Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":June 4, 2026, 4 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
229531 7.5 危険 scripts-for-sites - SFS EZ Adult Directory の directory.php における SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2008-6784 2012-12-20 19:10 2009-05-1 Show GitHub Exploit DB Packet Storm
229532 7.5 危険 scripts-for-sites - SFS EZ Home Business Directory の directory.php における SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2008-6783 2012-12-20 19:10 2009-05-1 Show GitHub Exploit DB Packet Storm
229533 7.5 危険 scripts-for-sites - SFS EZ Hosting Directory の directory.php における SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2008-6782 2012-12-20 19:10 2009-05-1 Show GitHub Exploit DB Packet Storm
229534 7.5 危険 scripts-for-sites - SFS Gaming Directory の directory.php における SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2008-6781 2012-12-20 19:10 2009-05-1 Show GitHub Exploit DB Packet Storm
229535 7.5 危険 scripts-for-sites - SFS SFS EZ Affiliate の directory.php における SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2008-6780 2012-12-20 19:10 2009-05-1 Show GitHub Exploit DB Packet Storm
229536 7.5 危険 PHPNUKE - PHP-Nuke 用の Sarkilar モジュールにおける SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2008-6779 2012-12-20 19:10 2009-05-1 Show GitHub Exploit DB Packet Storm
229537 7.5 危険 scripts-for-sites - SFS EZ Auction の viewfaqs.php における SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2008-6778 2012-12-20 19:10 2009-05-1 Show GitHub Exploit DB Packet Storm
229538 7.5 危険 scripts-for-sites - SFS EZ Hot or Not の viewcomments.php における SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2008-6776 2012-12-20 19:10 2009-05-1 Show GitHub Exploit DB Packet Storm
229539 6.8 警告 shopsystem-forum - K&S Shopsoftware の admin/editor/images.php における任意の PHP コードを実行される脆弱性 CWE-Other
その他 		CVE-2008-6768 2012-12-20 19:10 2009-04-29 Show GitHub Exploit DB Packet Storm
229540 10 危険 WordPress.org - WordPress の wp-admin/upgrade.php におけるアプリケーションをアップグレードされる脆弱性 CWE-noinfo
情報不足 		CVE-2008-6767 2012-12-20 19:10 2009-04-28 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:June 5, 2026, 4:11 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
208421 5.5 MEDIUM
Local 		upx_project upx A Segmentaation fault was found in UPX in invert_pt_dynamic() function in p_lx_elf.cpp. An attacker with a crafted input file allows invalid memory address access that could lead to a denial of servi… NVD-CWE-noinfo
CVE-2020-27787 2024-11-21 14:21 2022-08-19 Show GitHub Exploit DB Packet Storm
208422 5.4 MEDIUM
Network 		galaxkey galaxkey Persistent XSS in Galaxkey Secure Mail Client in Galaxkey up to 5.6.11.5 allows an attacker to perform an account takeover by intercepting the HTTP Post request when sending an email and injecting a … CWE-79
Cross-site Scripting 		CVE-2020-27509 2024-11-21 14:21 2022-06-26 Show GitHub Exploit DB Packet Storm
208423 8.8 HIGH
Adjacent 		drtrustusa icheck_connect_bp_monitor_bp_testing_118_firmware Dr Trust USA iCheck Connect BP Monitor BP Testing 118 version 1.2.1 is vulnerable to Missing Authentication. CWE-306
Missing Authentication for Critical Function 		CVE-2020-27376 2024-11-21 14:21 2022-04-7 Show GitHub Exploit DB Packet Storm
208424 6.5 MEDIUM
Adjacent 		drtrustusa icheck_connect_bp_monitor_bp_testing_118_firmware Dr Trust USA iCheck Connect BP Monitor BP Testing 118 version 1.2.1 is vulnerable to Transmitting Write Requests and Chars. CWE-918
Server-Side Request Forgery (SSRF)  		CVE-2020-27375 2024-11-21 14:21 2022-04-7 Show GitHub Exploit DB Packet Storm
208425 7.5 HIGH
Adjacent 		drtrustusa icheck_connect_bp_monitor_bp_testing_118_firmware Dr Trust USA iCheck Connect BP Monitor BP Testing 118 1.2.1 is vulnerable to a Replay Attack to BP Monitoring. CWE-294
Authentication Bypass by Capture-replay  		CVE-2020-27374 2024-11-21 14:21 2022-04-7 Show GitHub Exploit DB Packet Storm
208426 8.8 HIGH
Adjacent 		drtrustusa icheck_connect_bp_monitor_bp_testing_118_firmware Dr Trust USA iCheck Connect BP Monitor BP Testing 118 1.2.1 is vulnerable to Plain text command over BLE. CWE-78
OS Command  		CVE-2020-27373 2024-11-21 14:21 2022-04-7 Show GitHub Exploit DB Packet Storm
208427 7.5 HIGH
Network 		processwire processwire A Directory Traversal vulnerability exits in Processwire CMS before 2.7.1 via the download parameter to index.php. CWE-22
Path Traversal 		CVE-2020-27467 2024-11-21 14:21 2022-02-25 Show GitHub Exploit DB Packet Storm
208428 6.1 MEDIUM
Network 		mit scratch-svg-renderer A DOM-based cross-site scripting (XSS) vulnerability in Scratch-Svg-Renderer v0.2.0 allows attackers to execute arbitrary web scripts or HTML via a crafted sb3 file. CWE-79
Cross-site Scripting 		CVE-2020-27428 2024-11-21 14:21 2022-01-6 Show GitHub Exploit DB Packet Storm
208429 9.8 CRITICAL
Network 		mahadiscom mahavitaran Mahavitaran android application 7.50 and prior are affected by account takeover due to improper OTP validation, allows remote attackers to control a users account. CWE-613
 Insufficient Session Expiration 		CVE-2020-27416 2024-11-21 14:21 2021-12-9 Show GitHub Exploit DB Packet Storm
208430 5.4 MEDIUM
Network 		debug_meta_data_project debug_meta_data The debug-meta-data plugin 1.1.2 for WordPress allows XSS. CWE-79
Cross-site Scripting 		CVE-2020-27356 2024-11-21 14:21 2021-12-8 Show GitHub Exploit DB Packet Storm