Vulnerability Search Top

Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

Vulnerability Information Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":May 27, 2026, 6 p.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
229931	4.3	警告	TYPO3 Association	-	TYPO3 の fe_adminlib.inc におけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2008-2718	2012-12-20 18:52	2008-06-16	Show	GitHub Exploit DB Packet Storm

229932	9.3	危険	サン・マイクロシステムズ	-	Sun Java System AM における認証を回避される脆弱性	CWE-287 不適切な認証	CVE-2008-2705	2012-12-20 18:52	2008-06-11	Show	GitHub Exploit DB Packet Storm

229933	4.3	警告	web-album	-	WEBalbum の photo_add-c.php におけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2008-2698	2012-12-20 18:52	2008-06-13	Show	GitHub Exploit DB Packet Storm

229934	7.5	危険	phpinv	-	phpInv の entry.php におけるディレクトリトラバーサルの脆弱性	CWE-22 パス・トラバーサル	CVE-2008-2695	2012-12-20 18:52	2008-06-13	Show	GitHub Exploit DB Packet Storm

229935	4.3	警告	phpinv	-	phpInv の search.php におけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2008-2694	2012-12-20 18:52	2008-06-13	Show	GitHub Exploit DB Packet Storm

229936	7.5	危険	PilotCart	-	ASPilot Pilot Cart の pilot.asp における SQL インジェクションの脆弱性	CWE-89 SQLインジェクション	CVE-2008-2688	2012-12-20 18:52	2008-06-13	Show	GitHub Exploit DB Packet Storm

229937	7.5	危険	promanager	-	ProManager の inc/config.php におけるディレクトリトラバーサルの脆弱性	CWE-22 パス・トラバーサル	CVE-2008-2687	2012-12-20 18:52	2008-06-13	Show	GitHub Exploit DB Packet Storm

229938	7.5	危険	realm project	-	Realm CMS の _RealmAdmin/login.asp における認証を回避される脆弱性	CWE-264 認可・権限・アクセス制御	CVE-2008-2682	2012-12-20 18:52	2008-06-12	Show	GitHub Exploit DB Packet Storm

229939	5	警告	realm project	-	Realm CMS における重要な情報を取得される脆弱性	CWE-200 情報漏えい	CVE-2008-2681	2012-12-20 18:52	2008-06-12	Show	GitHub Exploit DB Packet Storm

229940	4.3	警告	realm project	-	Realm CMS の _db/compact.asp におけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2008-2680	2012-12-20 18:52	2008-06-12	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:May 27, 2026, 4:52 a.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
222281	6.5	MEDIUM Network	inspircd debian	inspircd debian_linux	An issue was discovered in InspIRCd 2 before 2.0.28 and 3 before 3.3.0. The mysql module contains a NULL pointer dereference when built against mariadb-connector-c 3.0.5 or newer. When combined with …	CWE-476 NULL Pointer Dereference	CVE-2019-20917	2024-11-21 13:39	2020-09-11	Show	GitHub Exploit DB Packet Storm

222282	7.5	HIGH Network	pypa opensuse debian oracle	pip leap debian_linux communications_cloud_native_core_policy communications_cloud_native_core_network_function_cloud_native_environment	The pip package before 19.2 for Python allows Directory Traversal when a URL is given in an install command, because a Content-Disposition header can have ../ in a filename, as demonstrated by overwr…	CWE-22 Path Traversal	CVE-2019-20916	2024-11-21 13:39	2020-09-5	Show	GitHub Exploit DB Packet Storm

222283	8.1	HIGH Network	gnu	libredwg	An issue was discovered in GNU LibreDWG through 0.9.3. Crafted input will lead to a heap-based buffer over-read in bit_write_TF in bits.c.	CWE-125 Out-of-bounds Read	CVE-2019-20915	2024-11-21 13:39	2020-07-17	Show	GitHub Exploit DB Packet Storm

222284	9.8	CRITICAL Network	gnu	libredwg	An issue was discovered in GNU LibreDWG through 0.9.3. There is a NULL pointer dereference in the function dwg_encode_common_entity_handle_data in common_entity_handle_data.spec.	CWE-476 NULL Pointer Dereference	CVE-2019-20914	2024-11-21 13:39	2020-07-17	Show	GitHub Exploit DB Packet Storm

222285	8.1	HIGH Network	gnu	libredwg	An issue was discovered in GNU LibreDWG through 0.9.3. Crafted input will lead to a heap-based buffer over-read in dwg_encode_entity in common_entity_data.spec.	CWE-125 Out-of-bounds Read	CVE-2019-20913	2024-11-21 13:39	2020-07-17	Show	GitHub Exploit DB Packet Storm

222286	8.8	HIGH Network	gnu	libredwg	An issue was discovered in GNU LibreDWG through 0.9.3. Crafted input will lead to a stack overflow in bits.c, possibly related to bit_read_TF.	CWE-787 Out-of-bounds Write	CVE-2019-20912	2024-11-21 13:39	2020-07-17	Show	GitHub Exploit DB Packet Storm

222287	6.5	MEDIUM Network	gnu	libredwg	An issue was discovered in GNU LibreDWG through 0.9.3. Crafted input will lead to denial of service in bit_calc_CRC in bits.c, related to a for loop.	CWE-835 Loop with Unreachable Exit Condition ('Infinite Loop')	CVE-2019-20911	2024-11-21 13:39	2020-07-17	Show	GitHub Exploit DB Packet Storm

222288	8.1	HIGH Network	gnu	libredwg	An issue was discovered in GNU LibreDWG through 0.9.3. Crafted input will lead to a heap-based buffer over-read in decode_R13_R2000 in decode.c, a different vulnerability than CVE-2019-20011.	CWE-125 Out-of-bounds Read	CVE-2019-20910	2024-11-21 13:39	2020-07-17	Show	GitHub Exploit DB Packet Storm

222289	7.5	HIGH Network	gnu	libredwg	An issue was discovered in GNU LibreDWG through 0.9.3. There is a NULL pointer dereference in the function dwg_encode_LWPOLYLINE in dwg.spec.	CWE-476 NULL Pointer Dereference	CVE-2019-20909	2024-11-21 13:39	2020-07-17	Show	GitHub Exploit DB Packet Storm

222290	6.7	MEDIUM Local	linux opensuse canonical	linux_kernel leap ubuntu_linux	An issue was discovered in drivers/firmware/efi/efi.c in the Linux kernel before 5.4. Incorrect access permissions for the efivar_ssdt ACPI variable could be used by attackers to bypass lockdown or s…	NVD-CWE-noinfo	CVE-2019-20908	2024-11-21 13:39	2020-07-16	Show	GitHub Exploit DB Packet Storm