Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":May 23, 2026, 6 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
229701 7.5 危険 PreProject.com - E-SMART CART の productsofcat.asp における SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2008-2917 2012-12-20 18:52 2008-06-30 Show GitHub Exploit DB Packet Storm
229702 6.8 警告 PreProject.com - Pre ADS Portal における SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2008-2916 2012-12-20 18:52 2008-06-30 Show GitHub Exploit DB Packet Storm
229703 7.5 危険 PreProject.com - Pre Job Board の jobseekers/JobSearch.php における SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2008-2915 2012-12-20 18:52 2008-06-30 Show GitHub Exploit DB Packet Storm
229704 7.5 危険 PreProject.com - PHP JOBWEBSITE PRO の jobseekers/JobSearch3.php における SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2008-2914 2012-12-20 18:52 2008-06-30 Show GitHub Exploit DB Packet Storm
229705 6.8 警告 webchamado - WebChamado の admin/index.php における SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2008-2907 2012-12-20 18:52 2008-06-30 Show GitHub Exploit DB Packet Storm
229706 6.8 警告 webchamado - WebChamado の lista_anexos.php における SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2008-2906 2012-12-20 18:52 2008-06-30 Show GitHub Exploit DB Packet Storm
229707 7.5 危険 phpmycart - Conkurent PHPMyCart の shop.php における SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2008-2904 2012-12-20 18:52 2008-06-30 Show GitHub Exploit DB Packet Storm
229708 7.5 危険 phpauction - PHPAuction の item.php における SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2008-2900 2012-12-20 18:52 2008-06-27 Show GitHub Exploit DB Packet Storm
229709 6.8 警告 wise-ftp - AceBIT WISE-FTP の FTP クライアントにおけるディレクトリトラバーサルの脆弱性 CWE-22
パス・トラバーサル 		CVE-2008-2889 2012-12-20 18:52 2008-06-27 Show GitHub Exploit DB Packet Storm
229710 9.3 危険 rss aggregator - RSS-aggregator の display.php における PHP リモートファイルインクルージョンの脆弱性 CWE-94
コード・インジェクション 		CVE-2008-2884 2012-12-20 18:52 2008-06-27 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:May 23, 2026, 4:08 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
222241 6.8 MEDIUM
Physics 		okerthai g232v1_firmware OKER G232V1 v1.03.02.20161129 devices provide a root terminal on a UART serial interface without proper access control. This allows attackers with physical access to interrupt the boot sequence in or… CWE-78
OS Command  		CVE-2019-20348 2024-11-21 13:38 2020-01-7 Show GitHub Exploit DB Packet Storm
222242 9.8 CRITICAL
Network 		mojohaus exec_maven The MojoHaus Exec Maven plugin 1.1.1 for Maven allows code execution via a crafted XML document because a configuration element (within a plugin element) can specify an arbitrary program in an execut… CWE-94
Code Injection 		CVE-2019-20343 2024-11-21 13:38 2020-01-6 Show GitHub Exploit DB Packet Storm
222243 4.3 MEDIUM
Network 		pisignage pisignage The web application component of piSignage before 2.6.4 allows a remote attacker (authenticated as a low-privilege user) to download arbitrary files from the Raspberry Pi via api/settings/log?file=..… CWE-22
Path Traversal 		CVE-2019-20354 2024-11-21 13:38 2020-01-6 Show GitHub Exploit DB Packet Storm
222244 7.1 HIGH
Local 		nasm netwide_assembler In Netwide Assembler (NASM) 2.15rc0, a heap-based buffer over-read occurs (via a crafted .asm file) in set_text_free when called from expand_one_smacro in asm/preproc.c. CWE-125
Out-of-bounds Read 		CVE-2019-20352 2024-11-21 13:38 2020-01-6 Show GitHub Exploit DB Packet Storm
222245 8.8 HIGH
Network 		determine contract_lifecycle_management An issue was discovered in report_edit.jsp in Determine (formerly Selectica) Contract Lifecycle Management (CLM) v5.4. Any authenticated user may execute Groovy code when generating a report, resulti… CWE-94
Code Injection 		CVE-2019-20155 2024-11-21 13:38 2020-01-6 Show GitHub Exploit DB Packet Storm
222246 6.1 MEDIUM
Network 		determine contract_lifecycle_management An issue was discovered in Determine (formerly Selectica) Contract Lifecycle Management (CLM) v5.4. A cross-site scripting (XSS) vulnerability in multiple getchart.jsp parameters allows remote attack… CWE-79
Cross-site Scripting 		CVE-2019-20154 2024-11-21 13:38 2020-01-6 Show GitHub Exploit DB Packet Storm
222247 4.9 MEDIUM
Network 		determine contract_lifecycle_management An issue was discovered in Determine (formerly Selectica) Contract Lifecycle Management (CLM) in v5.4. An XML external entity (XXE) vulnerability in the upload definition feature in definition_upload… CWE-611
XXE 		CVE-2019-20153 2024-11-21 13:38 2020-01-6 Show GitHub Exploit DB Packet Storm
222248 4.3 MEDIUM
Network 		typesettercms typesetter The Typesetter CMS 5.1 logout functionality is affected by a CSRF vulnerability. The logout function of the admin panel is not protected by any CSRF tokens. An attacker can logout the user using this… CWE-352
 Origin Validation Error 		CVE-2019-20077 2024-11-21 13:38 2020-01-6 Show GitHub Exploit DB Packet Storm
222249 7.2 HIGH
Network 		advanced_real_estate_script_project advanced_real_estate_script In PHP Scripts Mall advanced-real-estate-script 4.0.9, the news_edit.php news_id parameter is vulnerable to SQL Injection. CWE-89
SQL Injection 		CVE-2019-20337 2024-11-21 13:38 2020-01-6 Show GitHub Exploit DB Packet Storm
222250 6.1 MEDIUM
Network 		advanced_real_estate_script_project advanced_real_estate_script In PHP Scripts Mall advanced-real-estate-script 4.0.9, the search-results.php searchtext parameter is vulnerable to XSS. CWE-79
Cross-site Scripting 		CVE-2019-20336 2024-11-21 13:38 2020-01-6 Show GitHub Exploit DB Packet Storm