Vulnerability Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":May 30, 2026, 6 p.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
230221	7.5	危険	PreProject.com	-	E-SMART CART の productsofcat.asp における SQL インジェクションの脆弱性	CWE-89 SQLインジェクション	CVE-2008-2917	2012-12-20 18:52	2008-06-30	Show	GitHub Exploit DB Packet Storm

230222	6.8	警告	PreProject.com	-	Pre ADS Portal における SQL インジェクションの脆弱性	CWE-89 SQLインジェクション	CVE-2008-2916	2012-12-20 18:52	2008-06-30	Show	GitHub Exploit DB Packet Storm

230223	7.5	危険	PreProject.com	-	Pre Job Board の jobseekers/JobSearch.php における SQL インジェクションの脆弱性	CWE-89 SQLインジェクション	CVE-2008-2915	2012-12-20 18:52	2008-06-30	Show	GitHub Exploit DB Packet Storm

230224	7.5	危険	PreProject.com	-	PHP JOBWEBSITE PRO の jobseekers/JobSearch3.php における SQL インジェクションの脆弱性	CWE-89 SQLインジェクション	CVE-2008-2914	2012-12-20 18:52	2008-06-30	Show	GitHub Exploit DB Packet Storm

230225	6.8	警告	webchamado	-	WebChamado の admin/index.php における SQL インジェクションの脆弱性	CWE-89 SQLインジェクション	CVE-2008-2907	2012-12-20 18:52	2008-06-30	Show	GitHub Exploit DB Packet Storm

230226	6.8	警告	webchamado	-	WebChamado の lista_anexos.php における SQL インジェクションの脆弱性	CWE-89 SQLインジェクション	CVE-2008-2906	2012-12-20 18:52	2008-06-30	Show	GitHub Exploit DB Packet Storm

230227	7.5	危険	phpmycart	-	Conkurent PHPMyCart の shop.php における SQL インジェクションの脆弱性	CWE-89 SQLインジェクション	CVE-2008-2904	2012-12-20 18:52	2008-06-30	Show	GitHub Exploit DB Packet Storm

230228	7.5	危険	phpauction	-	PHPAuction の item.php における SQL インジェクションの脆弱性	CWE-89 SQLインジェクション	CVE-2008-2900	2012-12-20 18:52	2008-06-27	Show	GitHub Exploit DB Packet Storm

230229	6.8	警告	wise-ftp	-	AceBIT WISE-FTP の FTP クライアントにおけるディレクトリトラバーサルの脆弱性	CWE-22 パス・トラバーサル	CVE-2008-2889	2012-12-20 18:52	2008-06-27	Show	GitHub Exploit DB Packet Storm

230230	9.3	危険	rss aggregator	-	RSS-aggregator の display.php における PHP リモートファイルインクルージョンの脆弱性	CWE-94 コード・インジェクション	CVE-2008-2884	2012-12-20 18:52	2008-06-27	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:May 31, 2026, 4:16 a.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
224041	8.4	HIGH Network	cherokee-project	cherokee	An XSS issue was discovered in handler_server_info.c in Cherokee through 1.2.104. The requested URL is improperly displayed on the About page in the default configuration of the web server and its ad…	CWE-79 Cross-site Scripting	CVE-2019-20798	2024-11-21 13:39	2020-05-18	Show	GitHub Exploit DB Packet Storm

224042	7.5	HIGH Network	prboom-plus_project	prboom-plus	An issue was discovered in e6y prboom-plus 2.5.1.5. There is a buffer overflow in client and server code responsible for handling received UDP packets, as demonstrated by I_SendPacket or I_SendPacket…	CWE-787 Out-of-bounds Write	CVE-2019-20797	2024-11-21 13:39	2020-05-18	Show	GitHub Exploit DB Packet Storm

224043	4.4	MEDIUM Local	iproute2_project canonical	iproute2 ubuntu_linux	iproute2 before 5.1.0 has a use-after-free in get_netnsid_from_name in ip/ipnetns.c. NOTE: security relevance may be limited to certain uses of setuid that, although not a default, are sometimes a co…	CWE-416 Use After Free	CVE-2019-20795	2024-11-21 13:39	2020-05-10	Show	GitHub Exploit DB Packet Storm

224044	4.7	MEDIUM Local	linux	linux_kernel	An issue was discovered in the Linux kernel 4.18 through 5.6.11 when unprivileged user namespaces are allowed. A user can create their own PID namespace, and mount a FUSE filesystem. Upon interaction…	CWE-772 Missing Release of Resource after Effective Lifetime	CVE-2019-20794	2024-11-21 13:39	2020-05-10	Show	GitHub Exploit DB Packet Storm

224045	5.4	MEDIUM Network	servicenow	it_service_management	ServiceNow IT Service Management Kingston through Patch 14-1, London through Patch 7, and Madrid before patch 4 allow stored XSS via crafted sysparm_item_guid and sys_id parameters in an Incident Req…	CWE-79 Cross-site Scripting	CVE-2019-20768	2024-11-21 13:39	2020-05-6	Show	GitHub Exploit DB Packet Storm

224046	7.8	HIGH Local	lg	bridge	An issue was discovered in LG Bridge before April 2019 on Windows. DLL Hijacking can occur.	CWE-427 Uncontrolled Search Path Element	CVE-2019-20781	2024-11-21 13:39	2020-04-29	Show	GitHub Exploit DB Packet Storm

224047	6.8	MEDIUM Physics	opensc_project	opensc	OpenSC before 0.20.0 has a double free in coolkey_free_private_data because coolkey_add_object in libopensc/card-coolkey.c lacks a uniqueness check.	CWE-415 Double Free	CVE-2019-20792	2024-11-21 13:39	2020-04-29	Show	GitHub Exploit DB Packet Storm

224048	9.8	CRITICAL Network	google	openthread	OpenThread before 2019-12-13 has a stack-based buffer overflow in MeshCoP::Commissioner::GeneratePskc.	CWE-787 Out-of-bounds Write	CVE-2019-20791	2024-11-21 13:39	2020-04-29	Show	GitHub Exploit DB Packet Storm

224049	9.8	CRITICAL Network	trusteddomain pypolicyd-spf_project fedoraproject	opendmarc pypolicyd-spf fedora	OpenDMARC through 1.3.2 and 1.4.x, when used with pypolicyd-spf 2.0.2, allows attacks that bypass SPF and DMARC authentication in situations where the HELO field is inconsistent with the MAIL FROM fi…	CWE-290 Authentication Bypass by Spoofing	CVE-2019-20790	2024-11-21 13:39	2020-04-27	Show	GitHub Exploit DB Packet Storm

224050	4.8	MEDIUM Network	croogo	croogo	Croogo before 3.0.7 allows XSS via the title to admin/menus/menus or admin/taxonomy/vocabularies.	CWE-79 Cross-site Scripting	CVE-2019-20789	2024-11-21 13:39	2020-04-27	Show	GitHub Exploit DB Packet Storm

Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed