Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":May 26, 2026, 10 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
230491 7.5 危険 phprisk - NetRisk の index.php における PHP リモートファイルインクルージョンの脆弱性 CWE-89
SQLインジェクション 		CVE-2008-0144 2012-12-20 18:34 2008-01-8 Show GitHub Exploit DB Packet Storm
230492 7.5 危険 spacial audio solutions - samPHPweb の common/db.php における PHP リモートファイルインクルージョンの脆弱性 CWE-94
コード・インジェクション 		CVE-2008-0143 2012-12-20 18:34 2008-01-8 Show GitHub Exploit DB Packet Storm
230493 9.3 危険 ZyXEL - ZyXEL P-330W ルータの Web 管理インターフェースにおけるクロスサイトリクエストフォージェリの脆弱性 CWE-352
同一生成元ポリシー違反 		CVE-2007-6730 2012-12-20 18:34 2009-09-10 Show GitHub Exploit DB Packet Storm
230494 4.3 警告 ZyXEL - ZyXEL P-330W ルータの Web 管理インターフェースにおけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2007-6729 2012-12-20 18:34 2009-09-10 Show GitHub Exploit DB Packet Storm
230495 6.8 警告 webportal - WebPortal CMS における SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2008-0142 2012-12-20 18:34 2008-01-8 Show GitHub Exploit DB Packet Storm
230496 7.5 危険 webportal - WebPortal CMS の actions.php における任意のアカウントへのアクセス権を取得される脆弱性 CWE-255
証明書・パスワード管理 		CVE-2008-0141 2012-12-20 18:34 2008-01-8 Show GitHub Exploit DB Packet Storm
230497 6.4 警告 uebimiau - Uebimiau Webmail の error.php におけるディレクトリトラバーサルの脆弱性 CWE-22
パス・トラバーサル 		CVE-2008-0140 2012-12-20 18:34 2008-01-8 Show GitHub Exploit DB Packet Storm
230498 7.5 危険 snetworks - SNETWORKS PHP CLASSIFIEDS の config.inc.php における PHP リモートファイルインクルージョンの脆弱性 CWE-89
SQLインジェクション 		CVE-2008-0137 2012-12-20 18:34 2008-01-8 Show GitHub Exploit DB Packet Storm
230499 5 警告 snitz forums 2000 - Snitz Forums 2000 における重要な情報を取得される脆弱性 CWE-200
情報漏えい 		CVE-2008-0136 2012-12-20 18:34 2008-01-8 Show GitHub Exploit DB Packet Storm
230500 5 警告 snitz forums 2000 - Snitz Forums 2000 におけるデータベースをダウンロードされる脆弱性 CWE-264
認可・権限・アクセス制御 		CVE-2008-0135 2012-12-20 18:34 2008-01-8 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:May 26, 2026, 4:05 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
214041 5.4 MEDIUM
Network 		ipear_project ipear In iPear, the manual execution of the eval() function can lead to command injection. Only PCs where commands are manually executed via "For Developers" are affected. This function allows executing an… CWE-77
Command Injection 		CVE-2020-11084 2024-11-21 13:56 2020-07-15 Show GitHub Exploit DB Packet Storm
214042 4.8 MEDIUM
Network 		octobercms october In October from version 1.0.319 and before version 1.0.466, a user with access to a markdown FormWidget that stores data persistently could create a stored XSS attack against themselves and any other… CWE-79
Cross-site Scripting 		CVE-2020-11083 2024-11-21 13:56 2020-07-15 Show GitHub Exploit DB Packet Storm
214043 6.1 MEDIUM
Network 		tenda ac15_firmware An XSS issue in the /goform/WifiBasicSet endpoint of Tenda AC15 AC1900 version 15.03.05.19 allows remote attackers to execute malicious payloads via the WifiName POST parameter. CWE-79
Cross-site Scripting 		CVE-2020-10989 2024-11-21 13:56 2020-07-14 Show GitHub Exploit DB Packet Storm
214044 9.8 CRITICAL
Network 		tenda ac15_firmware A hard-coded telnet credential in the tenda_login binary of Tenda AC15 AC1900 version 15.03.05.19 allows unauthenticated remote attackers to start a telnetd service on the device. CWE-798
 Use of Hard-coded Credentials 		CVE-2020-10988 2024-11-21 13:56 2020-07-14 Show GitHub Exploit DB Packet Storm
214045 9.8 CRITICAL
Network 		tenda ac15_firmware The goform/setUsbUnload endpoint of Tenda AC15 AC1900 version 15.03.05.19 allows remote attackers to execute arbitrary system commands via the deviceName POST parameter. CWE-78
OS Command  		CVE-2020-10987 2024-11-21 13:56 2020-07-14 Show GitHub Exploit DB Packet Storm
214046 6.5 MEDIUM
Network 		tenda ac15_firmware A CSRF issue in the /goform/SysToolReboot endpoint of Tenda AC15 AC1900 version 15.03.05.19 allows remote attackers to reboot the device and cause denial of service via a payload hosted by an attacke… CWE-352
 Origin Validation Error 		CVE-2020-10986 2024-11-21 13:56 2020-07-14 Show GitHub Exploit DB Packet Storm
214047 7.4 HIGH
Network 		bareos
debian 		bareos
debian_linux 		In Bareos Director less than or equal to 16.2.10, 17.2.9, 18.2.8, and 19.2.7, a heap overflow allows a malicious client to corrupt the director's memory via oversized digest strings sent during initi… - CVE-2020-11061 2024-11-21 13:56 2020-07-11 Show GitHub Exploit DB Packet Storm
214048 8.2 HIGH
Local 		linuxfoundation osquery osquery before version 4.4.0 enables a privilege escalation vulnerability. If a Window system is configured with a PATH that contains a user-writable directory then a local user may write a zlib1.dll… - CVE-2020-11081 2024-11-21 13:56 2020-07-11 Show GitHub Exploit DB Packet Storm
214049 6.5 MEDIUM
Local 		libslirp_project
redhat
canonical
debian
opensuse 		libslirp
enterprise_linux
openstack
ubuntu_linux
debian_linux
leap 		An out-of-bounds read vulnerability was found in the SLiRP networking implementation of the QEMU emulator. This flaw occurs in the icmp6_send_echoreply() routine while replying to an ICMP echo reques… CWE-125
Out-of-bounds Read 		CVE-2020-10756 2024-11-21 13:56 2020-07-10 Show GitHub Exploit DB Packet Storm
214050 6.5 MEDIUM
Network 		samba
canonical
opensuse
fedoraproject 		samba
ubuntu_linux
leap
fedora 		A use-after-free flaw was found in all samba LDAP server versions before 4.10.17, before 4.11.11, before 4.12.4 used in a AC DC configuration. A Samba LDAP user could use this flaw to crash samba. CWE-416
 Use After Free 		CVE-2020-10760 2024-11-21 13:56 2020-07-7 Show GitHub Exploit DB Packet Storm