Vulnerability Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":May 13, 2026, 6 p.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
228591	5.8	警告	spyce	-	Spyce - PSP における重要な情報を取得される脆弱性	CWE-20 不適切な入力確認	CVE-2008-0982	2012-12-20 18:34	2008-02-25	Show	GitHub Exploit DB Packet Storm

228592	6.4	警告	spyce	-	Spyce - PSP の spyce/examples/redirect.spy におけるオープンリダイレクトの脆弱性	CWE-22 パス・トラバーサル	CVE-2008-0981	2012-12-20 18:34	2008-02-25	Show	GitHub Exploit DB Packet Storm

228593	4.3	警告	spyce	-	Spyce - PSP におけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2008-0980	2012-12-20 18:34	2008-02-25	Show	GitHub Exploit DB Packet Storm

228594	4.3	警告	webgui	-	Plain Black WebGUI におけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2008-0940	2012-12-20 18:34	2008-02-25	Show	GitHub Exploit DB Packet Storm

228595	7.5	危険	WordPress.org	-	WordPress 用の WPPA プラグインにおける SQL インジェクションの脆弱性	CWE-89 SQLインジェクション	CVE-2008-0939	2012-12-20 18:34	2008-02-25	Show	GitHub Exploit DB Packet Storm

228596	7.5	危険	the sword project	-	The SWORD Project Diatheke の diatheke.pl における任意のコマンドを実行される脆弱性	CWE-20 不適切な入力確認	CVE-2008-0932	2012-12-20 18:34	2008-02-25	Show	GitHub Exploit DB Packet Storm

228597	6.3	警告	xwine	-	Debian GNU/Linux 上で稼動する XWine の w_export.c における任意のコマンドを実行される脆弱性	CWE-264 認可・権限・アクセス制御	CVE-2008-0931	2012-12-20 18:34	2008-03-3	Show	GitHub Exploit DB Packet Storm

228598	7.5	危険	PHPNUKE	-	PHP-Nuke 用の Manuales モジュールにおける SQL インジェクションの脆弱性	CWE-89 SQLインジェクション	CVE-2008-0922	2012-12-20 18:34	2008-02-22	Show	GitHub Exploit DB Packet Storm

228599	4.3	警告	tendenci	-	Tendenci CMS の search.asp におけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2008-0793	2012-12-20 18:34	2008-02-14	Show	GitHub Exploit DB Packet Storm

228600	4.3	警告	Simple Machines	-	SMF Shoutbox の sboxDB.php におけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2008-0775	2012-12-20 18:34	2008-02-13	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:May 14, 2026, 4 a.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
195821	5.9	MEDIUM Network	tinxy	smart_wifi_door_lock_firmware	Tinxy Door Lock with firmware before 3.2 allow attackers to unlock a door by replaying an Unlock request that occurred when the attacker was previously authorized. In other words, door-access revocat…	CWE-294 Authentication Bypass by Capture-replay	CVE-2020-9438	2024-11-21 14:40	2020-06-24	Show	GitHub Exploit DB Packet Storm

195822	5.4	MEDIUM Network	fortinet	fortiwlc	An improper neutralization of input vulnerability in FortiWLC 8.5.1 allows a remote authenticated attacker to perform a stored cross site scripting attack (XSS) via the ESS profile or the Radius Prof…	CWE-79 Cross-site Scripting	CVE-2020-9288	2024-11-21 14:40	2020-06-23	Show	GitHub Exploit DB Packet Storm

195823	5.3	MEDIUM Network	apache	archiva	Apache Archiva login service before 2.2.5 is vulnerable to LDAP injection. A attacker is able to retrieve user attribute data from the connected LDAP server by providing special values to the login f…	CWE-74 Injection	CVE-2020-9495	2024-11-21 14:40	2020-06-20	Show	GitHub Exploit DB Packet Storm

195824	7.8	HIGH Local	huawei	fusionsphere_openstack	FusionSphere OpenStack 6.5.1 have an improper permissions management vulnerability. The software does not correctly perform a privilege assignment when an actor attempts to perform an action. Success…	CWE-269 Improper Privilege Management	CVE-2020-9225	2024-11-21 14:40	2020-06-18	Show	GitHub Exploit DB Packet Storm

195825	7.8	HIGH Local	fabulatech	usb_for_remote_desktop	ftusbbus2.sys in FabulaTech USB for Remote Desktop through 2020-02-19 allows privilege escalation via crafted IoCtl code related to a USB HID device.	NVD-CWE-noinfo	CVE-2020-9332	2024-11-21 14:40	2020-06-18	Show	GitHub Exploit DB Packet Storm

195826	7.5	HIGH Network	fortinet	fortimanager fortianalyzer	Use of a hard-coded cryptographic key to encrypt password data in CLI configuration in FortiManager 6.2.3 and below, FortiAnalyzer 6.2.3 and below may allow an attacker with access to the CLI configu…	CWE-798 Use of Hard-coded Credentials	CVE-2020-9289	2024-11-21 14:40	2020-06-17	Show	GitHub Exploit DB Packet Storm

195827	6.1	MEDIUM Network	microfocus	arcsight_enterprise_security_manager_express	Cross Site Scripting (XSS) vulnerability in Micro Focus ArcSight Enterprise Security Manager (ESM) product, Affecting versions 7.0.x, 7.2 and 7.2.1 . The vulnerabilities could be remotely exploited r…	CWE-79 Cross-site Scripting	CVE-2020-9522	2024-11-21 14:40	2020-06-16	Show	GitHub Exploit DB Packet Storm

195828	9.8	CRITICAL Network	netflix	conductor	Netflix Titus uses Java Bean Validation (JSR 380) custom constraint validators. When building custom constraint violation error messages, different types of interpolation are supported, including Jav…	CWE-917 Improper Neutralization of Special Elements used in an Expression Language Statement ('Expression Language Injection')	CVE-2020-9296	2024-11-21 14:40	2020-06-16	Show	GitHub Exploit DB Packet Storm

195829	5.0	MEDIUM Network	open-xchange	ox_guard	OX Guard 2.10.3 and earlier allows SSRF.	CWE-918 Server-Side Request Forgery (SSRF)	CVE-2020-9427	2024-11-21 14:40	2020-06-16	Show	GitHub Exploit DB Packet Storm

195830	6.1	MEDIUM Network	open-xchange	ox_guard	OX Guard 2.10.3 and earlier allows XSS.	CWE-79 Cross-site Scripting	CVE-2020-9426	2024-11-21 14:40	2020-06-16	Show	GitHub Exploit DB Packet Storm

Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed