Vulnerability Search Top

Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

Vulnerability Information Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":June 4, 2026, 10 a.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
230281	7.5	危険	smartisoft	-	phpBazar の classified.php における SQL インジェクションの脆弱性	CWE-89 SQLインジェクション	CVE-2008-3767	2012-12-20 18:52	2008-08-22	Show	GitHub Exploit DB Packet Storm

230282	5	警告	realtime internet band rehearsal	-	Realtime Internet llcon におけるサービス運用妨害 (DoS) の脆弱性	CWE-20 不適切な入力確認	CVE-2008-3766	2012-12-20 18:52	2008-08-22	Show	GitHub Exploit DB Packet Storm

230283	7.5	危険	turnkey web tools	-	Turnkey PHP Live Helper の globalsoff.php における任意の PHP コードを実行される脆弱性	CWE-94 コード・インジェクション	CVE-2008-3764	2012-12-20 18:52	2008-08-21	Show	GitHub Exploit DB Packet Storm

230284	6.8	警告	turnkey web tools	-	Turnkey PHP Live Helper の libsecure.php における db config ファイルに関連する任意の変数を上書きされる脆弱性	CWE-20 不適切な入力確認	CVE-2008-3763	2012-12-20 18:52	2008-08-21	Show	GitHub Exploit DB Packet Storm

230285	7.5	危険	turnkey web tools	-	Turnkey PHP Live Helper の onlinestatus_html.php における SQL インジェクションの脆弱性	CWE-89 SQLインジェクション	CVE-2008-3762	2012-12-20 18:52	2008-08-21	Show	GitHub Exploit DB Packet Storm

230286	7.5	危険	YourFreeWorld.com	-	YourFreeWorld Forced Matrix Script の tr1.php における SQL インジェクションの脆弱性	CWE-89 SQLインジェクション	CVE-2008-3757	2012-12-20 18:52	2008-08-21	Show	GitHub Exploit DB Packet Storm

230287	7.5	危険	YourFreeWorld.com	-	YourFreeWorld Viral Marketing Script の tr.php における SQL インジェクションの脆弱性	CWE-89 SQLインジェクション	CVE-2008-3756	2012-12-20 18:52	2008-08-21	Show	GitHub Exploit DB Packet Storm

230288	7.5	危険	YourFreeWorld.com	-	YourFreeWorld Classifieds Script の view.php における SQL インジェクションの脆弱性	CWE-89 SQLインジェクション	CVE-2008-3755	2012-12-20 18:52	2008-08-21	Show	GitHub Exploit DB Packet Storm

230289	7.5	危険	YourFreeWorld.com	-	YourFreeWorld Stylish Text Ads Script の trl.php における SQL インジェクションの脆弱性	CWE-89 SQLインジェクション	CVE-2008-3754	2012-12-20 18:52	2008-08-21	Show	GitHub Exploit DB Packet Storm

230290	7.5	危険	YourFreeWorld.com	-	YourFreeWorld Programs Rating Script の details.php における SQL インジェクションの脆弱性	CWE-89 SQLインジェクション	CVE-2008-3753	2012-12-20 18:52	2008-08-21	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:June 4, 2026, 4:17 a.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
209091	4.3	MEDIUM Network	gitlab	gitlab	A potential DOS vulnerability was discovered in all versions of Gitlab starting from 13.4.x (>=13.4 to <13.4.7, >=13.5 to <13.5.5, and >=13.6 to <13.6.2). Using a specific query name for a project se…	CWE-404 Improper Resource Shutdown or Release	CVE-2020-26411	2024-11-21 14:19	2020-12-11	Show	GitHub Exploit DB Packet Storm

209092	5.3	MEDIUM Network	gitlab	gitlab	Information disclosure via GraphQL in GitLab CE/EE 13.1 and later exposes private group and project membership. This affects versions >=13.6 to <13.6.2, >=13.5 to <13.5.5, and >=13.1 to <13.4.7.	CWE-200 Information Exposure	CVE-2020-26417	2024-11-21 14:19	2020-12-11	Show	GitHub Exploit DB Packet Storm

209093	4.4	MEDIUM Local	gitlab	gitlab	Information disclosure in Advanced Search component of GitLab EE starting from 8.4 results in exposure of search terms via Rails logs. This affects versions >=8.4 to <13.4.7, >=13.5 to <13.5.5, and >…	CWE-532 Inclusion of Sensitive Information in Log Files	CVE-2020-26416	2024-11-21 14:19	2020-12-11	Show	GitHub Exploit DB Packet Storm

209094	4.3	MEDIUM Network	gitlab	gitlab	Information about the starred projects for private user profiles was exposed via the GraphQL API starting from 12.2 via the REST API. This affects GitLab >=12.2 to <13.4.7, >=13.5 to <13.5.5, and >=1…	CWE-200 CWE-862 Information Exposure Missing Authorization	CVE-2020-26415	2024-11-21 14:19	2020-12-11	Show	GitHub Exploit DB Packet Storm

209095	5.3	MEDIUM Network	gitlab	gitlab	An issue has been discovered in GitLab CE/EE affecting all versions starting from 13.4 before 13.6.2. Information disclosure via GraphQL results in user email being unexpectedly visible.	CWE-200 Information Exposure	CVE-2020-26413	2024-11-21 14:19	2020-12-11	Show	GitHub Exploit DB Packet Storm

209096	4.3	MEDIUM Network	gitlab	gitlab	Removed group members were able to use the To-Do functionality to retrieve updated information on confidential epics starting in GitLab EE 13.2 before 13.6.2.	NVD-CWE-noinfo	CVE-2020-26412	2024-11-21 14:19	2020-12-11	Show	GitHub Exploit DB Packet Storm

209097	5.3	MEDIUM Network	gitlab	gitlab	A limited information disclosure vulnerability exists in Gitlab CE/EE from >= 12.2 to <13.4.7, >=13.5 to <13.5.5, and >=13.6 to <13.6.2 that allows an attacker to view limited information in user's p…	CWE-862 Missing Authorization	CVE-2020-26408	2024-11-21 14:19	2020-12-11	Show	GitHub Exploit DB Packet Storm

209098	6.5	MEDIUM Network	gitlab	gitlab	A DOS vulnerability exists in Gitlab CE/EE >=10.3, <13.4.7,>=13.5, <13.5.5,>=13.6, <13.6.2 that allows an attacker to trigger uncontrolled resource by bypassing input validation in markdown fields.	CWE-20 CWE-400 Improper Input Validation Uncontrolled Resource Consumption	CVE-2020-26409	2024-11-21 14:19	2020-12-11	Show	GitHub Exploit DB Packet Storm

209099	3.3	LOW Local	google	tensorflow	In affected versions of TensorFlow running an LSTM/GRU model where the LSTM/GRU layer receives an input with zero-length results in a CHECK failure when using the CUDA backend. This can result in a q…	CWE-20 Improper Input Validation	CVE-2020-26270	2024-11-21 14:19	2020-12-11	Show	GitHub Exploit DB Packet Storm

209100	7.5	HIGH Network	google	tensorflow	In TensorFlow release candidate versions 2.4.0rc*, the general implementation for matching filesystem paths to globbing pattern is vulnerable to an access out of bounds of the array holding the direc…	CWE-125 Out-of-bounds Read	CVE-2020-26269	2024-11-21 14:19	2020-12-11	Show	GitHub Exploit DB Packet Storm