Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":May 21, 2026, 12:08 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
229511 4.3 警告 yektaweb - AWT YEKTA におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2008-2967 2012-12-20 18:52 2008-07-2 Show GitHub Exploit DB Packet Storm
229512 7.5 危険 researchguide - ResearchGuide の guide.php における SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2008-2964 2012-12-20 18:52 2008-07-2 Show GitHub Exploit DB Packet Storm
229513 2.6 注意 The phpMyAdmin Project - phpMyAdmin におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2008-2960 2012-12-20 18:52 2008-06-23 Show GitHub Exploit DB Packet Storm
229514 5.8 警告 Edgewall Software - Trac の検索スクリプトにおけるオープンリダイレクトの脆弱性 CWE-20
不適切な入力確認 		CVE-2008-2951 2012-12-20 18:52 2008-07-27 Show GitHub Exploit DB Packet Storm
229515 7.5 危険 freedesktop.org - Poppler の libpoppler における任意のコードを実行される脆弱性 CWE-94
コード・インジェクション 		CVE-2008-2950 2012-12-20 18:52 2008-07-7 Show GitHub Exploit DB Packet Storm
229516 7.5 危険 サン・マイクロシステムズ - Sun Java System Access Manager および Sun Java System Identity Server における任意のコードを実行される脆弱性 CWE-20
不適切な入力確認 		CVE-2008-2945 2012-12-20 18:52 2008-06-26 Show GitHub Exploit DB Packet Storm
229517 4.9 警告 レッドハット - RHEL などの Linux kernel の utrace サポートにおけるメモリ二重解放の脆弱性 CWE-399
リソース管理の問題 		CVE-2008-2944 2012-12-20 18:52 2008-06-2 Show GitHub Exploit DB Packet Storm
229518 7.5 危険 レッドハット - Red Hat adminutil におけるヒープベースのバッファオーバーフローの脆弱性 CWE-119
バッファエラー 		CVE-2008-2932 2012-12-20 18:52 2008-09-10 Show GitHub Exploit DB Packet Storm
229519 7.5 危険 Wafer - Webmatic における SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2008-2925 2012-12-20 18:52 2008-06-30 Show GitHub Exploit DB Packet Storm
229520 4.3 警告 Wafer - Webmatic におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2008-2924 2012-12-20 18:52 2008-06-30 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:May 21, 2026, 4:10 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
209371 6.1 MEDIUM
Network 		zblogcn z-blogphp Open Redirect in Z-BlogPHP v1.5.2 and earlier allows remote attackers to obtain sensitive information via the "redirect" parameter in the component "zb_system/cmd.php." CWE-601
Open Redirect 		CVE-2020-18268 2024-11-21 14:08 2021-06-8 Show GitHub Exploit DB Packet Storm
209372 8.8 HIGH
Network 		simple-log_project simple-log Cross Site Request Forgery (CSRF) in Simple-Log v1.6 allows remote attackers to gain privilege and execute arbitrary code via the component "Simple-Log/admin/admin.php?act=act_add_member". CWE-352
 Origin Validation Error 		CVE-2020-18265 2024-11-21 14:08 2021-06-8 Show GitHub Exploit DB Packet Storm
209373 8.8 HIGH
Network 		simple-log_project simple-log Cross Site Request Forgery (CSRF) in Simple-Log v1.6 allows remote attackers to gain privilege and execute arbitrary code via the component "Simple-Log/admin/admin.php?act=act_edit_member". CWE-352
 Origin Validation Error 		CVE-2020-18264 2024-11-21 14:08 2021-06-8 Show GitHub Exploit DB Packet Storm
209374 8.8 HIGH
Network 		libjpeg-turbo libjpeg-turbo Libjpeg-turbo all version have a stack-based buffer overflow in the "transform" component. A remote attacker can send a malformed jpeg file to the service and cause arbitrary code execution or denial… CWE-787
 Out-of-bounds Write 		CVE-2020-17541 2024-11-21 14:08 2021-06-2 Show GitHub Exploit DB Packet Storm
209375 7.5 HIGH
Network 		gnu gama A NULL-pointer deference issue was discovered in GNU_gama::set() in ellipsoid.h in Gama 2.04 which can lead to a denial of service (DOS) via segment faults caused by crafted inputs. CWE-476
 NULL Pointer Dereference 		CVE-2020-18395 2024-11-21 14:08 2021-05-29 Show GitHub Exploit DB Packet Storm
209376 5.5 MEDIUM
Local 		cesanta mjs Stack overflow vulnerability in parse_array Cesanta MJS 1.20.1, allows remote attackers to cause a Denial of Service (DoS) via a crafted file. CWE-674
 Uncontrolled Recursion 		CVE-2020-18392 2024-11-21 14:08 2021-05-29 Show GitHub Exploit DB Packet Storm
209377 4.8 MEDIUM
Network 		phpmywind phpmywind Cross Site Scripting (XSS) in PHPMyWind v5.5 allows remote attackers to execute arbitrary code by injecting scripts into the parameter "$cfg_switchshow" of component " /admin/web_config.php". CWE-79
Cross-site Scripting 		CVE-2020-18230 2024-11-21 14:08 2021-05-28 Show GitHub Exploit DB Packet Storm
209378 4.8 MEDIUM
Network 		phpmywind phpmywind Cross Site Scripting (XSS) in PHPMyWind v5.5 allows remote attackers to execute arbitrary code by injecting scripts into the parameter "$cfg_copyright" of component " /admin/web_config.php". CWE-79
Cross-site Scripting 		CVE-2020-18229 2024-11-21 14:08 2021-05-28 Show GitHub Exploit DB Packet Storm
209379 7.4 HIGH
Network 		apache fineract Apache Fineract prior to 1.5.0 disables HTTPS hostname verification in ProcessorHelper in the configureClient method. Under typical deployments, a man in the middle attack could be successful. NVD-CWE-Other
CVE-2020-17514 2024-11-21 14:08 2021-05-27 Show GitHub Exploit DB Packet Storm
209380 6.1 MEDIUM
Network 		typora typora Cross Site Scripting (XSS) in Typora v0.9.65 and earlier allows remote attackers to execute arbitrary code by injecting commands during block rendering of a mathematical formula. CWE-79
Cross-site Scripting 		CVE-2020-18221 2024-11-21 14:08 2021-05-27 Show GitHub Exploit DB Packet Storm