Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":May 25, 2026, 6 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
229141 7.5 危険 sg real estate portal - SG Real Estate Portal における認証を回避される脆弱性 CWE-287
不適切な認証 		CVE-2008-6009 2012-12-20 19:10 2009-01-30 Show GitHub Exploit DB Packet Storm
229142 7.5 危険 quidascript - APB の view_group.php における SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2008-6007 2012-12-20 19:10 2009-01-30 Show GitHub Exploit DB Packet Storm
229143 10 危険 W3C - W3C Amaya Web Browser の CheckUniqueName 関数におけるバッファオーバーフローの脆弱性 CWE-119
バッファエラー 		CVE-2008-6005 2012-12-20 19:10 2009-01-28 Show GitHub Exploit DB Packet Storm
229144 7.1 危険 web-cp - web-cp の sendfile.php における絶対パストラバーサルの脆弱性 CWE-22
パス・トラバーサル 		CVE-2008-6002 2012-12-20 19:10 2009-01-28 Show GitHub Exploit DB Packet Storm
229145 4.3 警告 TYPO3 Association - TYPO3 用の freeCap CAPTCHA エクステンションにおけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2008-5995 2012-12-20 19:10 2009-01-28 Show GitHub Exploit DB Packet Storm
229146 6.8 警告 phpcounter - PHPcounter の defs.php におけるディレクトリトラバーサルの脆弱性 CWE-22
パス・トラバーサル 		CVE-2008-5989 2012-12-20 19:10 2009-01-28 Show GitHub Exploit DB Packet Storm
229147 5 警告 Webkit - WebKit の WebCore における重要な情報を取得される脆弱性 CWE-264
認可・権限・アクセス制御 		CVE-2008-6059 2012-12-20 19:10 2008-11-18 Show GitHub Exploit DB Packet Storm
229148 6 警告 tangocms - TangoCMS におけるクロスサイトリクエストフォージェリの脆弱性 CWE-352
同一生成元ポリシー違反 		CVE-2008-6048 2012-12-20 19:10 2008-12-16 Show GitHub Exploit DB Packet Storm
229149 7.5 危険 PreProject.com - PHP JOBWEBSITE PRO の siteadmin/forgot.php における SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2008-5977 2012-12-20 19:10 2009-01-26 Show GitHub Exploit DB Packet Storm
229150 4.3 警告 PreProject.com - PHP JOBWEBSITE PRO の siteadmin/forgot.php におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2008-5976 2012-12-20 19:10 2009-01-26 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:May 26, 2026, 4:05 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
221701 5.3 MEDIUM
Network 		atlassian jira
jira_software_data_center
jira_server
jira_data_center 		The Gadget API in Atlassian Jira Server and Data Center in affected versions allows remote attackers to make Jira unresponsive via repeated requests to a certain endpoint in the Gadget API. The affec… NVD-CWE-noinfo
CVE-2019-20899 2024-11-21 13:39 2020-07-13 Show GitHub Exploit DB Packet Storm
221702 7.5 HIGH
Network 		atlassian jira_software_data_center
jira 		Affected versions of Atlassian Jira Server and Data Center allow remote attackers to access sensitive information without being authenticated in the Global permissions screen. The affected versions a… NVD-CWE-noinfo
CVE-2019-20898 2024-11-21 13:39 2020-07-13 Show GitHub Exploit DB Packet Storm
221703 6.5 MEDIUM
Network 		atlassian jira
jira_software_data_center
jira_server
jira_data_center 		The avatar upload feature in affected versions of Atlassian Jira Server and Data Center allows remote attackers to achieve Denial of Service via a crafted PNG file. The affected versions are before v… CWE-434
 Unrestricted Upload of File with Dangerous Type  		CVE-2019-20897 2024-11-21 13:39 2020-07-13 Show GitHub Exploit DB Packet Storm
221704 9.8 CRITICAL
Network 		webchess_project webchess WebChess 1.0 allows SQL injection via the messageFrom, gameID, opponent, messageID, or to parameter. CWE-89
SQL Injection 		CVE-2019-20896 2024-11-21 13:39 2020-07-8 Show GitHub Exploit DB Packet Storm
221705 7.5 HIGH
Network 		traefik traefik Traefik 2.x, in certain configurations, allows HTTPS sessions to proceed without mutual TLS verification in a situation where ERR_BAD_SSL_CLIENT_AUTH_CERT should have occurred. CWE-295
Improper Certificate Validation  		CVE-2019-20894 2024-11-21 13:39 2020-07-3 Show GitHub Exploit DB Packet Storm
221706 9.8 CRITICAL
Network 		activision call_of_duty_modern_warfare_2 An issue was discovered in Activision Infinity Ward Call of Duty Modern Warfare 2 through 2019-12-11. PartyHost_HandleJoinPartyRequest has a buffer overflow vulnerability and can be exploited by usin… CWE-120
Classic Buffer Overflow 		CVE-2019-20893 2024-11-21 13:39 2020-06-30 Show GitHub Exploit DB Packet Storm
221707 6.5 MEDIUM
Network 		net-snmp
oracle 		net-snmp
zfs_storage_appliance_kit 		net-snmp before 5.8.1.pre1 has a double free in usm_free_usmStateReference in snmplib/snmpusm.c via an SNMPv3 GetBulk request. NOTE: this affects net-snmp packages shipped to end users by multiple Li… CWE-415
 Double Free 		CVE-2019-20892 2024-11-21 13:39 2020-06-25 Show GitHub Exploit DB Packet Storm
221708 8.8 HIGH
Network 		woocommerce woocommerce WooCommerce before 3.6.5, when it handles CSV imports of products, has a cross-site request forgery (CSRF) issue with resultant stored cross-site scripting (XSS) via includes/admin/importers/class-wc… CWE-352
 Origin Validation Error 		CVE-2019-20891 2024-11-21 13:39 2020-06-20 Show GitHub Exploit DB Packet Storm
221709 4.3 MEDIUM
Network 		mattermost mattermost_server An issue was discovered in Mattermost Server before 5.7. It allows a bypass of e-mail address discovery restrictions. NVD-CWE-noinfo
CVE-2019-20890 2024-11-21 13:39 2020-06-20 Show GitHub Exploit DB Packet Storm
221710 5.3 MEDIUM
Network 		mattermost mattermost_server An issue was discovered in Mattermost Server before 5.7, 5.6.3, 5.5.2, and 4.10.5. It mishandles permissions for user-access token creation. CWE-276
Incorrect Default Permissions  		CVE-2019-20889 2024-11-21 13:39 2020-06-20 Show GitHub Exploit DB Packet Storm