Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":May 30, 2026, 6 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
229841 7.5 危険 portalapp - PortalApp の forums.asp における SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2008-4613 2012-12-20 18:52 2008-10-20 Show GitHub Exploit DB Packet Storm
229842 4.3 警告 portalapp - PortalApp におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2008-4612 2012-12-20 18:52 2008-10-20 Show GitHub Exploit DB Packet Storm
229843 6.5 警告 qualityunit - Post Affiliate Pro の index.php におけるディレクトリトラバーサルの脆弱性 CWE-22
パス・トラバーサル 		CVE-2008-4602 2012-12-20 18:52 2008-10-17 Show GitHub Exploit DB Packet Storm
229844 7.5 危険 steve dawson - PokerMax Poker League Tournament Script の configure.php における認証を回避される脆弱性 CWE-264
認可・権限・アクセス制御 		CVE-2008-4600 2012-12-20 18:52 2008-10-17 Show GitHub Exploit DB Packet Storm
229845 10 危険 slaytanic scripts - Slaytanic Scripts Content Plus における脆弱性 CWE-noinfo
情報不足 		CVE-2008-4595 2012-12-20 18:52 2008-10-17 Show GitHub Exploit DB Packet Storm
229846 10 危険 sportspanel - Sports Clubs Web Panel の index.php におけるディレクトリトラバーサルの脆弱性 CWE-22
パス・トラバーサル 		CVE-2008-4592 2012-12-20 18:52 2008-10-16 Show GitHub Exploit DB Packet Storm
229847 4.3 警告 phpwebgallery - PhpWebGallery の admin/include/isadmin.inc.php におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2008-4591 2012-12-20 18:52 2008-10-16 Show GitHub Exploit DB Packet Storm
229848 7.5 危険 stash - Stash における SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2008-4590 2012-12-20 18:52 2008-10-16 Show GitHub Exploit DB Packet Storm
229849 5 警告 Matthias Wandel - jhead の DoCommand 関数におけるバッファオーバーフローの脆弱性 CWE-119
バッファエラー 		CVE-2008-4575 2012-12-20 18:52 2008-10-15 Show GitHub Exploit DB Packet Storm
229850 7.5 危険 real-estate-scripts - Real Estate Classifieds の index.php における SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2008-4570 2012-12-20 18:52 2008-10-15 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:May 30, 2026, 4:16 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
208931 8.8 HIGH
Network 		clash_project clash In Dreamacro Clash for Windows v0.11.4, an attacker could embed a malicious iframe in a website with a crafted URL that would launch the Clash Windows client and force it to open a remote SMB share. … CWE-346
 Origin Validation Error 		CVE-2020-24772 2024-11-21 14:16 2022-03-22 Show GitHub Exploit DB Packet Storm
208932 9.8 CRITICAL
Network 		zohocorp manageengine_applications_manager An issue was found in /showReports.do Zoho ManageEngine Applications Manager up to 14550, allows attackers to gain escalated privileges via the resourceid parameter. NVD-CWE-noinfo
CVE-2020-24743 2024-11-21 14:16 2021-11-4 Show GitHub Exploit DB Packet Storm
208933 9.8 CRITICAL
Network 		sourcecodester complaint_management_system An SQL Injection vulnerability exists in Sourcecodester Complaint Management System 1.0 via the cid parameter in complaint-details.php. CWE-89
SQL Injection 		CVE-2020-24932 2024-11-21 14:16 2021-10-27 Show GitHub Exploit DB Packet Storm
208934 8.1 HIGH
Network 		wuzhicms wuzhicms Beijing Wuzhi Internet Technology Co., Ltd. Wuzhi CMS 4.0.1 is an open source content management system. The five fingers CMS backend in***.php file has arbitrary file deletion vulnerability. Attacke… NVD-CWE-noinfo
CVE-2020-24930 2024-11-21 14:16 2021-09-28 Show GitHub Exploit DB Packet Storm
208935 7.8 HIGH
Local 		qt qt An issue has been fixed in Qt versions 5.14.0 where QPluginLoader attempts to load plugins relative to the working directory, allowing attackers to execute arbitrary code via crafted files. NVD-CWE-noinfo
CVE-2020-24742 2024-11-21 14:16 2021-08-10 Show GitHub Exploit DB Packet Storm
208936 5.5 MEDIUM
Local 		libelfin_project libelfin A vulnerability in the dwarf::cursor::skip_form function of Libelfin v0.3 allows attackers to cause a denial of service (DOS) through a segmentation fault via a crafted ELF file. NVD-CWE-noinfo
CVE-2020-24827 2024-11-21 14:16 2021-08-5 Show GitHub Exploit DB Packet Storm
208937 5.5 MEDIUM
Local 		libelfin_project libelfin A vulnerability in the elf::section::as_strtab function of Libelfin v0.3 allows attackers to cause a denial of service (DOS) through a segmentation fault via a crafted ELF file. CWE-74
Injection 		CVE-2020-24826 2024-11-21 14:16 2021-08-5 Show GitHub Exploit DB Packet Storm
208938 5.5 MEDIUM
Local 		libelfin_project libelfin A vulnerability in the line_table::line_table function of Libelfin v0.3 allows attackers to cause a denial of service (DOS) through a segmentation fault via a crafted ELF file. CWE-74
Injection 		CVE-2020-24825 2024-11-21 14:16 2021-08-5 Show GitHub Exploit DB Packet Storm
208939 5.5 MEDIUM
Local 		libelfin_project libelfin A global buffer overflow issue in the dwarf::line_table::line_table function of Libelfin v0.3 allows attackers to cause a denial of service (DOS). CWE-120
Classic Buffer Overflow 		CVE-2020-24824 2024-11-21 14:16 2021-08-5 Show GitHub Exploit DB Packet Storm
208940 5.5 MEDIUM
Local 		libelfin_project libelfin A vulnerability in the dwarf::to_string function of Libelfin v0.3 allows attackers to cause a denial of service (DOS) through a segmentation fault via a crafted ELF file. CWE-74
Injection 		CVE-2020-24823 2024-11-21 14:16 2021-08-5 Show GitHub Exploit DB Packet Storm