Vulnerability Search Top

Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

Vulnerability Information Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":June 1, 2026, 6 p.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
230281	4.3	警告	realm project	-	Realm CMS の _db/compact.asp におけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2008-2680	2012-12-20 18:52	2008-06-12	Show	GitHub Exploit DB Packet Storm

230282	7.5	危険	realm project	-	Realm CMS の _includes/inc_routines.asp における SQL インジェクションの脆弱性	CWE-89 SQLインジェクション	CVE-2008-2679	2012-12-20 18:52	2008-06-12	Show	GitHub Exploit DB Packet Storm

230283	7.5	危険	telephone	-	Telephone Directory 2008 における SQL インジェクションの脆弱性	CWE-89 SQLインジェクション	CVE-2008-2678	2012-12-20 18:52	2008-06-12	Show	GitHub Exploit DB Packet Storm

230284	4.3	警告	telephone	-	Telephone Directory 2008 の edit1.php におけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2008-2677	2012-12-20 18:52	2008-06-12	Show	GitHub Exploit DB Packet Storm

230285	4.3	警告	softcomplex	-	PHP Image Gallery の index.php におけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2008-2675	2012-12-20 18:52	2008-06-12	Show	GitHub Exploit DB Packet Storm

230286	7.5	危険	Powie	-	Powie pNews の index.php における SQL インジェクションの脆弱性	CWE-89 SQLインジェクション	CVE-2008-2673	2012-12-20 18:52	2008-06-12	Show	GitHub Exploit DB Packet Storm

230287	7.5	危険	y-blog	-	yBlog における SQL インジェクションの脆弱性	CWE-89 SQLインジェクション	CVE-2008-2669	2012-12-20 18:52	2008-06-11	Show	GitHub Exploit DB Packet Storm

230288	4.3	警告	y-blog	-	yBlog におけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2008-2668	2012-12-20 18:52	2008-06-11	Show	GitHub Exploit DB Packet Storm

230289	7.5	危険	smeweb	-	SMEWeb の catalog.php における SQL インジェクションの脆弱性	CWE-89 SQLインジェクション	CVE-2008-2652	2012-12-20 18:52	2008-06-10	Show	GitHub Exploit DB Packet Storm

230290	4.3	警告	smeweb	-	SMEWeb における任意の Web スクリプトまたは HTML を挿入される脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2008-2644	2012-12-20 18:52	2008-06-10	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:June 1, 2026, 4:12 a.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
214471	7.8	HIGH Local	zephyrproject	zephyr	Integer Overflow in memory allocating functions. Zephyr versions >= 1.14.2, >= 2.4.0 contain Integer Overflow or Wraparound (CWE-190). For more information, see https://github.com/zephyrproject-rtos/…	CWE-190 Integer Overflow or Wraparound	CVE-2020-13603	2024-11-21 14:01	2021-05-26	Show	GitHub Exploit DB Packet Storm

214472	5.5	MEDIUM Local	zephyrproject	zephyr	Remote Denial of Service in LwM2M do_write_op_tlv. Zephyr versions >= 1.14.2, >= 2.2.0 contain Improper Input Validation (CWE-20), Loop with Unreachable Exit Condition ('Infinite Loop') (CWE-835). Fo…	CWE-20 CWE-835 Improper Input Validation Loop with Unreachable Exit Condition ('Infinite Loop')	CVE-2020-13602	2024-11-21 14:01	2021-05-26	Show	GitHub Exploit DB Packet Storm

214473	9.8	CRITICAL Network	zephyrproject	zephyr	Possible read out of bounds in dns read. Zephyr versions >= 1.14.2, >= 2.3.0 contain Out-of-bounds Read (CWE-125). For more information, see https://github.com/zephyrproject-rtos/zephyr/security/advi…	CWE-125 Out-of-bounds Read	CVE-2020-13601	2024-11-21 14:01	2021-05-26	Show	GitHub Exploit DB Packet Storm

214474	7.6	HIGH Physics	zephyrproject	zephyr	Malformed SPI in response for eswifi can corrupt kernel memory. Zephyr versions >= 1.14.2, >= 2.3.0 contain Heap-based Buffer Overflow (CWE-122). For more information, see https://github.com/zephyrpr…	CWE-787 Out-of-bounds Write	CVE-2020-13600	2024-11-21 14:01	2021-05-26	Show	GitHub Exploit DB Packet Storm

214475	3.3	LOW Local	zephyrproject	zephyr	Security problem with settings and littlefs. Zephyr versions >= 1.14.2, >= 2.3.0 contain Incorrect Default Permissions (CWE-276). For more information, see https://github.com/zephyrproject-rtos/zephy…	CWE-276 Incorrect Default Permissions	CVE-2020-13599	2024-11-21 14:01	2021-05-26	Show	GitHub Exploit DB Packet Storm

214476	7.8	HIGH Local	zephyrproject	zephyr	FS: Buffer Overflow when enabling Long File Names in FAT_FS and calling fs_stat. Zephyr versions >= v1.14.2, >= v2.3.0 contain Stack-based Buffer Overflow (CWE-121). For more information, see https:/…	CWE-787 Out-of-bounds Write	CVE-2020-13598	2024-11-21 14:01	2021-05-26	Show	GitHub Exploit DB Packet Storm

214477	5.3	MEDIUM Network	drupal	drupal	Access bypass vulnerability in of Drupal Core Workspaces allows an attacker to access data without correct permissions. The Workspaces module doesn't sufficiently check access permissions when switch…	CWE-276 Incorrect Default Permissions	CVE-2020-13667	2024-11-21 14:01	2021-05-18	Show	GitHub Exploit DB Packet Storm

214478	6.1	MEDIUM Adjacent	systemd_project fedoraproject netapp	systemd fedora cloud_backup active_iq_unified_manager	An exploitable denial-of-service vulnerability exists in Systemd 245. A specially crafted DHCP FORCERENEW packet can cause a server running the DHCP client to be vulnerable to a DHCP ACK spoofing att…	CWE-290 Authentication Bypass by Spoofing	CVE-2020-13529	2024-11-21 14:01	2021-05-11	Show	GitHub Exploit DB Packet Storm

214479	9.8	CRITICAL Network	drupal	drupal	Access bypass vulnerability in Drupal Core allows JSON:API when JSON:API is in read/write mode. Only sites that have the read_only set to FALSE under jsonapi.settings config are vulnerable. This issu…	NVD-CWE-noinfo	CVE-2020-13665	2024-11-21 14:01	2021-05-6	Show	GitHub Exploit DB Packet Storm

214480	6.1	MEDIUM Network	drupal	drupal	Open Redirect vulnerability in Drupal Core allows a user to be tricked into visiting a specially crafted link which would redirect them to an arbitrary external URL. This issue affects: Drupal Drupal…	CWE-601 Open Redirect	CVE-2020-13662	2024-11-21 14:01	2021-05-6	Show	GitHub Exploit DB Packet Storm