Vulnerability Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":May 14, 2026, 6:01 p.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
227691	5	警告	yerba	-	Yerba SACphp におけるディレクトリトラバーサルの脆弱性	CWE-22 パス・トラバーサル	CVE-2008-5867	2012-12-20 19:10	2009-01-7	Show	GitHub Exploit DB Packet Storm

227692	10	危険	proxim	-	Proxim Wireless Tsunami における重要な情報を取得される脆弱性	CWE-94 コード・インジェクション	CVE-2008-5866	2012-12-20 19:10	2009-01-7	Show	GitHub Exploit DB Packet Storm

227693	7.5	危険	v-gn	-	wBB 用の Userlocator モジュールにおける SQL インジェクションの脆弱性	CWE-89 SQLインジェクション	CVE-2008-5863	2012-12-20 19:10	2009-01-6	Show	GitHub Exploit DB Packet Storm

227694	5	警告	webcamxp	-	webcamXP におけるディレクトリトラバーサルの脆弱性	CWE-22 パス・トラバーサル	CVE-2008-5862	2012-12-20 19:10	2009-01-6	Show	GitHub Exploit DB Packet Storm

227695	4	警告	シックス・アパート株式会社	-	Six Apart MT におけるアクセス制限を回避される脆弱性	CWE-264 認可・権限・アクセス制御	CVE-2008-5846	2012-12-20 19:10	2009-01-5	Show	GitHub Exploit DB Packet Storm

227696	7.5	危険	phpicalendar	-	PHP iCalendar における認証を回避される脆弱性	CWE-264 認可・権限・アクセス制御	CVE-2008-5840	2012-12-20 19:10	2009-01-5	Show	GitHub Exploit DB Packet Storm

227697	6.8	警告	web scribble solutions	-	Web Scribble Solutions webClassifieds の index.php における SQL インジェクションの脆弱性	CWE-89 SQLインジェクション	CVE-2008-5817	2012-12-20 19:10	2009-01-2	Show	GitHub Exploit DB Packet Storm

227698	7.5	危険	phpalumni	-	phpAlumni の Acomment.php における SQL インジェクションの脆弱性	CWE-89 SQLインジェクション	CVE-2008-5815	2012-12-20 19:10	2009-01-2	Show	GitHub Exploit DB Packet Storm

227699	7.5	危険	SPIP	-	SPIP の inc/rubriques.php における SQL インジェクションの脆弱性	CWE-89 SQLインジェクション	CVE-2008-5813	2012-12-20 19:10	2008-12-24	Show	GitHub Exploit DB Packet Storm

227700	10	危険	SPIP	-	SPIP における脆弱性	CWE-noinfo 情報不足	CVE-2008-5812	2012-12-20 19:10	2008-12-24	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:May 15, 2026, 4:28 a.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
209401	9.8	CRITICAL Network	lua	lua	Lua 5.4.0 has a getobjname heap-based buffer over-read because youngcollection in lgc.c uses markold for an insufficient number of list members.	CWE-125 Out-of-bounds Read	CVE-2020-15889	2024-11-21 14:06	2020-07-22	Show	GitHub Exploit DB Packet Storm

209402	8.8	HIGH Network	lua	lua	Lua through 5.4.0 mishandles the interaction between stack resizes and garbage collection, leading to a heap-based buffer overflow, heap-based buffer over-read, or use-after-free.	CWE-125 CWE-787 CWE-416 Out-of-bounds Read Out-of-bounds Write Use After Free	CVE-2020-15888	2024-11-21 14:06	2020-07-22	Show	GitHub Exploit DB Packet Storm

209403	7.8	HIGH Local	360totalsecurity	360_total_security	In the version 12.1.0.1005 and below of 360 Total Security, when the Gamefolde calls GameChrome.exe, there exists a local privilege escalation vulnerability. An attacker who could exploit DLL hijacki…	CWE-427 Uncontrolled Search Path Element	CVE-2020-15724	2024-11-21 14:06	2020-07-22	Show	GitHub Exploit DB Packet Storm

209404	7.8	HIGH Local	360totalsecurity	360_total_security	In the version 12.1.0.1004 and below of 360 Total Security, when the main process of 360 Total Security calls GameChrome.exe, there exists a local privilege escalation vulnerability. An attacker who …	CWE-427 Uncontrolled Search Path Element	CVE-2020-15723	2024-11-21 14:06	2020-07-22	Show	GitHub Exploit DB Packet Storm

209405	7.8	HIGH Local	360totalsecurity	360_total_security	In version 12.1.0.1004 and below of 360 Total Security,when TPI calls the browser process, there exists a local privilege escalation vulnerability. An attacker who could exploit DLL hijacking could e…	CWE-427 Uncontrolled Search Path Element	CVE-2020-15722	2024-11-21 14:06	2020-07-22	Show	GitHub Exploit DB Packet Storm

209406	7.5	HIGH Network	bitwarden	server	Bitwarden Server 1.35.1 allows SSRF because it does not consider certain IPv6 addresses (ones beginning with fc, fd, fe, or ff, and the :: address) and certain IPv4 addresses (0.0.0.0/8, 127.0.0.0/8,…	CWE-918 Server-Side Request Forgery (SSRF)	CVE-2020-15879	2024-11-21 14:06	2020-07-22	Show	GitHub Exploit DB Packet Storm

209407	8.8	HIGH Network	librenms	librenms	An issue was discovered in LibreNMS before 1.65.1. It has insufficient access control for normal users because of "'guard' => 'admin'" instead of "'middleware' => ['can:admin']" in routes/web.php.	NVD-CWE-noinfo	CVE-2020-15877	2024-11-21 14:06	2020-07-22	Show	GitHub Exploit DB Packet Storm

209408	6.5	MEDIUM Network	librenms	librenms	In LibreNMS before 1.65.1, an authenticated attacker can achieve SQL Injection via the customoid.inc.php device_id POST parameter to ajax_form.php.	CWE-89 SQL Injection	CVE-2020-15873	2024-11-21 14:06	2020-07-22	Show	GitHub Exploit DB Packet Storm

209409	3.3	LOW Local	qemu debian	qemu debian_linux	QEMU 4.2.0 has a use-after-free in hw/net/e1000e_core.c because a guest OS user can trigger an e1000e packet with the data's address set to the e1000e's MMIO address.	CWE-416 Use After Free	CVE-2020-15859	2024-11-21 14:06	2020-07-22	Show	GitHub Exploit DB Packet Storm

209410	9.8	CRITICAL Network	mruby debian	mruby debian_linux	mruby through 2.1.2-rc has a heap-based buffer overflow in the mrb_yield_with_class function in vm.c because of incorrect VM stack handling. It can be triggered via the stack_copy function.	CWE-787 Out-of-bounds Write	CVE-2020-15866	2024-11-21 14:06	2020-07-22	Show	GitHub Exploit DB Packet Storm

Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed