Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":May 23, 2026, 6 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
229541 4.3 警告 screwturn - ScrewTurn Wiki におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2008-3483 2012-12-20 18:52 2008-08-5 Show GitHub Exploit DB Packet Storm
229542 2.6 注意 The phpMyAdmin Project - phpMyAdmin におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2008-3457 2012-12-20 18:52 2008-07-28 Show GitHub Exploit DB Packet Storm
229543 6.4 警告 The phpMyAdmin Project - phpMyAdmin におけるなりすましされる脆弱性 CWE-59
リンク解釈の問題 		CVE-2008-3456 2012-12-20 18:52 2008-07-28 Show GitHub Exploit DB Packet Storm
229544 4 警告 phpwebgallery - PhpWebGallery における他のユーザの電子メールアドレスを取得される脆弱性 CWE-200
情報漏えい 		CVE-2008-3451 2012-12-20 18:52 2008-08-4 Show GitHub Exploit DB Packet Storm
229545 7.5 危険 phpmyrealty - PMR の index.php における SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2008-3445 2012-12-20 18:52 2008-08-4 Show GitHub Exploit DB Packet Storm
229546 7.5 危険 winzip - WinZip における任意のコードを実行される脆弱性 CWE-94
コード・インジェクション 		CVE-2008-3442 2012-12-20 18:52 2008-08-1 Show GitHub Exploit DB Packet Storm
229547 7.5 危険 サン・マイクロシステムズ - Sun Java における任意のコードを実行される脆弱性 CWE-94
コード・インジェクション 		CVE-2008-3440 2012-12-20 18:52 2008-08-1 Show GitHub Exploit DB Packet Storm
229548 7.5 危険 speedbit - SpeedBit Video Acceleration における任意のコードを実行される脆弱性 CWE-94
コード・インジェクション 		CVE-2008-3439 2012-12-20 18:52 2008-08-1 Show GitHub Exploit DB Packet Storm
229549 7.5 危険 speedbit - SpeedBit DAP における任意のコードを実行される脆弱性 CWE-94
コード・インジェクション 		CVE-2008-3433 2012-12-20 18:52 2008-08-1 Show GitHub Exploit DB Packet Storm
229550 5 警告 Vtiger - Vtiger CRM におけるメールマージテンプレートを読まれる脆弱性 CWE-200
情報漏えい 		CVE-2008-3458 2012-12-20 18:52 2006-09-9 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:May 23, 2026, 4:08 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
222101 5.7 MEDIUM
Adjacent 		redhat
debian
fedoraproject 		libvirt
debian_linux
fedora 		qemu/qemu_driver.c in libvirt before 6.0.0 mishandles the holding of a monitor job during a query to a guest agent, which allows attackers to cause a denial of service (API blockage). CWE-20
 Improper Input Validation  		CVE-2019-20485 2024-11-21 13:38 2020-03-19 Show GitHub Exploit DB Packet Storm
222102 7.5 HIGH
Network 		frappe frappe In core/doctype/prepared_report/prepared_report.py in Frappe 11 and 12, data files generated with Prepared Report were being stored as public files (no authentication is required to access; having a … CWE-306
CWE-552
Missing Authentication for Critical Function
 Files or Directories Accessible to External Parties 		CVE-2019-20529 2024-11-21 13:38 2020-03-19 Show GitHub Exploit DB Packet Storm
222103 6.1 MEDIUM
Network 		igniterealtime openfire Ignite Realtime Openfire 4.4.1 allows XSS via the setup/setup-datasource-standard.jsp username parameter. CWE-79
Cross-site Scripting 		CVE-2019-20528 2024-11-21 13:38 2020-03-19 Show GitHub Exploit DB Packet Storm
222104 6.1 MEDIUM
Network 		open.edx ironwood Open edX Ironwood.1 allows support/certificates?course_id= reflected XSS. CWE-79
Cross-site Scripting 		CVE-2019-20512 2024-11-21 13:38 2020-03-19 Show GitHub Exploit DB Packet Storm
222105 6.1 MEDIUM
Network 		frappe erpnext ERPNext 11.1.47 allows blog?blog_category= Frame Injection. CWE-79
Cross-site Scripting 		CVE-2019-20511 2024-11-21 13:38 2020-03-19 Show GitHub Exploit DB Packet Storm
222106 9.8 CRITICAL
Network 		cpanel cpanel cPanel before 82.0.18 allows WebDAV authentication bypass because the connection-sharing logic is incorrect (SEC-534). NVD-CWE-noinfo
CVE-2019-20498 2024-11-21 13:38 2020-03-18 Show GitHub Exploit DB Packet Storm
222107 5.4 MEDIUM
Network 		cpanel cpanel cPanel before 82.0.18 allows stored XSS via WHM Backup Restoration (SEC-533). CWE-79
Cross-site Scripting 		CVE-2019-20497 2024-11-21 13:38 2020-03-18 Show GitHub Exploit DB Packet Storm
222108 5.5 MEDIUM
Local 		cpanel cpanel cPanel before 82.0.18 allows attackers to conduct arbitrary chown operations as root during log processing (SEC-532). NVD-CWE-noinfo
CVE-2019-20496 2024-11-21 13:38 2020-03-18 Show GitHub Exploit DB Packet Storm
222109 6.5 MEDIUM
Network 		cpanel cpanel cPanel before 82.0.18 allows attackers to read an arbitrary database via MySQL dump streaming (SEC-531). NVD-CWE-noinfo
CVE-2019-20495 2024-11-21 13:38 2020-03-18 Show GitHub Exploit DB Packet Storm
222110 3.3 LOW
Local 		cpanel cpanel In cPanel before 82.0.18, Cpanel::Rand::Get can produce a predictable series of numbers (SEC-525). CWE-330
 Use of Insufficiently Random Values 		CVE-2019-20494 2024-11-21 13:38 2020-03-18 Show GitHub Exploit DB Packet Storm