Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":May 31, 2026, 6 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
229421 7.5 危険 PreProject.com - Pre Multi-Vendor Shopping Malls における管理アクセス権を取得される脆弱性 CWE-255
証明書・パスワード管理 		CVE-2008-6228 2012-12-20 19:10 2009-02-20 Show GitHub Exploit DB Packet Storm
229422 7.5 危険 PreProject.com - Pre Multi-Vendor Shopping Malls の buyer_detail.php における SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2008-6227 2012-12-20 19:10 2009-02-20 Show GitHub Exploit DB Packet Storm
229423 6.8 警告 PreProject.com - Pre Projects PHP Auto Listings Script の moreinfo.php における SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2008-6226 2012-12-20 19:10 2009-02-20 Show GitHub Exploit DB Packet Storm
229424 7.5 危険 samelinux - WOTW の visualizza.php におけるディレクトリトラバーサルの脆弱性 CWE-22
パス・トラバーサル 		CVE-2008-6224 2012-12-20 19:10 2009-02-20 Show GitHub Exploit DB Packet Storm
229425 7.5 危険 wotw - WOTW の visualizza.php における PHP リモートファイルインクルージョンの脆弱性 CWE-94
コード・インジェクション 		CVE-2008-6223 2012-12-20 19:10 2009-02-20 Show GitHub Exploit DB Packet Storm
229426 7.5 危険 Cafuego - SDMS の login.php における SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2008-6220 2012-12-20 19:10 2009-02-20 Show GitHub Exploit DB Packet Storm
229427 4.3 警告 php-stats - Php-Stats の admin.php におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2008-6212 2012-12-20 19:10 2009-02-19 Show GitHub Exploit DB Packet Storm
229428 7.5 危険 Vastal I-Tech & Co. - Vastal I-Tech Software Zone の view_product.php における SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2008-6209 2012-12-20 19:10 2009-02-19 Show GitHub Exploit DB Packet Storm
229429 8.5 危険 phpg upload - PHPG Upload の form_upload.php における任意のコードを実行される脆弱性 CWE-20
不適切な入力確認 		CVE-2008-6207 2012-12-20 19:10 2009-02-19 Show GitHub Exploit DB Packet Storm
229430 7.5 危険 RobotStats - RobotStats における PHP リモートファイルインクルージョンの脆弱性 CWE-94
コード・インジェクション 		CVE-2008-6206 2012-12-20 19:10 2009-02-19 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:May 31, 2026, 4:16 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
208611 9.8 CRITICAL
Network 		online_bus_booking_system_project online_bus_booking_system Online Bus Booking System Project Using PHP/MySQL version 1.0 has SQL injection via the login page. By placing SQL injection payload on the login page attackers can bypass the authentication and can … CWE-89
SQL Injection 		CVE-2020-25889 2024-11-21 14:18 2020-12-8 Show GitHub Exploit DB Packet Storm
208612 7.5 HIGH
Network 		openldap
redhat
netapp 		openldap
enterprise_linux
cloud_backup
solidfire_baseboard_management_controller_firmware 		A NULL pointer dereference was found in OpenLDAP server and was fixed in openldap 2.4.55, during a request for renaming RDNs. An unauthenticated attacker could remotely crash the slapd process by sen… - CVE-2020-25692 2024-11-21 14:18 2020-12-8 Show GitHub Exploit DB Packet Storm
208613 5.5 MEDIUM
Local 		ceph
redhat 		ceph-ansible
ceph_storage 		A flaw was found in Ceph-ansible v4.0.41 where it creates an /etc/ceph/iscsi-gateway.conf with insecure default permissions. This flaw allows any user on the system to read sensitive information with… - CVE-2020-25677 2024-11-21 14:18 2020-12-8 Show GitHub Exploit DB Packet Storm
208614 6.1 MEDIUM
Network 		moodle moodle A vulnerability was found in Moodle 3.9 to 3.9.1, 3.8 to 3.8.4 and 3.7 to 3.7.7 where it was possible to include JavaScript in a book's chapter title, which was not escaped on the "Add new chapter" p… - CVE-2020-25631 2024-11-21 14:18 2020-12-8 Show GitHub Exploit DB Packet Storm
208615 7.5 HIGH
Network 		moodle moodle A vulnerability was found in Moodle where the decompressed size of zip files was not checked against available user quota before unzipping them, which could lead to a denial of service risk. This aff… - CVE-2020-25630 2024-11-21 14:18 2020-12-8 Show GitHub Exploit DB Packet Storm
208616 8.8 HIGH
Network 		moodle moodle A vulnerability was found in Moodle where users with "Log in as" capability in a course context (typically, course managers) may gain access to some site administration capabilities by "logging in as… CWE-862
 Missing Authorization 		CVE-2020-25629 2024-11-21 14:18 2020-12-8 Show GitHub Exploit DB Packet Storm
208617 6.1 MEDIUM
Network 		moodle moodle The filter in the tag manager required extra sanitizing to prevent a reflected XSS risk. This affects 3.9 to 3.9.1, 3.8 to 3.8.4, 3.7 to 3.7.7, 3.5 to 3.5.13 and earlier unsupported versions. Fixed i… - CVE-2020-25628 2024-11-21 14:18 2020-12-8 Show GitHub Exploit DB Packet Storm
208618 7.5 HIGH
Network 		moddable moddable Null Pointer Dereference. in xObjectBindingFromExpression at moddable/xs/sources/xsSyntaxical.c:3419 in Moddable SDK before OS200908 causes a denial of service (SEGV). CWE-476
 NULL Pointer Dereference 		CVE-2020-25465 2024-11-21 14:18 2020-12-5 Show GitHub Exploit DB Packet Storm
208619 7.5 HIGH
Network 		moddable moddable Heap buffer overflow at moddable/xs/sources/xsDebug.c in Moddable SDK before before 20200903. The top stack frame is only partially initialized because the stack overflowed while creating the frame. … CWE-787
 Out-of-bounds Write 		CVE-2020-25464 2024-11-21 14:18 2020-12-5 Show GitHub Exploit DB Packet Storm
208620 7.5 HIGH
Network 		moddable moddable Invalid Memory Access in fxUTF8Decode at moddable/xs/sources/xsCommon.c:916 in Moddable SDK before OS200908 causes a denial of service (SEGV). NVD-CWE-Other
CVE-2020-25463 2024-11-21 14:18 2020-12-5 Show GitHub Exploit DB Packet Storm