Vulnerability Search Top

Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

Vulnerability Information Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":May 12, 2026, 6 p.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
228491	7.5	危険	PreProject.com	-	PreProjects.com Pre Hotels & Resorts Management System の user_login.asp における SQL インジェクションの脆弱性	CWE-89 SQLインジェクション	CVE-2008-0744	2012-12-20 18:34	2008-02-12	Show	GitHub Exploit DB Packet Storm

228492	7.5	危険	powerscripts	-	PowerScripts PowerNews におけるディレクトリトラバーサルの脆弱性	CWE-22 パス・トラバーサル	CVE-2008-0742	2012-12-20 18:34	2008-02-12	Show	GitHub Exploit DB Packet Storm

228493	7.5	危険	shoppingtree	-	CP の admin/SA_shipFedExMeter.asp における SQL インジェクションの脆弱性	CWE-89 SQLインジェクション	CVE-2008-0739	2012-12-20 18:34	2008-02-12	Show	GitHub Exploit DB Packet Storm

228494	7.5	危険	shoppingtree	-	CP における SQL インジェクションの脆弱性	CWE-89 SQLインジェクション	CVE-2008-0738	2012-12-20 18:34	2008-02-12	Show	GitHub Exploit DB Packet Storm

228495	7.5	危険	shoppingtree	-	CP の admin/utilities_ConfigHelp.asp における SQL インジェクションの脆弱性	CWE-89 SQLインジェクション	CVE-2008-0737	2012-12-20 18:34	2008-02-12	Show	GitHub Exploit DB Packet Storm

228496	5	警告	shoppingtree	-	CP の admin/SA_shipFedExMeter.asp におけるパスを取得される脆弱性	CWE-200 情報漏えい	CVE-2008-0736	2012-12-20 18:34	2008-02-12	Show	GitHub Exploit DB Packet Storm

228497	10	危険	titan	-	Titan FTP Server の FTP サービスなどにおけるヒープベースのバッファオーバーフローの脆弱性	CWE-119 バッファエラー	CVE-2008-0725	2012-12-20 18:34	2008-02-11	Show	GitHub Exploit DB Packet Storm

228498	5	警告	the everything development company	-	The Everything Development System の The Everything Development Engine におけるユーザアカウントへアクセス権を取得される脆弱性	CWE-255 証明書・パスワード管理	CVE-2008-0724	2012-12-20 18:34	2008-02-11	Show	GitHub Exploit DB Packet Storm

228499	4.3	警告	planetluc	-	MyNews の mynews.inc.php におけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2008-0723	2012-12-20 18:34	2008-02-11	Show	GitHub Exploit DB Packet Storm

228500	4.3	警告	Webmin Project	-	Webmin および Usermin におけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2008-0720	2012-12-20 18:34	2008-02-11	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:May 13, 2026, 5:05 a.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
195851	9.8	CRITICAL Network	fortinet	fortimail fortivoice	An improper authentication vulnerability in FortiMail 5.4.10, 6.0.7, 6.2.2 and earlier and FortiVoiceEntreprise 6.0.0 and 6.0.1 may allow a remote unauthenticated attacker to access the system as a l…	CWE-287 Improper Authentication	CVE-2020-9294	2024-11-21 14:40	2020-04-28	Show	GitHub Exploit DB Packet Storm

195852	3.7	LOW Network	apache oracle debian qos	log4j flexcube_private_banking retail_integration_bus flexcube_core_banking peoplesoft_enterprise_peopletools weblogic_server utilities_framework primavera_unifier retail_cust…	Improper validation of certificate with host mismatch in Apache Log4j SMTP appender. This could allow an SMTPS connection to be intercepted by a man-in-the-middle attack which could leak any log mess…	CWE-295 Improper Certificate Validation	CVE-2020-9488	2024-11-21 14:40	2020-04-28	Show	GitHub Exploit DB Packet Storm

195853	5.5	MEDIUM Local	apache oracle	tika flexcube_private_banking primavera_unifier webcenter_portal communications_messaging_server	A carefully crafted or corrupt file may trigger a System.exit in Tika's OneNote Parser. Crafted or corrupted files can also cause out of memory errors and/or infinite loops in Tika's ICNSParser, MP3P…	CWE-835 Loop with Unreachable Exit Condition ('Infinite Loop')	CVE-2020-9489	2024-11-21 14:40	2020-04-27	Show	GitHub Exploit DB Packet Storm

195854	9.8	CRITICAL Network	dlink	dsl-2640b_firmware	An issue was discovered on D-Link DSL-2640B B2 EU_4.01B devices. A hard-coded account allows management-interface login with high privileges. The logged-in user can perform critical tasks and take fu…	CWE-798 Use of Hard-coded Credentials	CVE-2020-9279	2024-11-21 14:40	2020-04-21	Show	GitHub Exploit DB Packet Storm

195855	9.1	CRITICAL Network	dlink	dsl-2640b_firmware	An issue was discovered on D-Link DSL-2640B B2 EU_4.01B devices. The device can be reset to its default configuration by accessing an unauthenticated URL.	CWE-306 Missing Authentication for Critical Function	CVE-2020-9278	2024-11-21 14:40	2020-04-21	Show	GitHub Exploit DB Packet Storm

195856	9.8	CRITICAL Network	dlink	dsl-2640b_firmware	An issue was discovered on D-Link DSL-2640B B2 EU_4.01B devices. Authentication can be bypassed when accessing cgi modules. This allows one to perform administrative tasks (e.g., modify the admin pas…	CWE-287 Improper Authentication	CVE-2020-9277	2024-11-21 14:40	2020-04-21	Show	GitHub Exploit DB Packet Storm

195857	8.8	HIGH Network	dlink	dsl-2640b_firmware	An issue was discovered on D-Link DSL-2640B B2 EU_4.01B devices. The function do_cgi(), which processes cgi requests supplied to the device's web servers, is vulnerable to a remotely exploitable stac…	CWE-787 Out-of-bounds Write	CVE-2020-9276	2024-11-21 14:40	2020-04-21	Show	GitHub Exploit DB Packet Storm

195858	9.8	CRITICAL Network	dlink	dsl-2640b_firmware	An issue was discovered on D-Link DSL-2640B B2 EU_4.01B devices. A cfm UDP service listening on port 65002 allows remote, unauthenticated exfiltration of administrative credentials.	CWE-306 Missing Authentication for Critical Function	CVE-2020-9275	2024-11-21 14:40	2020-04-21	Show	GitHub Exploit DB Packet Storm

195859	6.1	MEDIUM Network	zulip	zulip_server	Zulip Server before 2.1.3 allows XSS via the modal_link feature in the Markdown functionality.	CWE-79 Cross-site Scripting	CVE-2020-9445	2024-11-21 14:40	2020-04-21	Show	GitHub Exploit DB Packet Storm

195860	6.1	MEDIUM Network	zulip	zulip_server	Zulip Server before 2.1.3 allows reverse tabnabbing via the Markdown functionality.	CWE-1021 Improper Restriction of Rendered UI Layers or Frames	CVE-2020-9444	2024-11-21 14:40	2020-04-21	Show	GitHub Exploit DB Packet Storm