4466	2012-12-20 18:52	2008-10-6	Show	GitHub Exploit DB Packet Storm

227679	7.5	危険	Vastal I-Tech & Co.	-	Vastal I-Tech DVD Zone の view_mags.php における SQL インジェクションの脆弱性	CWE-89 SQLインジェクション	CVE-2008-4465	2012-12-20 18:52	2008-10-6	Show	GitHub Exploit DB Packet Storm

227680	7.5	危険	Vastal I-Tech & Co.	-	Vastal I-Tech Mag Zone の view_mags.php における SQL インジェクションの脆弱性	CWE-89 SQLインジェクション	CVE-2008-4464	2012-12-20 18:52	2008-10-6	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:May 13, 2026, 5:05 a.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
209541	5.4	MEDIUM Network	cmsmadesimple	cms_made_simple	CMS Made Simple 2.2.14 allows XSS via a Search Term to the admin/moduleinterface.php?mact=ModuleManager page.	CWE-79 Cross-site Scripting	CVE-2020-14926	2024-11-21 14:04	2020-06-20	Show	GitHub Exploit DB Packet Storm

209542	3.2	LOW Local	qemu fedoraproject redhat	qemu fedora extra_packages_for_enterprise_linux enterprise_linux openstack_platform	An infinite loop flaw was found in the USB xHCI controller emulation of QEMU while computing the length of the Transfer Request Block (TRB) Ring. This flaw allows a privileged guest user to hang the …	CWE-835 Loop with Unreachable Exit Condition ('Infinite Loop')	CVE-2020-14394	2024-11-21 14:03	2022-08-18	Show	GitHub Exploit DB Packet Storm

209543	5.6	MEDIUM Local	redhat	jboss_a-mq	A flaw was found in Red Hat AMQ Broker in a way that a XEE attack can be done via Broker's configuration files, leading to denial of service and information disclosure.	CWE-611 XXE	CVE-2020-14379	2024-11-21 14:03	2022-08-17	Show	GitHub Exploit DB Packet Storm

209544	7.5	HIGH Network	moodle	moodle	In Moodle before 3.9.1, 3.8.4, 3.7.7 and 3.5.13, yui_combo needed to limit the amount of files it can load to help mitigate the risk of denial of service.	CWE-770 Allocation of Resources Without Limits or Throttling	CVE-2020-14322	2024-11-21 14:03	2022-08-17	Show	GitHub Exploit DB Packet Storm

209545	8.8	HIGH Network	moodle	moodle	In Moodle before 3.9.1, 3.8.4, 3.7.7 and 3.5.13, teachers of a course were able to assign themselves the manager role within that course.	CWE-863 Incorrect Authorization	CVE-2020-14321	2024-11-21 14:03	2022-08-17	Show	GitHub Exploit DB Packet Storm

209546	6.1	MEDIUM Network	moodle	moodle	In Moodle before 3.9.1, 3.8.4 and 3.7.7, the filter in the admin task log required extra sanitizing to prevent a reflected XSS risk.	CWE-79 Cross-site Scripting	CVE-2020-14320	2024-11-21 14:03	2022-08-17	Show	GitHub Exploit DB Packet Storm

209547	9.8	CRITICAL Network	mitsubishielectric	m_commdtm-hart gx_works3 gx_works2 gx_logviewer gt_softgot2000 gt_softgot1000 gt_designer3 fr_configurator2 ezsocket data_transfer cw_configurator cpu_module_logging_…	Successful exploitation of this vulnerability for multiple Mitsubishi Electric Factory Automation Engineering Software Products of various versions could allow an attacker to escalate privilege and e…	NVD-CWE-noinfo	CVE-2020-14496	2024-11-21 14:03	2022-05-20	Show	GitHub Exploit DB Packet Storm

209548	5.3	MEDIUM Network	inductiveautomation	ignition	Sensitive information can be obtained through the handling of serialized data. The issue results from the lack of proper authentication required to query the server	CWE-306 Missing Authentication for Critical Function	CVE-2020-14479	2024-11-21 14:03	2022-04-2	Show	GitHub Exploit DB Packet Storm

209549	5.3	MEDIUM Network	rockwellautomation	1734-aentr_point_i\/o_dual_port_network_adaptor_series_b_firmware 1734-aentr_point_i\/o_dual_port_network_adaptor_series_c_firmware	The web interface of the 1734-AENTR communication module mishandles authentication for HTTP POST requests. A remote, unauthenticated attacker can send a crafted request that may allow for modificatio…	CWE-287 Improper Authentication	CVE-2020-14504	2024-11-21 14:03	2022-02-25	Show	GitHub Exploit DB Packet Storm

209550	6.1	MEDIUM Network	rockwellautomation	1734-aentr_point_i\/o_dual_port_network_adaptor_series_b_firmware 1734-aentr_point_i\/o_dual_port_network_adaptor_series_c_firmware	The web interface of the 1734-AENTR communication module is vulnerable to stored XSS. A remote, unauthenticated attacker could store a malicious script within the web interface that, when executed, c…	CWE-79 Cross-site Scripting	CVE-2020-14502	2024-11-21 14:03	2022-02-25	Show	GitHub Exploit DB Packet Storm