Vulnerability Search Top

Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

Vulnerability Information Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":May 24, 2026, 6 p.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
228971	5	警告	Webkit	-	WebKit の WebCore における重要な情報を取得される脆弱性	CWE-264 認可・権限・アクセス制御	CVE-2008-6059	2012-12-20 19:10	2008-11-18	Show	GitHub Exploit DB Packet Storm

228972	6	警告	tangocms	-	TangoCMS におけるクロスサイトリクエストフォージェリの脆弱性	CWE-352 同一生成元ポリシー違反	CVE-2008-6048	2012-12-20 19:10	2008-12-16	Show	GitHub Exploit DB Packet Storm

228973	7.5	危険	PreProject.com	-	PHP JOBWEBSITE PRO の siteadmin/forgot.php における SQL インジェクションの脆弱性	CWE-89 SQLインジェクション	CVE-2008-5977	2012-12-20 19:10	2009-01-26	Show	GitHub Exploit DB Packet Storm

228974	4.3	警告	PreProject.com	-	PHP JOBWEBSITE PRO の siteadmin/forgot.php におけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2008-5976	2012-12-20 19:10	2009-01-26	Show	GitHub Exploit DB Packet Storm

228975	7.5	危険	sunbyte	-	Sunbyte e-Flower の popupproduct.php における SQL インジェクションの脆弱性	CWE-89 SQLインジェクション	CVE-2008-5969	2012-12-20 19:10	2009-01-26	Show	GitHub Exploit DB Packet Storm

228976	7.5	危険	phpicalendar	-	PHP iCalendar の print.php におけるディレクトリトラバーサルの脆弱性	CWE-22 パス・トラバーサル	CVE-2008-5968	2012-12-20 19:10	2009-01-26	Show	GitHub Exploit DB Packet Storm

228977	7.5	危険	phpicalendar	-	PHP iCalendar の admin/index.php における任意のコンテンツを含むカレンダーファイルをアップロードされる脆弱性	CWE-287 不適切な認証	CVE-2008-5967	2012-12-20 19:10	2009-01-26	Show	GitHub Exploit DB Packet Storm

228978	4.3	警告	Tribal Ltd.	-	Tribiq CMS Community の index.php におけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2008-5961	2012-12-20 19:10	2009-01-23	Show	GitHub Exploit DB Packet Storm

228979	7.5	危険	Tribal Ltd.	-	Tribiq CMS Community の index.php における SQL インジェクションの脆弱性	CWE-89 SQLインジェクション	CVE-2008-5960	2012-12-20 19:10	2009-01-23	Show	GitHub Exploit DB Packet Storm

228980	5	警告	phpstreet	-	Wbstreet におけるデータベースの資格情報を取得される脆弱性	CWE-264 認可・権限・アクセス制御	CVE-2008-5956	2012-12-20 19:10	2009-01-23	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:May 25, 2026, 4:01 a.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
208661	5.5	MEDIUM Local	huawei	honor_v30_firmware	Honor V30 smartphones with versions earlier than 10.0.1.135(C00E130R4P1) have an improper authentication vulnerability. Certain applications do not properly validate the identity of another applicati…	CWE-287 Improper Authentication	CVE-2020-1788	2024-11-21 14:11	2020-01-22	Show	GitHub Exploit DB Packet Storm

208662	6.0	MEDIUM Local	huawei	mate_20_firmware	HUAWEI Mate 20 smart phones with versions earlier than 10.0.0.175(C00E70R3P8) have an insufficient authentication vulnerability. A local attacker with high privilege can execute a specific command to…	CWE-287 Improper Authentication	CVE-2020-1840	2024-11-21 14:11	2020-01-22	Show	GitHub Exploit DB Packet Storm

208663	7.5	HIGH Network	apache	beam	The Apache Beam MongoDB connector in versions 2.10.0 to 2.16.0 has an option to disable SSL trust verification. However this configuration is not respected and the certificate verification disables t…	CWE-295 Improper Certificate Validation	CVE-2020-1929	2024-11-21 14:11	2020-01-16	Show	GitHub Exploit DB Packet Storm

208664	4.3	MEDIUM Network	otrs debian	otrs debian_linux	Agent A is able to save a draft (i.e. for customer reply). Then Agent B can open the draft, change the text completely and send it in the name of Agent A. For the customer it will not be visible that…	NVD-CWE-Other	CVE-2020-1767	2024-11-21 14:11	2020-01-11	Show	GitHub Exploit DB Packet Storm

208665	6.1	MEDIUM Network	otrs debian	otrs debian_linux	Due to improper handling of uploaded images it is possible in very unlikely and rare conditions to force the agents browser to execute malicious javascript from a special crafted SVG file rendered as…	CWE-79 Cross-site Scripting	CVE-2020-1766	2024-11-21 14:11	2020-01-11	Show	GitHub Exploit DB Packet Storm

208666	5.3	MEDIUM Network	otrs debian opensuse	otrs debian_linux leap backports_sle	An improper control of parameters allows the spoofing of the from fields of the following screens: AgentTicketCompose, AgentTicketForward, AgentTicketBounce and AgentTicketEmailOutbound. This issue a…	NVD-CWE-Other	CVE-2020-1765	2024-11-21 14:11	2020-01-11	Show	GitHub Exploit DB Packet Storm

208667	7.5	HIGH Network	apache	olingo	Apache Olingo versions 4.0.0 to 4.7.0 provide the AsyncRequestWrapperImpl class which reads a URL from the Location header, and then sends a GET or DELETE request to this URL. It may allow to impleme…	CWE-918 Server-Side Request Forgery (SSRF)	CVE-2020-1925	2024-11-21 14:11	2020-01-10	Show	GitHub Exploit DB Packet Storm

208668	5.3	MEDIUM Network	huawei	cloudengine_12800_firmware s5700_firmware s6700_firmware	There is a weak algorithm vulnerability in some Huawei products. The affected products use the RSA algorithm in the SSL key exchange algorithm which have been considered as a weak algorithm. Attacker…	CWE-327 Use of a Broken or Risky Cryptographic Algorithm	CVE-2020-1810	2024-11-21 14:11	2020-01-10	Show	GitHub Exploit DB Packet Storm

208669	4.6	MEDIUM Physics	huawei	mate_20_pro_firmware	HUAWEI Mate 20 Pro smartphones versions earlier than 10.0.0.175(C00E69R3P8) have an improper authentication vulnerability. The software does not sufficiently validate the name of apk file in a specia…	CWE-287 Improper Authentication	CVE-2020-1786	2024-11-21 14:11	2020-01-10	Show	GitHub Exploit DB Packet Storm

208670	4.4	MEDIUM Local	huawei	honor_magic2_firmware	Huawei Honor Magic2 mobile phones with versions earlier than 10.0.0.175(C00E59R2P11) have an information leak vulnerability. Due to a module using weak encryption tool, an attacker with the root perm…	CWE-327 Use of a Broken or Risky Cryptographic Algorithm	CVE-2020-1826	2024-11-21 14:11	2020-01-10	Show	GitHub Exploit DB Packet Storm