Vulnerability Search Top

Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

Vulnerability Information Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":May 27, 2026, 6 p.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
229581	7.5	危険	webcms	-	webCMS Portal Edition の index.php における SQL インジェクションの脆弱性	CWE-89 SQLインジェクション	CVE-2008-4185	2012-12-20 18:52	2008-09-23	Show	GitHub Exploit DB Packet Storm

229582	4.3	警告	webcms	-	webCMS Portal Edition の index.php におけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2008-4184	2012-12-20 18:52	2008-09-23	Show	GitHub Exploit DB Packet Storm

229583	7.5	危険	PreProject.com	-	Pre Real Estate Listings の search.php における SQL インジェクションの脆弱性	CWE-89 SQLインジェクション	CVE-2008-4177	2012-12-20 18:52	2008-09-23	Show	GitHub Exploit DB Packet Storm

229584	7.5	危険	proarcadescript	-	ProArcadeScript における SQL インジェクションの脆弱性	CWE-89 SQLインジェクション	CVE-2008-4173	2012-12-20 18:52	2008-09-22	Show	GitHub Exploit DB Packet Storm

229585	7.5	危険	rfaah	-	Cars & Vehicle の page.php における SQL インジェクションの脆弱性	CWE-89 SQLインジェクション	CVE-2008-4172	2012-12-20 18:52	2008-09-22	Show	GitHub Exploit DB Packet Storm

229586	4.3	警告	pro2col	-	Pro2col Stingray FTS の verify_login.jsp におけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2008-4168	2012-12-20 18:52	2008-09-22	Show	GitHub Exploit DB Packet Storm

229587	7.5	危険	zanfi solutions	-	Zanfi CMS lite および Jaw Portal の index.php における SQL インジェクションの脆弱性	CWE-89 SQLインジェクション	CVE-2008-4159	2012-12-20 18:52	2008-09-22	Show	GitHub Exploit DB Packet Storm

229588	6.8	警告	zanfi solutions	-	Zanfi CMS lite の index.php におけるディレクトリトラバーサルの脆弱性	CWE-22 パス・トラバーサル	CVE-2008-4158	2012-12-20 18:52	2008-09-22	Show	GitHub Exploit DB Packet Storm

229589	7.5	危険	Vastal I-Tech & Co.	-	Vastal I-Tech phpVID の groups.php における SQL インジェクションの脆弱性	CWE-89 SQLインジェクション	CVE-2008-4157	2012-12-20 18:52	2008-09-22	Show	GitHub Exploit DB Packet Storm

229590	7.5	危険	razorecommerce	-	RazorCommerce Shopping Cart の category_search.php における SQL インジェクションの脆弱性	CWE-89 SQLインジェクション	CVE-2008-4143	2012-12-20 18:52	2008-09-24	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:May 27, 2026, 4:52 a.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
214861	9.1	CRITICAL Network	it-novum	openitcockpit	openITCOCKPIT before 3.7.3 uses the 1fea123e07f730f76e661bced33a94152378611e API key rather than generating a random API Key for WebSocket connections.	CWE-798 Use of Hard-coded Credentials	CVE-2020-10788	2024-11-21 13:56	2020-03-26	Show	GitHub Exploit DB Packet Storm

214862	6.5	MEDIUM Network	it-novum	openitcockpit	app/Plugin/GrafanaModule/Controller/GrafanaConfigurationController.php in openITCOCKPIT before 3.7.3 allows remote authenticated users to trigger outbound TCP requests (aka SSRF) via the Test Connect…	CWE-918 Server-Side Request Forgery (SSRF)	CVE-2020-10791	2024-11-21 13:56	2020-03-25	Show	GitHub Exploit DB Packet Storm

214863	5.4	MEDIUM Network	it-novum	openitcockpit	openITCOCKPIT before 3.7.3 has unnecessary files (such as Lodash files) under the web root, which leads to XSS.	CWE-79 Cross-site Scripting	CVE-2020-10790	2024-11-21 13:56	2020-03-25	Show	GitHub Exploit DB Packet Storm

214864	9.8	CRITICAL Network	it-novum	openitcockpit	openITCOCKPIT before 3.7.3 has a web-based terminal that allows attackers to execute arbitrary OS commands via shell metacharacters that are mishandled on an su command line in app/Lib/SudoMessageInt…	CWE-78 OS Command	CVE-2020-10789	2024-11-21 13:56	2020-03-25	Show	GitHub Exploit DB Packet Storm

214865	5.3	MEDIUM Local	linux opensuse debian canonical	linux_kernel leap debian_linux ubuntu_linux	In the Linux kernel before 5.5.8, get_raw_socket in drivers/vhost/net.c lacks validation of an sk_family field, which might allow attackers to trigger kernel stack corruption via crafted system calls.	CWE-787 Out-of-bounds Write	CVE-2020-10942	2024-11-21 13:56	2020-03-25	Show	GitHub Exploit DB Packet Storm

214866	5.9	MEDIUM Network	arm fedoraproject debian	mbed_crypto mbed_tls fedora debian_linux	Arm Mbed TLS before 2.16.5 allows attackers to obtain sensitive information (an RSA private key) by measuring cache usage during an import.	NVD-CWE-noinfo	CVE-2020-10941	2024-11-21 13:56	2020-03-25	Show	GitHub Exploit DB Packet Storm

214867	4.6	MEDIUM Physics	google	android	An issue was discovered on Samsung mobile devices with P(9.0) software. Attackers can bypass Factory Reset Protection (FRP) via AppTray. The Samsung ID is SVE-2019-16192 (January 2020).	NVD-CWE-noinfo	CVE-2020-10855	2024-11-21 13:56	2020-03-25	Show	GitHub Exploit DB Packet Storm

214868	7.5	HIGH Network	google	android	An issue was discovered on Samsung mobile devices with O(8.x), P(9.0), and Q(10.0) software. Kernel stack addresses are leaked to userspace. The Samsung ID is SVE-2019-16161 (January 2020).	NVD-CWE-noinfo	CVE-2020-10854	2024-11-21 13:56	2020-03-25	Show	GitHub Exploit DB Packet Storm

214869	5.3	MEDIUM Network	google	android	An issue was discovered on Samsung mobile devices with P(9.0) software. Gallery leaks cached data. The Samsung IDs are SVE-2019-16010, SVE-2019-16011, SVE-2019-16012 (January 2020).	NVD-CWE-noinfo	CVE-2020-10853	2024-11-21 13:56	2020-03-25	Show	GitHub Exploit DB Packet Storm

214870	7.8	HIGH Local	google	android	An issue was discovered on Samsung mobile devices with O(8.x), P(9.0), and Q(10.0) software. There is a stack overflow in display driver. The Samsung ID is SVE-2019-15877 (January 2020).	CWE-787 Out-of-bounds Write	CVE-2020-10852	2024-11-21 13:56	2020-03-25	Show	GitHub Exploit DB Packet Storm