Vulnerability Search Top

Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

Vulnerability Information Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":May 10, 2026, 6 p.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
228141	6	警告	taskfreak	-	TaskFreak! の index.php における SQL インジェクションの脆弱性	CWE-89 SQLインジェクション	CVE-2008-0270	2012-12-20 18:34	2008-01-15	Show	GitHub Exploit DB Packet Storm

228142	6.8	警告	wavelink media	-	TutorialCMS の activate.php における SQL インジェクションの脆弱性	CWE-89 SQLインジェクション	CVE-2008-0254	2012-12-20 18:34	2008-01-15	Show	GitHub Exploit DB Packet Storm

228143	5	警告	php webquest	-	PHP Webquest におけるデータベースの資格情報を取得される脆弱性	CWE-200 情報漏えい	CVE-2008-0249	2012-12-20 18:34	2008-01-11	Show	GitHub Exploit DB Packet Storm

228144	9.3	危険	streamaudio	-	StreamAudio ChainCast ProxyManager の ccpm_0237.dll におけるバッファオーバーフローの脆弱性	CWE-119 バッファエラー	CVE-2008-0248	2012-12-20 18:34	2008-01-11	Show	GitHub Exploit DB Packet Storm

228145	10	危険	uploadscript	-	UploadScript の admin.php における管理者の権限を取得される脆弱性	CWE-264 認可・権限・アクセス制御	CVE-2008-0246	2012-12-20 18:34	2008-01-11	Show	GitHub Exploit DB Packet Storm

228146	7.5	危険	uploadscript	-	UploadImage の admin.php における管理者の権限を取得される脆弱性	CWE-264 認可・権限・アクセス制御	CVE-2008-0245	2012-12-20 18:34	2008-01-11	Show	GitHub Exploit DB Packet Storm

228147	10	危険	SAP	-	SAP MaxDB における任意のコマンドを実行される脆弱性	CWE-20 不適切な入力確認	CVE-2008-0244	2012-12-20 18:34	2008-01-11	Show	GitHub Exploit DB Packet Storm

228148	5.8	警告	サン・マイクロシステムズ	-	Sun Java System Identity Manager の /idm/user/login.jsp におけるオープンリダイレクトの脆弱性	CWE-20 不適切な入力確認	CVE-2008-0241	2012-12-20 18:34	2008-01-9	Show	GitHub Exploit DB Packet Storm

228149	4.3	警告	サン・マイクロシステムズ	-	Sun Java System Identity Manager の /idm/help/index.jsp におけるフィッシング攻撃を実行される脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2008-0240	2012-12-20 18:34	2008-01-9	Show	GitHub Exploit DB Packet Storm

228150	4.3	警告	サン・マイクロシステムズ	-	Sun Java System Identity Manager におけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2008-0239	2012-12-20 18:34	2008-01-9	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:May 10, 2026, 4:58 a.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
196031	8.8	HIGH Network	mastersoft	zook_agent zook_viewer	A buffer overflow issue was discovered in ZOOK solution(remote administration tool) through processing 'ConnectMe' command while parsing a crafted OUTERIP value because of missing boundary check. Thi…	CWE-120 Classic Buffer Overflow	CVE-2020-7877	2024-11-21 14:37	2021-09-7	Show	GitHub Exploit DB Packet Storm

196032	8.8	HIGH Network	raonwiz	raon_k_upload	A vulnerability in File Transfer Solution of Raonwiz could allow arbitrary command execution as the result of viewing a specially-crafted web page. This vulnerability is due to insufficient validatio…	CWE-20 Improper Input Validation	CVE-2020-7863	2024-11-21 14:37	2021-08-6	Show	GitHub Exploit DB Packet Storm

196033	5.4	MEDIUM Network	sage	syracuse	Sage X3 Stored XSS Vulnerability on ‘Edit’ Page of User Profile. An authenticated user can pass XSS strings the "First Name," "Last Name," and "Email Address" fields of this web application component…	CWE-79 Cross-site Scripting	CVE-2020-7390	2024-11-21 14:37	2021-07-23	Show	GitHub Exploit DB Packet Storm

196034	7.2	HIGH Network	sage	syracuse	Sage X3 System CHAINE Variable Script Command Injection. An authenticated user with developer access can pass OS commands via this variable used by the web application. Note, this developer configura…	CWE-78 OS Command	CVE-2020-7389	2024-11-21 14:37	2021-07-23	Show	GitHub Exploit DB Packet Storm

196035	9.8	CRITICAL Network	sage	adxadmin	Sage X3 Unauthenticated Remote Command Execution (RCE) as SYSTEM in AdxDSrv.exe component. By editing the client side authentication request, an attacker can bypass credential validation. While explo…	CWE-290 Authentication Bypass by Spoofing	CVE-2020-7388	2024-11-21 14:37	2021-07-23	Show	GitHub Exploit DB Packet Storm

196036	5.3	MEDIUM Network	sage	adxadmin	Sage X3 Installation Pathname Disclosure. A specially crafted packet can elicit a response from the AdxDSrv.exe component that reveals the installation directory of the product. Note that this vulner…	NVD-CWE-noinfo	CVE-2020-7387	2024-11-21 14:37	2021-07-23	Show	GitHub Exploit DB Packet Storm

196037	9.8	CRITICAL Network	tobesoft	xplatform	When using XPLATFORM 9.2.2.270 or earlier versions ActiveX component, arbitrary commands can be executed due to improper input validation	CWE-20 Improper Input Validation	CVE-2020-7866	2024-11-21 14:37	2021-07-20	Show	GitHub Exploit DB Packet Storm

196038	7.8	HIGH Local	hmtalk	daviewindy	DaviewIndy v8.98.7.0 and earlier versions have a Integer overflow vulnerability, triggered when the user opens a malformed format file that is mishandled by DaviewIndy. Attackers could exploit this a…	CWE-190 Integer Overflow or Wraparound	CVE-2020-7872	2024-11-21 14:37	2021-07-12	Show	GitHub Exploit DB Packet Storm

196039	7.2	HIGH Network	unidocs	ezpdf_reader ezpdf_editor	A memory corruption vulnerability exists when ezPDF improperly handles the parameter. This vulnerability exists due to insufficient validation of the parameter.	CWE-787 Out-of-bounds Write	CVE-2020-7870	2024-11-21 14:37	2021-06-29	Show	GitHub Exploit DB Packet Storm

196040	8.8	HIGH Network	mastersoft	zook	An improper input validation vulnerability of ZOOK software (remote administration tool) could allow a remote attacker to create arbitrary file. The ZOOK viewer has the "Tight file CMD" function to c…	CWE-20 Improper Input Validation	CVE-2020-7869	2024-11-21 14:37	2021-06-29	Show	GitHub Exploit DB Packet Storm