Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":May 28, 2026, 10 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
230341 3.6 注意 scribe - Scribe の index.php におけるディレクトリトラバーサルの脆弱性 CWE-22
パス・トラバーサル 		CVE-2008-0822 2012-12-20 18:34 2008-02-19 Show GitHub Exploit DB Packet Storm
230342 3.6 注意 plutostatus - PlutoStatus Locator の index.php におけるディレクトリトラバーサルの脆弱性 CWE-22
パス・トラバーサル 		CVE-2008-0819 2012-12-20 18:34 2008-02-19 Show GitHub Exploit DB Packet Storm
230343 6.4 警告 truc - TRUC の download.php におけるディレクトリトラバーサルの脆弱性 CWE-22
パス・トラバーサル 		CVE-2008-0814 2012-12-20 18:34 2008-02-18 Show GitHub Exploit DB Packet Storm
230344 5 警告 xpweb - XPWeb の Download.php におけるディレクトリトラバーサルの脆弱性 CWE-22
パス・トラバーサル 		CVE-2008-0813 2012-12-20 18:34 2008-02-18 Show GitHub Exploit DB Packet Storm
230345 9.3 危険 reality - PHPizabi の image.php における任意のコードを実行される脆弱性 CWE-264
認可・権限・アクセス制御 		CVE-2008-0805 2012-12-20 18:34 2008-02-18 Show GitHub Exploit DB Packet Storm
230346 6.8 警告 Thecus - Thecus N5200Pro NAS Server の usrgetform.html における PHP リモートファイルインクルージョンの脆弱性 CWE-94
コード・インジェクション 		CVE-2008-0804 2012-12-20 18:34 2008-02-18 Show GitHub Exploit DB Packet Storm
230347 7.5 危険 VWar - VWar の calendar.php における SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2008-0753 2012-12-20 18:34 2008-02-13 Show GitHub Exploit DB Packet Storm
230348 10 危険 ソニー・コンピュータエンタテインメント - Sony ImageStation 用の SonyISUpload.cab におけるバッファオーバーフローの脆弱性 CWE-119
バッファエラー 		CVE-2008-0748 2012-12-20 18:34 2008-02-13 Show GitHub Exploit DB Packet Storm
230349 7.5 危険 PreProject.com - PreProjects.com Pre Hotels & Resorts Management System の user_login.asp における SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2008-0744 2012-12-20 18:34 2008-02-12 Show GitHub Exploit DB Packet Storm
230350 7.5 危険 powerscripts - PowerScripts PowerNews におけるディレクトリトラバーサルの脆弱性 CWE-22
パス・トラバーサル 		CVE-2008-0742 2012-12-20 18:34 2008-02-12 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:May 28, 2026, 4:16 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
209511 6.5 MEDIUM
Network 		fusionpbx fusionpbx A Directory Traversal vulnerability exists in FusionPBX 4.5.7 allows malicoius users to rename any file of the system.via the (1) folder, (2) filename, and (3) newfilename variables in app\edit\filer… CWE-22
Path Traversal 		CVE-2020-21055 2024-11-21 14:12 2021-05-21 Show GitHub Exploit DB Packet Storm
209512 6.1 MEDIUM
Network 		fusionpbx fusionpbx Cross Site Scripting (XSS) vulnerability in FusionPBX 4.5.7 allows remote malicious users to inject arbitrary web script or HTML via an unsanitized "f" variable in app\vars\vars_textarea.php. CWE-79
Cross-site Scripting 		CVE-2020-21054 2024-11-21 14:12 2021-05-21 Show GitHub Exploit DB Packet Storm
209513 6.1 MEDIUM
Network 		fusionpbx fusionpbx Cross Site Scriptiong (XSS) vulnerability exists in FusionPBX 4.5.7 allows remote malicious users to inject arbitrary web script or HTML via an unsanitized "query_string" variable in app\devices\devi… CWE-79
Cross-site Scripting 		CVE-2020-21053 2024-11-21 14:12 2021-05-21 Show GitHub Exploit DB Packet Storm
209514 9.8 CRITICAL
Network 		pluck-cms pluck In Pluck-4.7.10-dev2 admin background, a remote command execution vulnerability exists when uploading files. CWE-77
Command Injection 		CVE-2020-20951 2024-11-21 14:12 2021-05-19 Show GitHub Exploit DB Packet Storm
209515 8.8 HIGH
Network 		gnu libredwg GNU LibreDWG 0.10 is affected by: memcpy-param-overlap. The impact is: execute arbitrary code (remote). The component is: read_2004_section_header ../../src/decode.c:2580. NVD-CWE-Other
CVE-2020-21844 2024-11-21 14:12 2021-05-18 Show GitHub Exploit DB Packet Storm
209516 8.8 HIGH
Network 		gnu libredwg A heap based buffer overflow vulnerability exits in GNU LibreDWG 0.10 via bit_read_RC ../../src/bits.c:318. CWE-787
 Out-of-bounds Write 		CVE-2020-21843 2024-11-21 14:12 2021-05-18 Show GitHub Exploit DB Packet Storm
209517 8.8 HIGH
Network 		gnu libredwg A heap based buffer overflow vulnerability exists in GNU LibreDWG 0.10 via read_2004_section_revhistory ../../src/decode.c:3051. CWE-787
 Out-of-bounds Write 		CVE-2020-21842 2024-11-21 14:12 2021-05-18 Show GitHub Exploit DB Packet Storm
209518 8.8 HIGH
Network 		gnu libredwg A heap based buffer overflow vulnerability exists in GNU LibreDWG 0.10 via read_2004_section_handles ../../src/decode.c:2637. CWE-787
 Out-of-bounds Write 		CVE-2020-21831 2024-11-21 14:12 2021-05-18 Show GitHub Exploit DB Packet Storm
209519 8.8 HIGH
Network 		gnu libredwg A heap based buffer overflow vulnerability exits in GNU LibreDWG 0.10 via bit_read_B ../../src/bits.c:135. CWE-787
 Out-of-bounds Write 		CVE-2020-21841 2024-11-21 14:12 2021-05-18 Show GitHub Exploit DB Packet Storm
209520 8.8 HIGH
Network 		gnu libredwg A heap based buffer overflow vulnerability exits in GNU LibreDWG 0.10 via bit_search_sentinel ../../src/bits.c:1985. CWE-787
 Out-of-bounds Write 		CVE-2020-21840 2024-11-21 14:12 2021-05-18 Show GitHub Exploit DB Packet Storm