Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":May 27, 2026, 6 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
230301 7.5 危険 PHPNUKE - PHP-Nuke 用の Kose_Yazilari モジュールにおける SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2008-1053 2012-12-20 18:34 2008-02-27 Show GitHub Exploit DB Packet Storm
230302 6.8 警告 phpprofiles - phpProfiles の include/body_comm.inc.php における PHP リモートファイルインクルージョンの脆弱性 CWE-94
コード・インジェクション 		CVE-2008-1051 2012-12-20 18:34 2008-02-27 Show GitHub Exploit DB Packet Storm
230303 7.5 危険 softbiz - Softbiz Jokes & Funny Pics Script の index.php における SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2008-1050 2012-12-20 18:34 2008-02-27 Show GitHub Exploit DB Packet Storm
230304 10 危険 positive software - Parallels H-Sphere で使用される Parallels SiteStudio における脆弱性 CWE-noinfo
情報不足 		CVE-2008-1049 2012-12-20 18:34 2008-02-26 Show GitHub Exploit DB Packet Storm
230305 4.3 警告 Plume CMS - Plume CMS の manager/xmedia.php におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2008-1048 2012-12-20 18:34 2008-02-27 Show GitHub Exploit DB Packet Storm
230306 4.3 警告 Tiki Software Community Association - TikiWiki の tiki-edit_article.php におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2008-1047 2012-12-20 18:34 2008-02-23 Show GitHub Exploit DB Packet Storm
230307 6.8 警告 quinsonnas - Quinsonnas Mail Checker の footer.php における PHP リモートファイルインクルージョンの脆弱性 CWE-94
コード・インジェクション 		CVE-2008-1046 2012-12-20 18:34 2008-02-27 Show GitHub Exploit DB Packet Storm
230308 7.5 危険 porar - PORAR WEBBOARD の question.asp における SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2008-1039 2012-12-20 18:34 2008-02-27 Show GitHub Exploit DB Packet Storm
230309 5.8 警告 spyce - Spyce - PSP における重要な情報を取得される脆弱性 CWE-20
不適切な入力確認 		CVE-2008-0982 2012-12-20 18:34 2008-02-25 Show GitHub Exploit DB Packet Storm
230310 6.4 警告 spyce - Spyce - PSP の spyce/examples/redirect.spy におけるオープンリダイレクトの脆弱性 CWE-22
パス・トラバーサル 		CVE-2008-0981 2012-12-20 18:34 2008-02-25 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:May 28, 2026, 4:16 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
223481 6.1 MEDIUM
Network 		openidc
debian
fedoraproject
opensuse 		mod_auth_openidc
debian_linux
fedora
leap 		A flaw was found in mod_auth_openidc before version 2.4.1. An open redirect issue exists in URLs with a slash and backslash at the beginning. CWE-601
Open Redirect 		CVE-2019-20479 2024-11-21 13:38 2020-02-20 Show GitHub Exploit DB Packet Storm
223482 9.8 CRITICAL
Network 		ruamel.yaml_project ruamel.yaml In ruamel.yaml through 0.16.7, the load method allows remote code execution if the application calls this method with an untrusted argument. In other words, this issue affects developers who are unaw… NVD-CWE-noinfo
CVE-2019-20478 2024-11-21 13:38 2020-02-19 Show GitHub Exploit DB Packet Storm
223483 9.8 CRITICAL
Network 		pyyaml
fedoraproject 		pyyaml
fedora 		PyYAML 5.1 through 5.1.2 has insufficient restrictions on the load and load_all functions because of a class deserialization issue, e.g., Popen is a class in the subprocess module. NOTE: this issue e… CWE-502
 Deserialization of Untrusted Data 		CVE-2019-20477 2024-11-21 13:38 2020-02-19 Show GitHub Exploit DB Packet Storm
223484 4.3 MEDIUM
Network 		zohocorp manageengine_remote_access_plus An issue was discovered in Zoho ManageEngine Remote Access Plus 10.0.447. The service to test the mail-server configuration suffers from an authorization issue allowing a user with the Guest role (re… CWE-918
Server-Side Request Forgery (SSRF)  		CVE-2019-20474 2024-11-21 13:38 2020-02-18 Show GitHub Exploit DB Packet Storm
223485 7.8 HIGH
Local 		goverlan client_agent
reach_console
reach_server 		Goverlan Reach Console before 9.50, Goverlan Reach Server before 3.50, and Goverlan Client Agent before 9.20.50 have an Untrusted Search Path that leads to Command Injection and Local Privilege Escal… CWE-426
 Untrusted Search Path 		CVE-2019-20456 2024-11-21 13:38 2020-02-17 Show GitHub Exploit DB Packet Storm
223486 5.9 MEDIUM
Network 		globalpayments php_sdk Gateways/Gateway.php in Heartland & Global Payments PHP SDK before 2.0.0 does not enforce SSL certificate validations. CWE-295
Improper Certificate Validation  		CVE-2019-20455 2024-11-21 13:38 2020-02-15 Show GitHub Exploit DB Packet Storm
223487 7.5 HIGH
Network 		pcre
fedoraproject
splunk 		pcre2
fedora
universal_forwarder 		An out-of-bounds read was discovered in PCRE before 10.34 when the pattern \X is JIT compiled and used to match specially crafted subjects in non-UTF mode. Applications that use PCRE to parse untrust… CWE-125
Out-of-bounds Read 		CVE-2019-20454 2024-11-21 13:38 2020-02-14 Show GitHub Exploit DB Packet Storm
223488 4.7 MEDIUM
Network 		atlassian jira
jira_server
jira_data_center 		The Atlassian Application Links plugin is vulnerable to cross-site request forgery (CSRF). The following versions are affected: all versions prior to 5.4.21, from version 6.0.0 before version 6.0.12,… CWE-352
 Origin Validation Error 		CVE-2019-20100 2024-11-21 13:38 2020-02-12 Show GitHub Exploit DB Packet Storm
223489 4.3 MEDIUM
Network 		atlassian jira_server
jira_data_center 		The VerifyPopServerConnection!add.jspa component in Atlassian Jira Server and Data Center before version 8.7.0 is vulnerable to cross-site request forgery (CSRF). An attacker could exploit this by tr… CWE-352
 Origin Validation Error 		CVE-2019-20099 2024-11-21 13:38 2020-02-12 Show GitHub Exploit DB Packet Storm
223490 4.3 MEDIUM
Network 		atlassian jira_server
jira_data_center 		The VerifySmtpServerConnection!add.jspa component in Atlassian Jira Server and Data Center before version 8.7.0 is vulnerable to cross-site request forgery (CSRF). An attacker could exploit this by t… CWE-352
 Origin Validation Error 		CVE-2019-20098 2024-11-21 13:38 2020-02-12 Show GitHub Exploit DB Packet Storm