Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":May 11, 2026, 6:01 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
228401 6.4 警告 spyce - Spyce - PSP の spyce/examples/redirect.spy におけるオープンリダイレクトの脆弱性 CWE-22
パス・トラバーサル 		CVE-2008-0981 2012-12-20 18:34 2008-02-25 Show GitHub Exploit DB Packet Storm
228402 4.3 警告 spyce - Spyce - PSP におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2008-0980 2012-12-20 18:34 2008-02-25 Show GitHub Exploit DB Packet Storm
228403 4.3 警告 webgui - Plain Black WebGUI におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2008-0940 2012-12-20 18:34 2008-02-25 Show GitHub Exploit DB Packet Storm
228404 7.5 危険 WordPress.org - WordPress 用の WPPA プラグインにおける SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2008-0939 2012-12-20 18:34 2008-02-25 Show GitHub Exploit DB Packet Storm
228405 7.5 危険 the sword project - The SWORD Project Diatheke の diatheke.pl における任意のコマンドを実行される脆弱性 CWE-20
不適切な入力確認 		CVE-2008-0932 2012-12-20 18:34 2008-02-25 Show GitHub Exploit DB Packet Storm
228406 6.3 警告 xwine - Debian GNU/Linux 上で稼動する XWine の w_export.c における任意のコマンドを実行される脆弱性 CWE-264
認可・権限・アクセス制御 		CVE-2008-0931 2012-12-20 18:34 2008-03-3 Show GitHub Exploit DB Packet Storm
228407 7.5 危険 PHPNUKE - PHP-Nuke 用の Manuales モジュールにおける SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2008-0922 2012-12-20 18:34 2008-02-22 Show GitHub Exploit DB Packet Storm
228408 4.3 警告 tendenci - Tendenci CMS の search.asp におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2008-0793 2012-12-20 18:34 2008-02-14 Show GitHub Exploit DB Packet Storm
228409 4.3 警告 Simple Machines - SMF Shoutbox の sboxDB.php におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2008-0775 2012-12-20 18:34 2008-02-13 Show GitHub Exploit DB Packet Storm
228410 7.5 危険 site2nite - Site2Nite の default.asp における SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2008-0771 2012-12-20 18:34 2008-02-13 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:May 11, 2026, 4:09 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
195961 7.2 HIGH
Network 		tp-link tl-wr841n_firmware A buffer overflow in the httpd daemon on TP-Link TL-WR841N V10 (firmware version 3.16.9) devices allows an authenticated remote attacker to execute arbitrary code via a GET request to the page for th… CWE-120
Classic Buffer Overflow 		CVE-2020-8423 2024-11-21 14:38 2020-04-3 Show GitHub Exploit DB Packet Storm
195962 6.3 MEDIUM
Local 		opensuse texlive-filesystem
leap 		A Race Condition Enabling Link Following vulnerability in the cron job shipped with texlive-filesystem of SUSE Linux Enterprise Module for Desktop Applications 15-SP1, SUSE Linux Enterprise Software … CWE-367
 Time-of-check Time-of-use (TOCTOU) Race Condition 		CVE-2020-8017 2024-11-21 14:38 2020-04-2 Show GitHub Exploit DB Packet Storm
195963 7.0 HIGH
Local 		opensuse texlive-filesystem A Race Condition Enabling Link Following vulnerability in the packaging of texlive-filesystem of SUSE Linux Enterprise Module for Desktop Applications 15-SP1, SUSE Linux Enterprise Software Developme… - CVE-2020-8016 2024-11-21 14:38 2020-04-2 Show GitHub Exploit DB Packet Storm
195964 7.8 HIGH
Local 		exim exim A UNIX Symbolic Link (Symlink) Following vulnerability in the packaging of exim in openSUSE Factory allows local attackers to escalate from user mail to root. This issue affects: openSUSE Factory exi… - CVE-2020-8015 2024-11-21 14:38 2020-04-2 Show GitHub Exploit DB Packet Storm
195965 7.8 HIGH
Local 		ui unifi_video In UniFi Video v3.10.1 (for Windows 7/8/10 x64) there is a Local Privileges Escalation to SYSTEM from arbitrary file deletion and DLL hijack vulnerabilities. The issue was fixed by adjusting the .tsE… CWE-427
 Uncontrolled Search Path Element 		CVE-2020-8146 2024-11-21 14:38 2020-04-2 Show GitHub Exploit DB Packet Storm
195966 6.5 MEDIUM
Network 		ui unifi_video The UniFi Video Server (Windows) web interface configuration restore functionality at the “backup” and “wizard” endpoints does not implement sufficient privilege checks. Low privileged users, belongi… NVD-CWE-noinfo
CVE-2020-8145 2024-11-21 14:38 2020-04-2 Show GitHub Exploit DB Packet Storm
195967 8.4 HIGH
Adjacent 		ui unifi_video The UniFi Video Server v3.9.3 and prior (for Windows 7/8/10 x64) web interface Firmware Update functionality, under certain circumstances, does not validate firmware download destinations to ensure t… CWE-22
Path Traversal 		CVE-2020-8144 2024-11-21 14:38 2020-04-2 Show GitHub Exploit DB Packet Storm
195968 8.8 HIGH
Network 		auth0 login_by_auth0 An issue was discovered in the Login by Auth0 plugin before 4.0.0 for WordPress. A user can perform an insecure direct object reference. NVD-CWE-Other
CVE-2020-7948 2024-11-21 14:38 2020-04-1 Show GitHub Exploit DB Packet Storm
195969 9.8 CRITICAL
Network 		auth0 login_by_auth0 An issue was discovered in the Login by Auth0 plugin before 4.0.0 for WordPress. It has numerous fields that can contain data that is pulled from different sources. One issue with this is that the da… CWE-1236
 Improper Neutralization of Formula Elements in a CSV File 		CVE-2020-7947 2024-11-21 14:38 2020-04-1 Show GitHub Exploit DB Packet Storm
195970 7.5 HIGH
Network 		zohocorp manageengine_desktop_central Zoho ManageEngine Desktop Central before 10.0.483 allows unauthenticated users to access PDFGenerationServlet, leading to sensitive information disclosure. CWE-306
Missing Authentication for Critical Function 		CVE-2020-8509 2024-11-21 14:38 2020-03-31 Show GitHub Exploit DB Packet Storm