Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":May 31, 2026, 6 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
229811 7.5 危険 phpcounter - PHPcounter の index.php における SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2008-4675 2012-12-20 18:52 2008-10-22 Show GitHub Exploit DB Packet Storm
229812 10 危険 webbiscuits - WebBiscuits Software Events Calendar の panel/common/theme/default/header_setup.php における PHP リモートファイルインクルージョンの脆弱性 CWE-94
コード・インジェクション 		CVE-2008-4673 2012-12-20 18:52 2008-10-22 Show GitHub Exploit DB Packet Storm
229813 4.3 警告 WordPress.org - WPMU の wp-admin/wp-blogs.php におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2008-4671 2012-12-20 18:52 2008-10-22 Show GitHub Exploit DB Packet Storm
229814 9.3 危険 qvod - QVOD Player の QvodInsert.QvodCtrl.1 ActiveX コンポーネントにおけるヒープベースのバッファオーバーフローの脆弱性 CWE-119
バッファエラー 		CVE-2008-4664 2012-12-20 18:52 2008-10-21 Show GitHub Exploit DB Packet Storm
229815 4.3 警告 TYPO3 Association - TYPO3 用の Page Improvements エクステンションにおけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2008-4661 2012-12-20 18:52 2008-10-21 Show GitHub Exploit DB Packet Storm
229816 7.5 危険 TYPO3 Association - TYPO3 用の M1 Intern エクステンションにおける SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2008-4660 2012-12-20 18:52 2008-10-21 Show GitHub Exploit DB Packet Storm
229817 7.5 危険 TYPO3 Association - TYPO3 用の Mannschaftsliste エクステンションにおける SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2008-4659 2012-12-20 18:52 2008-10-21 Show GitHub Exploit DB Packet Storm
229818 7.5 危険 TYPO3 Association - TYPO3 用の JobControl エクステンションにおける SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2008-4658 2012-12-20 18:52 2008-10-21 Show GitHub Exploit DB Packet Storm
229819 7.5 危険 TYPO3 Association - TYPO3 用の Econda エクステンションにおける SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2008-4657 2012-12-20 18:52 2008-10-21 Show GitHub Exploit DB Packet Storm
229820 7.5 危険 TYPO3 Association - TYPO3 用の Frontend Users View エクステンションにおける SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2008-4656 2012-12-20 18:52 2008-10-21 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:June 1, 2026, 4:12 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
208821 7.3 HIGH
Network 		sqreen php_microagent Lack of cryptographic signature verification in the Sqreen PHP agent daemon before 1.16.0 makes it easier for remote attackers to inject rules for execution inside the virtual machine. CWE-347
 Improper Verification of Cryptographic Signature 		CVE-2020-25490 2024-11-21 14:18 2020-09-18 Show GitHub Exploit DB Packet Storm
208822 9.8 CRITICAL
Network 		xmlquery_project xmlquery xmlquery before 1.3.1 lacks a check for whether a LoadURL response is in the XML format, which allows attackers to cause a denial of service (SIGSEGV) at xmlquery.(*Node).InnerText or possibly have u… CWE-119
CWE-20
Incorrect Access of Indexable Resource ('Range Error') 
 Improper Input Validation  		CVE-2020-25614 2024-11-21 14:18 2020-09-17 Show GitHub Exploit DB Packet Storm
208823 7.8 HIGH
Local 		gnuplot_project gnuplot gnuplot 5.5 is affected by double free when executing print_set_output. This may result in context-dependent arbitrary code execution. CWE-415
 Double Free 		CVE-2020-25559 2024-11-21 14:18 2020-09-16 Show GitHub Exploit DB Packet Storm
208824 9.8 CRITICAL
Network 		rand_project rand An issue was discovered in the rand_core crate before 0.4.2 for Rust. Casting of byte slices to integer slices mishandles alignment constraints. CWE-704
 Incorrect Type Conversion or Cast 		CVE-2020-25576 2024-11-21 14:18 2020-09-15 Show GitHub Exploit DB Packet Storm
208825 9.8 CRITICAL
Network 		failure_project failure An issue was discovered in the failure crate through 0.1.5 for Rust. It may introduce "compatibility hazards" in some applications, and has a type confusion flaw when downcasting. NOTE: This vulnerab… CWE-843
Type Confusion 		CVE-2020-25575 2024-11-21 14:18 2020-09-15 Show GitHub Exploit DB Packet Storm
208826 7.5 HIGH
Network 		hyper http An issue was discovered in the http crate before 0.1.20 for Rust. An integer overflow in HeaderMap::reserve() could result in denial of service (e.g., an infinite loop). CWE-190
CWE-835
 Integer Overflow or Wraparound
 Loop with Unreachable Exit Condition ('Infinite Loop') 		CVE-2020-25574 2024-11-21 14:18 2020-09-15 Show GitHub Exploit DB Packet Storm
208827 9.8 CRITICAL
Network 		linked-hash-map_project linked-hash-map An issue was discovered in the linked-hash-map crate before 0.5.3 for Rust. It creates an uninitialized NonNull pointer, which violates a non-null constraint. CWE-824
 Access of Uninitialized Pointer 		CVE-2020-25573 2024-11-21 14:18 2020-09-15 Show GitHub Exploit DB Packet Storm
208828 7.5 HIGH
Network 		thinkadmin thinkadmin ThinkAdmin v6 is affected by a directory traversal vulnerability. An unauthorized attacker can read arbitrarily file on a remote server via GET request encode parameter. CWE-22
Path Traversal 		CVE-2020-25540 2024-11-21 14:18 2020-09-14 Show GitHub Exploit DB Packet Storm
208829 7.5 HIGH
Network 		webank federated_ai_technology_enabler An issue was discovered in function sync_tree in hetero_decision_tree_guest.py in WeBank FATE (Federated AI Technology Enabler) 0.1 through 1.4.2 allows attackers to read sensitive information during… CWE-668
 Exposure of Resource to Wrong Sphere 		CVE-2020-25459 2024-11-21 14:17 2022-06-17 Show GitHub Exploit DB Packet Storm
208830 6.5 MEDIUM
Network 		osisoft pi_vision OSIsoft PI Vision 2020 versions prior to 3.5.0 could disclose information to a user with insufficient privileges for an AF attribute. - CVE-2020-25167 2024-11-21 14:17 2022-04-19 Show GitHub Exploit DB Packet Storm