Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":June 3, 2026, 6:08 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
230061 10 危険 tguzip - TUGzip におけるスタックベースのバッファオーバーフローの脆弱性 CWE-119
バッファエラー 		CVE-2008-4779 2012-12-20 18:52 2008-10-29 Show GitHub Exploit DB Packet Storm
230062 4.3 警告 Wojtek Kaniewski - libgadu におけるサービス運用妨害 (DoS) の脆弱性 CWE-119
バッファエラー 		CVE-2008-4776 2012-12-20 18:52 2008-10-24 Show GitHub Exploit DB Packet Storm
230063 2.6 注意 The phpMyAdmin Project - phpMyAdmin の pmd_pdf.php におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2008-4775 2012-12-20 18:52 2008-10-28 Show GitHub Exploit DB Packet Storm
230064 4.3 警告 questwork - QuestCMS の main/main.php におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2008-4774 2012-12-20 18:52 2008-10-28 Show GitHub Exploit DB Packet Storm
230065 5 警告 questwork - QuestCMS の main/main.php におけるディレクトリトラバーサルの脆弱性 CWE-22
パス・トラバーサル 		CVE-2008-4773 2012-12-20 18:52 2008-10-28 Show GitHub Exploit DB Packet Storm
230066 7.5 危険 questwork - QuestCMS の main/main.php における SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2008-4772 2012-12-20 18:52 2008-10-28 Show GitHub Exploit DB Packet Storm
230067 9.3 危険 WordPress.org - WordPress の wp-includes/theme.php におけるディレクトリトラバーサルの脆弱性 CWE-22
パス・トラバーサル 		CVE-2008-4769 2012-12-20 18:52 2008-04-2 Show GitHub Exploit DB Packet Storm
230068 7.5 危険 tlm cms - TLM CMS における SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2008-4768 2012-12-20 18:52 2008-10-28 Show GitHub Exploit DB Packet Storm
230069 9 危険 PHPNUKE - PHP-Nuke の DownloadsPlus モジュールにおける任意のコードを実行される脆弱性 CWE-20
不適切な入力確認 		CVE-2008-4767 2012-12-20 18:52 2008-10-28 Show GitHub Exploit DB Packet Storm
230070 4.3 警告 wikidsystems - WiKID wClient-PHP の sample.php におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2008-4763 2012-12-20 18:52 2008-10-27 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:June 3, 2026, 4:18 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
201821 7.5 HIGH
Network 		u-root u-root This affects all versions of package github.com/u-root/u-root/pkg/cpio. It is vulnerable to leading, non-leading relative path traversal attacks and symlink based (relative and absolute) path travers… CWE-22
Path Traversal 		CVE-2020-7666 2024-11-21 14:37 2020-09-1 Show GitHub Exploit DB Packet Storm
201822 7.5 HIGH
Network 		u-root u-root This affects all versions of package github.com/u-root/u-root/pkg/uzip. It is vulnerable to both leading and non-leading relative path traversal attacks in zip file extraction. CWE-22
Path Traversal 		CVE-2020-7665 2024-11-21 14:37 2020-09-1 Show GitHub Exploit DB Packet Storm
201823 9.8 CRITICAL
Network 		gedi_project gedi All versions of package gedi are vulnerable to Prototype Pollution via the set function. CWE-1321
 Improperly Controlled Modification of Object Prototype Attributes ('Prototype Pollution') 		CVE-2020-7727 2024-11-21 14:37 2020-09-1 Show GitHub Exploit DB Packet Storm
201824 9.8 CRITICAL
Network 		safe-object2_project safe-object2 All versions of package safe-object2 are vulnerable to Prototype Pollution via the setter function. CWE-1321
 Improperly Controlled Modification of Object Prototype Attributes ('Prototype Pollution') 		CVE-2020-7726 2024-11-21 14:37 2020-09-1 Show GitHub Exploit DB Packet Storm
201825 9.8 CRITICAL
Network 		guidesmiths worksmith All versions of package worksmith are vulnerable to Prototype Pollution via the setValue function. CWE-1321
 Improperly Controlled Modification of Object Prototype Attributes ('Prototype Pollution') 		CVE-2020-7725 2024-11-21 14:37 2020-09-1 Show GitHub Exploit DB Packet Storm
201826 9.8 CRITICAL
Network 		tiny-conf_project tiny-conf All versions of package tiny-conf are vulnerable to Prototype Pollution via the set function. CWE-1321
 Improperly Controlled Modification of Object Prototype Attributes ('Prototype Pollution') 		CVE-2020-7724 2024-11-21 14:37 2020-09-1 Show GitHub Exploit DB Packet Storm
201827 9.8 CRITICAL
Network 		yola promisehelpers All versions of package promisehelpers are vulnerable to Prototype Pollution via the insert function. CWE-1321
 Improperly Controlled Modification of Object Prototype Attributes ('Prototype Pollution') 		CVE-2020-7723 2024-11-21 14:37 2020-09-1 Show GitHub Exploit DB Packet Storm
201828 9.8 CRITICAL
Network 		nodee-utils_project nodee-utils All versions of package nodee-utils are vulnerable to Prototype Pollution via the deepSet function. CWE-1321
 Improperly Controlled Modification of Object Prototype Attributes ('Prototype Pollution') 		CVE-2020-7722 2024-11-21 14:37 2020-09-1 Show GitHub Exploit DB Packet Storm
201829 9.8 CRITICAL
Network 		node-oojs_project node-oojs All versions of package node-oojs are vulnerable to Prototype Pollution via the setPath function. CWE-1321
 Improperly Controlled Modification of Object Prototype Attributes ('Prototype Pollution') 		CVE-2020-7721 2024-11-21 14:37 2020-09-1 Show GitHub Exploit DB Packet Storm
201830 7.3 HIGH
Network 		digitalbazaar forge The package node-forge before 0.10.0 is vulnerable to Prototype Pollution via the util.setPath function. Note: Version 0.10.0 is a breaking change removing the vulnerable functions. CWE-1321
 Improperly Controlled Modification of Object Prototype Attributes ('Prototype Pollution') 		CVE-2020-7720 2024-11-21 14:37 2020-09-1 Show GitHub Exploit DB Packet Storm