Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":May 13, 2026, 6 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
228551 7.5 危険 PHPNUKE - PHP-Nuke 用の KutubiSitte モジュールにおける SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2008-1219 2012-12-20 18:34 2008-03-10 Show GitHub Exploit DB Packet Storm
228552 4.3 警告 podcast generator - Podcast Generator の set_permissions.php におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2008-1212 2012-12-20 18:34 2008-03-7 Show GitHub Exploit DB Packet Storm
228553 9.3 危険 pnotepad - Programmer's Notepad の ctags parsing コードにおけるスタックベースのバッファオーバーフローの脆弱性 CWE-119
バッファエラー 		CVE-2008-1210 2012-12-20 18:34 2008-03-7 Show GitHub Exploit DB Packet Storm
228554 4.3 警告 xitex - Xitex WebContent M1 の redirect.do におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2008-1209 2012-12-20 18:34 2008-03-7 Show GitHub Exploit DB Packet Storm
228555 4.3 警告 サン・マイクロシステムズ - Sun Java System Access Manager の管理コンソールにおけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2008-1204 2012-12-20 18:34 2008-02-27 Show GitHub Exploit DB Packet Storm
228556 7.1 危険 レッドハット - Red Hat Enterprise Linux のデフォルト IPSec ifup スクリプトにおける総当り攻撃を実行される脆弱性 CWE-16
環境設定 		CVE-2008-1198 2012-12-20 18:34 2008-02-28 Show GitHub Exploit DB Packet Storm
228557 4.3 警告 torrenttrader - TorrentTrader Classic の TorrentTrader Classic におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2008-1173 2012-12-20 18:34 2008-03-5 Show GitHub Exploit DB Packet Storm
228558 4.3 警告 torrenttrader - TorrentTrader Classic の account-inbox.php におけるクロスサイトリクエストフォージェリの脆弱性 CWE-352
同一生成元ポリシー違反 		CVE-2008-1172 2012-12-20 18:34 2008-03-5 Show GitHub Exploit DB Packet Storm
228559 7.8 危険 simm-comm - SCI Photo Chat Server の組み込まれた HTTP サーバにおけるディレクトリトラバーサルの脆弱性 CWE-22
パス・トラバーサル 		CVE-2008-1169 2012-12-20 18:34 2008-03-5 Show GitHub Exploit DB Packet Storm
228560 4.3 警告 sarg - Sarg におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2008-1168 2012-12-20 18:34 2008-03-5 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:May 14, 2026, 4 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
209181 5.4 MEDIUM
Network 		bloomreach experience_manager An issue was discovered in Bloomreach Experience Manager (brXM) 4.1.0 through 14.2.2. It allows XSS in the login page via the loginmessage parameter, the text editor via the src attribute of HTML ele… CWE-79
Cross-site Scripting 		CVE-2020-14988 2024-11-21 14:04 2021-03-12 Show GitHub Exploit DB Packet Storm
209182 7.2 HIGH
Network 		bloomreach experience_manager An issue was discovered in Bloomreach Experience Manager (brXM) 4.1.0 through 14.2.2. It allows remote attackers to execute arbitrary code because there is a mishandling of the capability for adminis… CWE-74
CWE-862
Injection
 Missing Authorization 		CVE-2020-14987 2024-11-21 14:04 2021-03-12 Show GitHub Exploit DB Packet Storm
209183 9.1 CRITICAL
Network 		loklak_project loklak loklak is an open-source server application which is able to collect messages from various sources, including twitter. The server contains a search index and a peer-to-peer index sharing interface. A… - CVE-2020-15097 2024-11-21 14:04 2021-02-3 Show GitHub Exploit DB Packet Storm
209184 9.8 CRITICAL
Network 		oracle utilities_framework
coherence 		Vulnerability in the Oracle Coherence product of Oracle Fusion Middleware (component: Core Components). Supported versions that are affected are 3.7.1.0, 12.1.3.0.0, 12.2.1.3.0, 12.2.1.4.0 and 14.1.1… NVD-CWE-noinfo
CVE-2020-14756 2024-11-21 14:04 2021-01-21 Show GitHub Exploit DB Packet Storm
209185 4.7 MEDIUM
Network 		oracle cloud_infrastructure_identity_and_access_management Vulnerability in the Oracle Cloud Infrastructure Identity and Access Management product of Oracle Cloud Services. Easily exploitable vulnerability allows high privileged attacker with network access … NVD-CWE-noinfo
CVE-2020-14874 2024-11-21 14:04 2020-12-23 Show GitHub Exploit DB Packet Storm
209186 5.9 MEDIUM
Network 		askey ap5100w_firmware Askey AP5100W devices through AP5100W_Dual_SIG_1.01.097 are affected by WPS PIN offline brute-force cracking. This arises because of issues with the random number selection for the Diffie-Hellman exc… CWE-330
 Use of Insufficiently Random Values 		CVE-2020-15023 2024-11-21 14:04 2020-12-12 Show GitHub Exploit DB Packet Storm
209187 9.8 CRITICAL
Network 		oracle fusion_middleware Vulnerability in the Oracle WebLogic Server product of Oracle Fusion Middleware (component: Console). Supported versions that are affected are 10.3.6.0.0, 12.1.3.0.0, 12.2.1.3.0, 12.2.1.4.0 and 14.1.… NVD-CWE-noinfo
CVE-2020-14750 2024-11-21 14:04 2020-11-3 Show GitHub Exploit DB Packet Storm
209188 4.8 MEDIUM
Network 		open-xchange open-xchange_appsuite OX App Suite through 7.10.3 allows stats/diagnostic?param= XSS. CWE-79
Cross-site Scripting 		CVE-2020-15004 2024-11-21 14:04 2020-10-23 Show GitHub Exploit DB Packet Storm
209189 4.3 MEDIUM
Network 		open-xchange open-xchange_appsuite OX App Suite through 7.10.3 allows Information Exposure because a user can obtain the IP address and User-Agent string of a different user (via the session API during shared Drive access). NVD-CWE-noinfo
CVE-2020-15003 2024-11-21 14:04 2020-10-23 Show GitHub Exploit DB Packet Storm
209190 5.0 MEDIUM
Network 		open-xchange open-xchange_appsuite OX App Suite through 7.10.3 allows SSRF via the the /ajax/messaging/message message API. CWE-918
Server-Side Request Forgery (SSRF)  		CVE-2020-15002 2024-11-21 14:04 2020-10-23 Show GitHub Exploit DB Packet Storm