Vulnerability Search Top

Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

Vulnerability Information Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":May 13, 2026, 2:01 p.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
227921	4.9	警告	レッドハット	-	Fedora 上で稼動している Linux カーネルの utrace サブシステム用の特定の Fedora パッチにおけるサービス運用妨害 (DoS) の脆弱性	CWE-399 リソース管理の問題	CVE-2008-3832	2012-12-20 18:52	2008-09-30	Show	GitHub Exploit DB Packet Storm

227922	5	警告	swfdec	-	Swfdec におけるサービス運用妨害 (DoS) の脆弱性	CWE-20 不適切な入力確認	CVE-2008-3796	2012-12-20 18:52	2008-08-27	Show	GitHub Exploit DB Packet Storm

227923	6.8	警告	VideoLAN	-	VLC Media Player の modules/access/mms/mmstu.c 関数における整数符号エラーの脆弱性	CWE-189 数値処理の問題	CVE-2008-3794	2012-12-20 18:52	2008-08-26	Show	GitHub Exploit DB Packet Storm

227924	6.8	警告	PicturesPro	-	PICTURESPRO Photo Cart における SQL インジェクションの脆弱性	CWE-89 SQLインジェクション	CVE-2008-3788	2012-12-20 18:52	2008-08-26	Show	GitHub Exploit DB Packet Storm

227925	4.3	警告	PicturesPro	-	PICTURESPRO Photo Cart の index.php におけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2008-3786	2012-12-20 18:52	2008-08-26	Show	GitHub Exploit DB Packet Storm

227926	7.5	危険	review-script	-	Five Star Review Script の recommend.php における SQL インジェクションの脆弱性	CWE-89 SQLインジェクション	CVE-2008-3780	2012-12-20 18:52	2008-08-26	Show	GitHub Exploit DB Packet Storm

227927	4.3	警告	review-script	-	Five Star Review Script の search/index.php におけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2008-3779	2012-12-20 18:52	2008-08-26	Show	GitHub Exploit DB Packet Storm

227928	7.5	危険	simasy	-	Simasy CMS の index.php における SQL インジェクションの脆弱性	CWE-89 SQLインジェクション	CVE-2008-3774	2012-12-20 18:52	2008-08-22	Show	GitHub Exploit DB Packet Storm

227929	4.3	警告	vBulletin Solutions, Inc.	-	vBulletin におけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2008-3773	2012-12-20 18:52	2008-08-18	Show	GitHub Exploit DB Packet Storm

227930	7.5	危険	turnkey web tools	-	Turnkey Web Tools SunShop Shopping Cart の class.ajax.php における SQL インジェクションの脆弱性	CWE-89 SQLインジェクション	CVE-2008-3768	2012-12-20 18:52	2008-08-22	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:May 13, 2026, 5:05 a.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
209351	5.4	MEDIUM Network	prestashop	prestashop	In PrestaShop from version 1.5.0.0 and before version 1.7.6.8, users are allowed to send compromised files. These attachments allowed people to input malicious JavaScript which triggered an XSS paylo…	-	CVE-2020-15162	2024-11-21 14:04	2020-09-25	Show	GitHub Exploit DB Packet Storm

209352	9.8	CRITICAL Network	prestashop	prestashop	PrestaShop from version 1.7.5.0 and before version 1.7.6.8 is vulnerable to a blind SQL Injection attack in the Catalog Product edition page with location parameter. The problem is fixed in 1.7.6.8	CWE-89 SQL Injection	CVE-2020-15160	2024-11-21 14:04	2020-09-25	Show	GitHub Exploit DB Packet Storm

209353	6.1	MEDIUM Network	prestashop	prestashop	In PrestaShop from version 1.6.0.4 and before version 1.7.6.8 an attacker is able to inject javascript while using the contact form. The problem is fixed in 1.7.6.8	-	CVE-2020-15161	2024-11-21 14:04	2020-09-25	Show	GitHub Exploit DB Packet Storm

209354	10.0	CRITICAL Network	yiiframework	yii	Yii 2 (yiisoft/yii2) before version 2.0.38 is vulnerable to remote code execution if the application calls `unserialize()` on arbitrary user input. This is fixed in version 2.0.38. A possible workaro…	-	CVE-2020-15148	2024-11-21 14:04	2020-09-16	Show	GitHub Exploit DB Packet Storm

209355	6.6	MEDIUM Network	xwiki	xwiki	In XWiki before versions 11.10.5 or 12.2.1, any user with SCRIPT right (EDIT right before XWiki 7.4) can gain access to the application server Servlet context which contains tools allowing to instant…	CWE-74 Injection	CVE-2020-15171	2024-11-21 14:04	2020-09-11	Show	GitHub Exploit DB Packet Storm

209356	5.5	MEDIUM Local	avast	antivirus	An issue was discovered in the Login Password feature of the Password Manager component in Avast Antivirus 20.1.5069.562. An entered password continues to be stored in Windows main memory after a log…	CWE-212 CWE-459 Improper Removal of Sensitive Information Before Storage or Transfer Incomplete Cleanup	CVE-2020-15024	2024-11-21 14:04	2020-09-11	Show	GitHub Exploit DB Packet Storm

209357	6.1	MEDIUM Network	action_view_project debian fedoraproject	action_view debian_linux fedora	In Action View before versions 5.2.4.4 and 6.0.3.3 there is a potential Cross-Site Scripting (XSS) vulnerability in Action View's translation helpers. Views that allow the user to control the default…	-	CVE-2020-15169	2024-11-21 14:04	2020-09-12	Show	GitHub Exploit DB Packet Storm

209358	7.5	HIGH Network	zeromq fedoraproject debian	libzmq fedora debian_linux	In ZeroMQ before version 4.3.3, there is a denial-of-service vulnerability. Users with TCP transport public endpoints, even with CURVE/ZAP enabled, are impacted. If a raw TCP socket is opened and con…	-	CVE-2020-15166	2024-11-21 14:04	2020-09-12	Show	GitHub Exploit DB Packet Storm

209359	7.0	HIGH Network	ctrip	apollo	apollo-adminservice before version 1.7.1 does not implement access controls. If users expose apollo-adminservice to internet(which is not recommended), there are potential security issues since apoll…	NVD-CWE-Other	CVE-2020-15170	2024-11-21 14:04	2020-09-11	Show	GitHub Exploit DB Packet Storm

209360	5.3	MEDIUM Network	node-fetch_project	node-fetch	node-fetch before versions 2.6.1 and 3.0.0-beta.9 did not honor the size option after following a redirect, which means that when a content size was over the limit, a FetchError would never get throw…	CWE-770 Allocation of Resources Without Limits or Throttling	CVE-2020-15168	2024-11-21 14:04	2020-09-11	Show	GitHub Exploit DB Packet Storm