Vulnerability Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":June 1, 2026, 6 p.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
230351	7.5	危険	zomp	-	Zomplog における管理アクセス権限を取得される脆弱性	CWE-264 認可・権限・アクセス制御	CVE-2008-2349	2012-12-20 18:52	2008-05-20	Show	GitHub Exploit DB Packet Storm

230352	10	危険	TYPO3 Association	-	TYPO3 用の air_filemanager エクステンションにおける任意の PHP コードされる脆弱性	CWE-94 コード・インジェクション	CVE-2008-2345	2012-12-20 18:52	2008-05-19	Show	GitHub Exploit DB Packet Storm

230353	4.3	警告	TYPO3 Association	-	TYPO3 用の air_filemanager エクステンションにおけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2008-2344	2012-12-20 18:52	2008-05-19	Show	GitHub Exploit DB Packet Storm

230354	7.5	危険	turnkey web tools	-	Turnkey Web Tools SunShop Shopping Cart の index.php における SQL インジェクションの脆弱性	CWE-89 SQLインジェクション	CVE-2008-2339	2012-12-20 18:52	2008-05-19	Show	GitHub Exploit DB Packet Storm

230355	4.3	警告	Vastal I-Tech & Co.	-	Vastal I-Tech phpVID の search_results.php におけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2008-2335	2012-12-20 18:52	2008-05-19	Show	GitHub Exploit DB Packet Storm

230356	7.5	危険	phpway	-	Kostenloses Linkmanagementscript における SQL インジェクションの脆弱性	CWE-89 SQLインジェクション	CVE-2008-2301	2012-12-20 18:52	2008-05-18	Show	GitHub Exploit DB Packet Storm

230357	7.5	危険	加藤和良	-	Web Slider の Admin.php における認証を回避される脆弱性	CWE-287 不適切な認証	CVE-2008-2298	2012-12-20 18:52	2008-05-18	Show	GitHub Exploit DB Packet Storm

230358	7.5	危険	roticv	-	Rantx の admin.php における認証を回避される脆弱性	CWE-264 認可・権限・アクセス制御	CVE-2008-2297	2012-12-20 18:52	2008-05-18	Show	GitHub Exploit DB Packet Storm

230359	7.5	危険	rgboard	-	Rgboard の include/bbs.lib.inc.php における PHP リモートファイルインクルージョンの脆弱性	CWE-94 コード・インジェクション	CVE-2008-2296	2012-12-20 18:52	2008-05-18	Show	GitHub Exploit DB Packet Storm

230360	4.3	警告	rgboard	-	Rgboard の rg_search.php におけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2008-2295	2012-12-20 18:52	2008-05-18	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:June 1, 2026, 4:12 a.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
209361	7.1	HIGH Local	advancemame	advancemame	Heap-based buffer over-read in function png_convert_4 in file pngex.cc in AdvanceMAME through 2.1.	CWE-125 Out-of-bounds Read	CVE-2020-23909	2024-11-21 14:14	2023-07-18	Show	GitHub Exploit DB Packet Storm

209362	9.8	CRITICAL Network	victor_cms_project	victor_cms	SQL Injection vulnerability in victor cms 1.0 allows attackers to execute arbitrary commands via the post parameter to /post.php in a crafted GET request.	CWE-89 SQL Injection	CVE-2020-23966	2024-11-21 14:14	2023-05-8	Show	GitHub Exploit DB Packet Storm

209363	7.8	HIGH Local	mremoteng	mremoteng	An issue in mRemoteNG v1.76.20 allows attackers to escalate privileges via a crafted executable file. NOTE: third parties were unable to reproduce any scenario in which the claimed access of BUILTIN\…	CWE-269 Improper Privilege Management	CVE-2020-24307	2024-11-21 14:14	2023-02-2	Show	GitHub Exploit DB Packet Storm

209364	6.1	MEDIUM Network	github_readme_stats_project	github_readme_stats	Github Read Me Stats commit 3c7220e4f7144f6cb068fd433c774f6db47ccb95 was discovered to contain a reflected cross-site scripting (XSS) vulnerability via the function renderError.	CWE-79 Cross-site Scripting	CVE-2020-23986	2024-11-21 14:14	2022-01-6	Show	GitHub Exploit DB Packet Storm

209365	5.5	MEDIUM Local	ffmpeg	ffmpeg	FFmpeg N-98388-g76a3ee996b allows attackers to cause a denial of service (DoS) via a crafted audio file due to insufficient verification of data authenticity.	CWE-345 Insufficient Verification of Data Authenticity	CVE-2020-23906	2024-11-21 14:14	2021-11-11	Show	GitHub Exploit DB Packet Storm

209366	5.5	MEDIUM Local	xiph	speex	A stack buffer overflow in speexenc.c of Speex v1.2 allows attackers to cause a denial of service (DoS) via a crafted WAV file. NOTE: the vendor states "I cannot reproduce it" and it "is a demo progr…	CWE-787 Out-of-bounds Write	CVE-2020-23904	2024-11-21 14:14	2021-11-11	Show	GitHub Exploit DB Packet Storm

209367	5.5	MEDIUM Local	xiph fedoraproject	speex fedora	A Divide by Zero vulnerability in the function static int read_samples of Speex v1.2 allows attackers to cause a denial of service (DoS) via a crafted WAV file.	CWE-369 Divide By Zero	CVE-2020-23903	2024-11-21 14:14	2021-11-11	Show	GitHub Exploit DB Packet Storm

209368	5.5	MEDIUM Local	wildbit-soft	wildbit_viewer	A buffer overflow in WildBit Viewer v6.6 allows attackers to cause a denial of service (DoS) via a crafted tga file. Related to Data from Faulting Address may be used as a return value starting at Ed…	CWE-120 Classic Buffer Overflow	CVE-2020-23902	2024-11-21 14:14	2021-11-11	Show	GitHub Exploit DB Packet Storm

209369	5.5	MEDIUM Local	wildbit-soft	wildbit_viewer	A User Mode Write AV in Editor+0x5d15 of WildBit Viewer v6.6 allows attackers to cause a denial of service (DoS) via a crafted tga file.	CWE-787 Out-of-bounds Write	CVE-2020-23901	2024-11-21 14:14	2021-11-11	Show	GitHub Exploit DB Packet Storm

209370	5.5	MEDIUM Local	wildbit-soft	wildbit_viewer	A buffer overflow in WildBit Viewer v6.6 allows attackers to cause a denial of service (DoS) via a crafted tga file. Related to Data from Faulting Address controls Code Flow starting at Editor!TMetho…	CWE-120 Classic Buffer Overflow	CVE-2020-23900	2024-11-21 14:14	2021-11-11	Show	GitHub Exploit DB Packet Storm

Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed