Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":May 31, 2026, 6 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
229771 4.3 警告 questwork - QuestCMS の main/main.php におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2008-4774 2012-12-20 18:52 2008-10-28 Show GitHub Exploit DB Packet Storm
229772 5 警告 questwork - QuestCMS の main/main.php におけるディレクトリトラバーサルの脆弱性 CWE-22
パス・トラバーサル 		CVE-2008-4773 2012-12-20 18:52 2008-10-28 Show GitHub Exploit DB Packet Storm
229773 7.5 危険 questwork - QuestCMS の main/main.php における SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2008-4772 2012-12-20 18:52 2008-10-28 Show GitHub Exploit DB Packet Storm
229774 9.3 危険 WordPress.org - WordPress の wp-includes/theme.php におけるディレクトリトラバーサルの脆弱性 CWE-22
パス・トラバーサル 		CVE-2008-4769 2012-12-20 18:52 2008-04-2 Show GitHub Exploit DB Packet Storm
229775 7.5 危険 tlm cms - TLM CMS における SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2008-4768 2012-12-20 18:52 2008-10-28 Show GitHub Exploit DB Packet Storm
229776 9 危険 PHPNUKE - PHP-Nuke の DownloadsPlus モジュールにおける任意のコードを実行される脆弱性 CWE-20
不適切な入力確認 		CVE-2008-4767 2012-12-20 18:52 2008-10-28 Show GitHub Exploit DB Packet Storm
229777 4.3 警告 wikidsystems - WiKID wClient-PHP の sample.php におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2008-4763 2012-12-20 18:52 2008-10-27 Show GitHub Exploit DB Packet Storm
229778 5 警告 php-daily - PHP-Daily の download_file.php におけるディレクトリトラバーサルの脆弱性 CWE-22
パス・トラバーサル 		CVE-2008-4758 2012-12-20 18:52 2008-10-27 Show GitHub Exploit DB Packet Storm
229779 7.5 危険 php-daily - PHP-Daily における SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2008-4757 2012-12-20 18:52 2008-10-27 Show GitHub Exploit DB Packet Storm
229780 4.3 警告 php-daily - PHP-Daily の add_prest_date.php におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2008-4756 2012-12-20 18:52 2008-10-27 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:June 1, 2026, 4:12 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
208821 7.3 HIGH
Network 		sqreen php_microagent Lack of cryptographic signature verification in the Sqreen PHP agent daemon before 1.16.0 makes it easier for remote attackers to inject rules for execution inside the virtual machine. CWE-347
 Improper Verification of Cryptographic Signature 		CVE-2020-25490 2024-11-21 14:18 2020-09-18 Show GitHub Exploit DB Packet Storm
208822 9.8 CRITICAL
Network 		xmlquery_project xmlquery xmlquery before 1.3.1 lacks a check for whether a LoadURL response is in the XML format, which allows attackers to cause a denial of service (SIGSEGV) at xmlquery.(*Node).InnerText or possibly have u… CWE-119
CWE-20
Incorrect Access of Indexable Resource ('Range Error') 
 Improper Input Validation  		CVE-2020-25614 2024-11-21 14:18 2020-09-17 Show GitHub Exploit DB Packet Storm
208823 7.8 HIGH
Local 		gnuplot_project gnuplot gnuplot 5.5 is affected by double free when executing print_set_output. This may result in context-dependent arbitrary code execution. CWE-415
 Double Free 		CVE-2020-25559 2024-11-21 14:18 2020-09-16 Show GitHub Exploit DB Packet Storm
208824 9.8 CRITICAL
Network 		rand_project rand An issue was discovered in the rand_core crate before 0.4.2 for Rust. Casting of byte slices to integer slices mishandles alignment constraints. CWE-704
 Incorrect Type Conversion or Cast 		CVE-2020-25576 2024-11-21 14:18 2020-09-15 Show GitHub Exploit DB Packet Storm
208825 9.8 CRITICAL
Network 		failure_project failure An issue was discovered in the failure crate through 0.1.5 for Rust. It may introduce "compatibility hazards" in some applications, and has a type confusion flaw when downcasting. NOTE: This vulnerab… CWE-843
Type Confusion 		CVE-2020-25575 2024-11-21 14:18 2020-09-15 Show GitHub Exploit DB Packet Storm
208826 7.5 HIGH
Network 		hyper http An issue was discovered in the http crate before 0.1.20 for Rust. An integer overflow in HeaderMap::reserve() could result in denial of service (e.g., an infinite loop). CWE-190
CWE-835
 Integer Overflow or Wraparound
 Loop with Unreachable Exit Condition ('Infinite Loop') 		CVE-2020-25574 2024-11-21 14:18 2020-09-15 Show GitHub Exploit DB Packet Storm
208827 9.8 CRITICAL
Network 		linked-hash-map_project linked-hash-map An issue was discovered in the linked-hash-map crate before 0.5.3 for Rust. It creates an uninitialized NonNull pointer, which violates a non-null constraint. CWE-824
 Access of Uninitialized Pointer 		CVE-2020-25573 2024-11-21 14:18 2020-09-15 Show GitHub Exploit DB Packet Storm
208828 7.5 HIGH
Network 		thinkadmin thinkadmin ThinkAdmin v6 is affected by a directory traversal vulnerability. An unauthorized attacker can read arbitrarily file on a remote server via GET request encode parameter. CWE-22
Path Traversal 		CVE-2020-25540 2024-11-21 14:18 2020-09-14 Show GitHub Exploit DB Packet Storm
208829 7.5 HIGH
Network 		webank federated_ai_technology_enabler An issue was discovered in function sync_tree in hetero_decision_tree_guest.py in WeBank FATE (Federated AI Technology Enabler) 0.1 through 1.4.2 allows attackers to read sensitive information during… CWE-668
 Exposure of Resource to Wrong Sphere 		CVE-2020-25459 2024-11-21 14:17 2022-06-17 Show GitHub Exploit DB Packet Storm
208830 6.5 MEDIUM
Network 		osisoft pi_vision OSIsoft PI Vision 2020 versions prior to 3.5.0 could disclose information to a user with insufficient privileges for an AF attribute. - CVE-2020-25167 2024-11-21 14:17 2022-04-19 Show GitHub Exploit DB Packet Storm