Vulnerability Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":May 27, 2026, 6 p.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
229941	7.5	危険	realm project	-	Realm CMS の _includes/inc_routines.asp における SQL インジェクションの脆弱性	CWE-89 SQLインジェクション	CVE-2008-2679	2012-12-20 18:52	2008-06-12	Show	GitHub Exploit DB Packet Storm

229942	7.5	危険	telephone	-	Telephone Directory 2008 における SQL インジェクションの脆弱性	CWE-89 SQLインジェクション	CVE-2008-2678	2012-12-20 18:52	2008-06-12	Show	GitHub Exploit DB Packet Storm

229943	4.3	警告	telephone	-	Telephone Directory 2008 の edit1.php におけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2008-2677	2012-12-20 18:52	2008-06-12	Show	GitHub Exploit DB Packet Storm

229944	4.3	警告	softcomplex	-	PHP Image Gallery の index.php におけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2008-2675	2012-12-20 18:52	2008-06-12	Show	GitHub Exploit DB Packet Storm

229945	7.5	危険	Powie	-	Powie pNews の index.php における SQL インジェクションの脆弱性	CWE-89 SQLインジェクション	CVE-2008-2673	2012-12-20 18:52	2008-06-12	Show	GitHub Exploit DB Packet Storm

229946	7.5	危険	y-blog	-	yBlog における SQL インジェクションの脆弱性	CWE-89 SQLインジェクション	CVE-2008-2669	2012-12-20 18:52	2008-06-11	Show	GitHub Exploit DB Packet Storm

229947	4.3	警告	y-blog	-	yBlog におけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2008-2668	2012-12-20 18:52	2008-06-11	Show	GitHub Exploit DB Packet Storm

229948	7.5	危険	smeweb	-	SMEWeb の catalog.php における SQL インジェクションの脆弱性	CWE-89 SQLインジェクション	CVE-2008-2652	2012-12-20 18:52	2008-06-10	Show	GitHub Exploit DB Packet Storm

229949	4.3	警告	smeweb	-	SMEWeb における任意の Web スクリプトまたは HTML を挿入される脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2008-2644	2012-12-20 18:52	2008-06-10	Show	GitHub Exploit DB Packet Storm

229950	7.5	危険	theflashblog	-	FlashBlog の php/leer_comentarios.php における SQL インジェクションの脆弱性	CWE-89 SQLインジェクション	CVE-2008-2572	2012-12-20 18:52	2008-06-6	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:May 27, 2026, 4:52 a.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
222281	6.5	MEDIUM Network	inspircd debian	inspircd debian_linux	An issue was discovered in InspIRCd 2 before 2.0.28 and 3 before 3.3.0. The mysql module contains a NULL pointer dereference when built against mariadb-connector-c 3.0.5 or newer. When combined with …	CWE-476 NULL Pointer Dereference	CVE-2019-20917	2024-11-21 13:39	2020-09-11	Show	GitHub Exploit DB Packet Storm

222282	7.5	HIGH Network	pypa opensuse debian oracle	pip leap debian_linux communications_cloud_native_core_policy communications_cloud_native_core_network_function_cloud_native_environment	The pip package before 19.2 for Python allows Directory Traversal when a URL is given in an install command, because a Content-Disposition header can have ../ in a filename, as demonstrated by overwr…	CWE-22 Path Traversal	CVE-2019-20916	2024-11-21 13:39	2020-09-5	Show	GitHub Exploit DB Packet Storm

222283	8.1	HIGH Network	gnu	libredwg	An issue was discovered in GNU LibreDWG through 0.9.3. Crafted input will lead to a heap-based buffer over-read in bit_write_TF in bits.c.	CWE-125 Out-of-bounds Read	CVE-2019-20915	2024-11-21 13:39	2020-07-17	Show	GitHub Exploit DB Packet Storm

222284	9.8	CRITICAL Network	gnu	libredwg	An issue was discovered in GNU LibreDWG through 0.9.3. There is a NULL pointer dereference in the function dwg_encode_common_entity_handle_data in common_entity_handle_data.spec.	CWE-476 NULL Pointer Dereference	CVE-2019-20914	2024-11-21 13:39	2020-07-17	Show	GitHub Exploit DB Packet Storm

222285	8.1	HIGH Network	gnu	libredwg	An issue was discovered in GNU LibreDWG through 0.9.3. Crafted input will lead to a heap-based buffer over-read in dwg_encode_entity in common_entity_data.spec.	CWE-125 Out-of-bounds Read	CVE-2019-20913	2024-11-21 13:39	2020-07-17	Show	GitHub Exploit DB Packet Storm

222286	8.8	HIGH Network	gnu	libredwg	An issue was discovered in GNU LibreDWG through 0.9.3. Crafted input will lead to a stack overflow in bits.c, possibly related to bit_read_TF.	CWE-787 Out-of-bounds Write	CVE-2019-20912	2024-11-21 13:39	2020-07-17	Show	GitHub Exploit DB Packet Storm

222287	6.5	MEDIUM Network	gnu	libredwg	An issue was discovered in GNU LibreDWG through 0.9.3. Crafted input will lead to denial of service in bit_calc_CRC in bits.c, related to a for loop.	CWE-835 Loop with Unreachable Exit Condition ('Infinite Loop')	CVE-2019-20911	2024-11-21 13:39	2020-07-17	Show	GitHub Exploit DB Packet Storm

222288	8.1	HIGH Network	gnu	libredwg	An issue was discovered in GNU LibreDWG through 0.9.3. Crafted input will lead to a heap-based buffer over-read in decode_R13_R2000 in decode.c, a different vulnerability than CVE-2019-20011.	CWE-125 Out-of-bounds Read	CVE-2019-20910	2024-11-21 13:39	2020-07-17	Show	GitHub Exploit DB Packet Storm

222289	7.5	HIGH Network	gnu	libredwg	An issue was discovered in GNU LibreDWG through 0.9.3. There is a NULL pointer dereference in the function dwg_encode_LWPOLYLINE in dwg.spec.	CWE-476 NULL Pointer Dereference	CVE-2019-20909	2024-11-21 13:39	2020-07-17	Show	GitHub Exploit DB Packet Storm

222290	6.7	MEDIUM Local	linux opensuse canonical	linux_kernel leap ubuntu_linux	An issue was discovered in drivers/firmware/efi/efi.c in the Linux kernel before 5.4. Incorrect access permissions for the efivar_ssdt ACPI variable could be used by attackers to bypass lockdown or s…	NVD-CWE-noinfo	CVE-2019-20908	2024-11-21 13:39	2020-07-16	Show	GitHub Exploit DB Packet Storm

Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed