Vulnerability Search Top

Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

Vulnerability Information Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":May 16, 2026, 6 p.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
228691	7.5	危険	realm project	-	Realm CMS の _RealmAdmin/login.asp における認証を回避される脆弱性	CWE-264 認可・権限・アクセス制御	CVE-2008-2682	2012-12-20 18:52	2008-06-12	Show	GitHub Exploit DB Packet Storm

228692	5	警告	realm project	-	Realm CMS における重要な情報を取得される脆弱性	CWE-200 情報漏えい	CVE-2008-2681	2012-12-20 18:52	2008-06-12	Show	GitHub Exploit DB Packet Storm

228693	4.3	警告	realm project	-	Realm CMS の _db/compact.asp におけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2008-2680	2012-12-20 18:52	2008-06-12	Show	GitHub Exploit DB Packet Storm

228694	7.5	危険	realm project	-	Realm CMS の _includes/inc_routines.asp における SQL インジェクションの脆弱性	CWE-89 SQLインジェクション	CVE-2008-2679	2012-12-20 18:52	2008-06-12	Show	GitHub Exploit DB Packet Storm

228695	7.5	危険	telephone	-	Telephone Directory 2008 における SQL インジェクションの脆弱性	CWE-89 SQLインジェクション	CVE-2008-2678	2012-12-20 18:52	2008-06-12	Show	GitHub Exploit DB Packet Storm

228696	4.3	警告	telephone	-	Telephone Directory 2008 の edit1.php におけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2008-2677	2012-12-20 18:52	2008-06-12	Show	GitHub Exploit DB Packet Storm

228697	4.3	警告	softcomplex	-	PHP Image Gallery の index.php におけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2008-2675	2012-12-20 18:52	2008-06-12	Show	GitHub Exploit DB Packet Storm

228698	7.5	危険	Powie	-	Powie pNews の index.php における SQL インジェクションの脆弱性	CWE-89 SQLインジェクション	CVE-2008-2673	2012-12-20 18:52	2008-06-12	Show	GitHub Exploit DB Packet Storm

228699	7.5	危険	y-blog	-	yBlog における SQL インジェクションの脆弱性	CWE-89 SQLインジェクション	CVE-2008-2669	2012-12-20 18:52	2008-06-11	Show	GitHub Exploit DB Packet Storm

228700	4.3	警告	y-blog	-	yBlog におけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2008-2668	2012-12-20 18:52	2008-06-11	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:May 16, 2026, 4 a.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
209001	6.1	MEDIUM Network	themeinprogress	nova_lite	search.php in the Nova Lite theme before 1.3.9 for WordPress allows Reflected XSS.	CWE-79 Cross-site Scripting	CVE-2020-17362	2024-11-21 14:07	2020-08-13	Show	GitHub Exploit DB Packet Storm

209002	5.5	MEDIUM Local	readytalk	avian	An issue was discovered in ReadyTalk Avian 1.2.0. The vm::arrayCopy method defined in classpath-common.h returns silently when a negative length is provided (instead of throwing an exception). This c…	CWE-755 Improper Handling of Exceptional Conditions	CVE-2020-17361	2024-11-21 14:07	2020-08-13	Show	GitHub Exploit DB Packet Storm

209003	7.8	HIGH Local	readytalk	avian	An issue was discovered in ReadyTalk Avian 1.2.0. The vm::arrayCopy method defined in classpath-common.h contains multiple boundary checks that are performed to prevent out-of-bounds memory read/writ…	CWE-125 CWE-787 CWE-190 Out-of-bounds Read Out-of-bounds Write Integer Overflow or Wraparound	CVE-2020-17360	2024-11-21 14:07	2020-08-13	Show	GitHub Exploit DB Packet Storm

209004	5.3	MEDIUM Network	sugarcrm	sugarcrm	SugarCRM before 10.1.0 (Q3 2020) allows SQL Injection.	CWE-89 SQL Injection	CVE-2020-17373	2024-11-21 14:07	2020-08-12	Show	GitHub Exploit DB Packet Storm

209005	5.4	MEDIUM Network	sugarcrm	sugarcrm	SugarCRM before 10.1.0 (Q3 2020) allows XSS.	CWE-79 Cross-site Scripting	CVE-2020-17372	2024-11-21 14:07	2020-08-12	Show	GitHub Exploit DB Packet Storm

209006	5.4	MEDIUM Network	mantisbt	mantisbt	An XSS issue was discovered in MantisBT before 2.24.2. Improper escaping on view_all_bug_page.php allows a remote attacker to inject arbitrary HTML into the page by saving it into a text Custom Field…	CWE-79 Cross-site Scripting	CVE-2020-16266	2024-11-21 14:07	2020-08-12	Show	GitHub Exploit DB Packet Storm

209007	9.8	CRITICAL Network	firejail_project debian fedoraproject opensuse	firejail debian_linux fedora leap	Firejail through 0.9.62 mishandles shell metacharacters during use of the --output or --output-stderr option, which may lead to command injection.	CWE-78 OS Command	CVE-2020-17368	2024-11-21 14:07	2020-08-12	Show	GitHub Exploit DB Packet Storm

209008	7.8	HIGH Local	firejail_project debian fedoraproject opensuse	firejail debian_linux fedora leap	Firejail through 0.9.62 does not honor the -- end-of-options indicator after the --output option, which may lead to command injection.	CWE-88 Argument Injection	CVE-2020-17367	2024-11-21 14:07	2020-08-12	Show	GitHub Exploit DB Packet Storm

209009	6.1	MEDIUM Network	carson-saint	saint_security_suite	A cross-site scripting (XSS) vulnerability in the Permissions component in SAINT Security Suite 8.0 through 9.8.20 could allow arbitrary script to run in the context of a logged-in user when the user…	CWE-79 Cross-site Scripting	CVE-2020-16278	2024-11-21 14:07	2020-08-11	Show	GitHub Exploit DB Packet Storm

209010	8.8	HIGH Network	carson-saint	saint_security_suite	An SQL injection vulnerability in the Analytics component of SAINT Security Suite 8.0 through 9.8.20 allows a remote, authenticated attacker to gain unauthorized access to the database.	CWE-89 SQL Injection	CVE-2020-16277	2024-11-21 14:07	2020-08-11	Show	GitHub Exploit DB Packet Storm