Vulnerability Search Top

Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

Vulnerability Information Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":May 28, 2026, 4:09 p.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
229831	6.8	警告	source workshop	-	Web Directory Script の index.php における SQL インジェクションの脆弱性	CWE-89 SQLインジェクション	CVE-2008-4091	2012-12-20 18:52	2008-09-15	Show	GitHub Exploit DB Packet Storm

229832	7.5	危険	source workshop	-	Reciprocal Links Manager の index.php における SQL インジェクションの脆弱性	CWE-89 SQLインジェクション	CVE-2008-4086	2012-12-20 18:52	2008-09-15	Show	GitHub Exploit DB Packet Storm

229833	4.4	警告	stephenjungels	-	Plait の plaiter における任意のファイルを上書きされる脆弱性	CWE-59 リンク解釈の問題	CVE-2008-4085	2012-12-20 18:52	2008-09-15	Show	GitHub Exploit DB Packet Storm

229834	7.5	危険	stash	-	Stash の admin/login.php における認証を回避される脆弱性	CWE-287 不適切な認証	CVE-2008-4081	2012-12-20 18:52	2008-09-15	Show	GitHub Exploit DB Packet Storm

229835	6.8	警告	stash	-	Stash における SQL インジェクションの脆弱性	CWE-89 SQLインジェクション	CVE-2008-4080	2012-12-20 18:52	2008-09-15	Show	GitHub Exploit DB Packet Storm

229836	7.5	危険	zanfi solutions	-	Zanfi Autodealers CMS AutOnline の index.php における SQL インジェクションの脆弱性	CWE-89 SQLインジェクション	CVE-2008-4074	2012-12-20 18:52	2008-09-15	Show	GitHub Exploit DB Packet Storm

229837	7.5	危険	zanfi solutions	-	Zanfi Autodealers CMS AutOnline の index.php における SQL インジェクションの脆弱性	CWE-89 SQLインジェクション	CVE-2008-4073	2012-12-20 18:52	2008-09-15	Show	GitHub Exploit DB Packet Storm

229838	7.5	危険	phsdev	-	phsBlog の index.php における SQL インジェクションの脆弱性	CWE-89 SQLインジェクション	CVE-2008-4072	2012-12-20 18:52	2008-09-15	Show	GitHub Exploit DB Packet Storm

229839	7.5	危険	texmedia	-	Million Pixel Script の tops_top.php における SQL インジェクションの脆弱性	CWE-89 SQLインジェクション	CVE-2008-4055	2012-12-20 18:52	2008-09-11	Show	GitHub Exploit DB Packet Storm

229840	4.6	警告	トレンドマイクロ	-	Trend Micro NSC モジュールの Trend Micro Personal Firewall サービスにおけるアクセス制限を回避される脆弱性	CWE-287 不適切な認証	CVE-2008-3866	2012-12-20 18:52	2009-01-16	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:May 28, 2026, 4:16 a.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
214581	9.8	CRITICAL Network	advantech	webaccess	Advantech WebAccess Node, Version 8.4.4 and prior, Version 9.0.0. Multiple relative path traversal vulnerabilities exist that may allow a low privilege user to overwrite files outside the application…	CWE-22 Path Traversal	CVE-2020-12006	2024-11-21 13:59	2020-05-8	Show	GitHub Exploit DB Packet Storm

214582	9.8	CRITICAL Network	advantech	webaccess	Advantech WebAccess Node, Version 8.4.4 and prior, Version 9.0.0. Multiple stack-based buffer overflow vulnerabilities exist caused by a lack of proper validation of the length of user-supplied data,…	CWE-787 Out-of-bounds Write	CVE-2020-12002	2024-11-21 13:59	2020-05-8	Show	GitHub Exploit DB Packet Storm

214583	7.5	HIGH Network	zohocorp	manageengine_opmanager	Zoho ManageEngine OpManager Stable build before 124196 and Released build before 125125 allows an unauthenticated attacker to read arbitrary files on the server by sending a crafted request.	CWE-22 Path Traversal	CVE-2020-12116	2024-11-21 13:59	2020-05-8	Show	GitHub Exploit DB Packet Storm

214584	7.8	HIGH Local	solarwinds	managed_service_provider_patch_management_engine	An issue was discovered in SolarWinds MSP PME (Patch Management Engine) Cache Service before 1.1.15 in the Advanced Monitoring Agent. There are insecure file permissions for %PROGRAMDATA%\SolarWinds …	CWE-276 Incorrect Default Permissions	CVE-2020-12608	2024-11-21 13:59	2020-05-8	Show	GitHub Exploit DB Packet Storm

214585	5.3	MEDIUM Network	gitlab	gitlab	GitLab EE 12.8 and later allows Exposure of Sensitive Information to an Unauthorized Actor via NuGet.	CWE-22 Path Traversal	CVE-2020-12448	2024-11-21 13:59	2020-05-8	Show	GitHub Exploit DB Packet Storm

214586	6.5	MEDIUM Network	gnu debian fedoraproject opensuse canonical	mailman debian_linux fedora leap backports_sle ubuntu_linux	/options/mailman in GNU Mailman before 2.1.31 allows Arbitrary Content Injection.	CWE-74 Injection	CVE-2020-12108	2024-11-21 13:59	2020-05-7	Show	GitHub Exploit DB Packet Storm

214587	7.8	HIGH Local	avira	software_updater	An elevation of privilege vulnerability exists in Avira Software Updater before 2.0.6.27476 due to improperly handling file hard links. This allows local users to obtain take control of arbitrary fil…	NVD-CWE-noinfo	CVE-2020-12463	2024-11-21 13:59	2020-05-6	Show	GitHub Exploit DB Packet Storm

214588	5.3	MEDIUM Network	grin	grin	Grin before 3.1.0 allows attackers to adversely affect availability of data on a Mimblewimble blockchain.	CWE-404 Improper Resource Shutdown or Release	CVE-2020-12439	2024-11-21 13:59	2020-05-6	Show	GitHub Exploit DB Packet Storm

214589	4.9	MEDIUM Network	silver-peak	unity_edgeconnect_for_google_cloud_platform unity_edgeconnect_for_azure unity_edgeconnect_for_amazon_web_services unity_orchestrator vx-500_firmware vx-1000_firmware vx-2000_firmwar…	The certificate used to identify the Silver Peak Cloud Portal to EdgeConnect devices is not validated. This makes it possible for someone to establish a TLS connection from EdgeConnect to an untruste…	CWE-295 Improper Certificate Validation	CVE-2020-12144	2024-11-21 13:59	2020-05-6	Show	GitHub Exploit DB Packet Storm

214590	4.9	MEDIUM Network	silver-peak	unity_edgeconnect_for_google_cloud_platform unity_edgeconnect_for_azure unity_edgeconnect_for_amazon_web_services unity_orchestrator vx-500_firmware vx-1000_firmware vx-2000_firmwar…	The certificate used to identify Orchestrator to EdgeConnect devices is not validated, which makes it possible for someone to establish a TLS connection from EdgeConnect to an untrusted Orchestrator.	CWE-295 Improper Certificate Validation	CVE-2020-12143	2024-11-21 13:59	2020-05-6	Show	GitHub Exploit DB Packet Storm