Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":May 9, 2026, 6 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
227761 9.3 危険 watchfire - WatchFire AppScan の特定の ActiveX コントロールにおける絶対パストラバーサルの脆弱性 CWE-22
パス・トラバーサル 		CVE-2008-2015 2012-12-20 18:52 2008-04-29 Show GitHub Exploit DB Packet Storm
227762 6.8 警告 pnflashgames - PostNuke 用の pnFlashGames モジュールの index.php における SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2008-2013 2012-12-20 18:52 2008-04-29 Show GitHub Exploit DB Packet Storm
227763 7.5 危険 postnuke software foundation - PostNuke 用の PostSchedule モジュールにおける SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2008-2012 2012-12-20 18:52 2008-04-29 Show GitHub Exploit DB Packet Storm
227764 7.5 危険 サン・マイクロシステムズ - Sun Java System Directory Proxy Server におけるサーバに対するアクセス制限を回避される脆弱性 CWE-264
認可・権限・アクセス制御 		CVE-2008-1995 2012-12-20 18:52 2008-04-25 Show GitHub Exploit DB Packet Storm
227765 4.3 警告 pixel motion - Blog Pixel Motion の liste_article.php におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2008-1986 2012-12-20 18:52 2008-04-27 Show GitHub Exploit DB Packet Storm
227766 8.5 危険 サン・マイクロシステムズ - Sun Ray Kiosk Mode におけるルートの権限を取得される脆弱性 CWE-noinfo
情報不足 		CVE-2008-2112 2012-12-20 18:52 2008-05-5 Show GitHub Exploit DB Packet Storm
227767 9.3 危険 Yahoo! - Yahoo! Assistant の ActiveX コントロールにおける任意のコードを実行される脆弱性 CWE-399
リソース管理の問題 		CVE-2008-2111 2012-12-20 18:52 2008-05-7 Show GitHub Exploit DB Packet Storm
227768 7.5 危険 qto - QTOFileManager の qtofm.php における任意の PHP コードをアップロードされる脆弱性 CWE-20
不適切な入力確認 		CVE-2008-2110 2012-12-20 18:52 2008-05-7 Show GitHub Exploit DB Packet Storm
227769 7.5 危険 phpforge - PHP Forge の admin/news.php における SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2008-2088 2012-12-20 18:52 2008-05-6 Show GitHub Exploit DB Packet Storm
227770 6.8 警告 softbiz - Softbiz Web Host Directory Script の search_result.php における SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2008-2087 2012-12-20 18:52 2008-05-6 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:May 9, 2026, 5:07 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
209851 4.3 MEDIUM
Physics 		yubico libykpiv
piv_tool_manager
yubikey_smart_card_minidriver 		An issue was discovered in Yubico libykpiv before 2.1.0. lib/util.c in this library (which is included in yubico-piv-tool) does not properly check embedded length fields during device communication. … CWE-125
Out-of-bounds Read 		CVE-2020-13131 2024-11-21 14:00 2020-07-10 Show GitHub Exploit DB Packet Storm
209852 9.8 CRITICAL
Network 		protocol gossipsub Gossipsub 1.0 does not properly resist invalid message spam, such as an eclipse attack or a sybil attack. NVD-CWE-noinfo
CVE-2020-12821 2024-11-21 14:00 2020-07-8 Show GitHub Exploit DB Packet Storm
209853 7.2 HIGH
Network 		code42 code42 Code42 environments with on-premises server versions 7.0.4 and earlier allow for possible remote code execution. When an administrator creates a local (non-SSO) user via a Code42-generated email, the… CWE-74
Injection 		CVE-2020-12736 2024-11-21 14:00 2020-07-8 Show GitHub Exploit DB Packet Storm
209854 8.8 HIGH
Network 		obdev little_snitch Little Snitch version 4.5.1 and older changed ownership of a directory path controlled by the user. This allowed the user to escalate to root by linking the path to a directory containing code execut… CWE-59
Link Following 		CVE-2020-13095 2024-11-21 14:00 2020-07-1 Show GitHub Exploit DB Packet Storm
209855 7.3 HIGH
Local 		boolebox boolebox BooleBox Secure File Sharing Utility before 4.2.3.0 allows CSV injection via a crafted user name that is mishandled during export from the activity logs in the Audit Area. CWE-1236
 Improper Neutralization of Formula Elements in a CSV File 		CVE-2020-13247 2024-11-21 14:00 2020-06-25 Show GitHub Exploit DB Packet Storm
209856 5.4 MEDIUM
Network 		boolebox boolebox BooleBox Secure File Sharing Utility before 4.2.3.0 allows stored XSS via a crafted avatar field within My Account JSON data to Account.aspx. CWE-79
Cross-site Scripting 		CVE-2020-13248 2024-11-21 14:00 2020-06-25 Show GitHub Exploit DB Packet Storm
209857 5.7 MEDIUM
Adjacent 		sane-project
canonical
opensuse 		sane_backends
ubuntu_linux
leap 		A NULL pointer dereference in SANE Backends before 1.0.30 allows a malicious device connected to the same local network as the victim to cause a denial of service, GHSL-2020-079. CWE-476
 NULL Pointer Dereference 		CVE-2020-12866 2024-11-21 14:00 2020-06-24 Show GitHub Exploit DB Packet Storm
209858 8.0 HIGH
Adjacent 		sane-project
debian
canonical
opensuse 		sane_backends
debian_linux
ubuntu_linux
leap 		A heap buffer overflow in SANE Backends before 1.0.30 may allow a malicious device connected to the same local network as the victim to execute arbitrary code, aka GHSL-2020-084. CWE-787
 Out-of-bounds Write 		CVE-2020-12865 2024-11-21 14:00 2020-06-24 Show GitHub Exploit DB Packet Storm
209859 4.3 MEDIUM
Adjacent 		sane-project
opensuse
canonical 		sane_backends
leap
ubuntu_linux 		An out-of-bounds read in SANE Backends before 1.0.30 may allow a malicious device connected to the same local network as the victim to read important information, such as the ASLR offsets of the prog… CWE-125
Out-of-bounds Read 		CVE-2020-12864 2024-11-21 14:00 2020-06-24 Show GitHub Exploit DB Packet Storm
209860 4.3 MEDIUM
Adjacent 		sane-project
debian
canonical
opensuse 		sane_backends
debian_linux
ubuntu_linux
leap 		An out-of-bounds read in SANE Backends before 1.0.30 may allow a malicious device connected to the same local network as the victim to read important information, such as the ASLR offsets of the prog… CWE-125
Out-of-bounds Read 		CVE-2020-12863 2024-11-21 14:00 2020-06-24 Show GitHub Exploit DB Packet Storm