Vulnerability Search Top

Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

Vulnerability Information Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":June 3, 2026, 6:08 p.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
230641	7.5	危険	zomp	-	Zomplog における管理アクセス権限を取得される脆弱性	CWE-264 認可・権限・アクセス制御	CVE-2008-2349	2012-12-20 18:52	2008-05-20	Show	GitHub Exploit DB Packet Storm

230642	10	危険	TYPO3 Association	-	TYPO3 用の air_filemanager エクステンションにおける任意の PHP コードされる脆弱性	CWE-94 コード・インジェクション	CVE-2008-2345	2012-12-20 18:52	2008-05-19	Show	GitHub Exploit DB Packet Storm

230643	4.3	警告	TYPO3 Association	-	TYPO3 用の air_filemanager エクステンションにおけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2008-2344	2012-12-20 18:52	2008-05-19	Show	GitHub Exploit DB Packet Storm

230644	7.5	危険	turnkey web tools	-	Turnkey Web Tools SunShop Shopping Cart の index.php における SQL インジェクションの脆弱性	CWE-89 SQLインジェクション	CVE-2008-2339	2012-12-20 18:52	2008-05-19	Show	GitHub Exploit DB Packet Storm

230645	4.3	警告	Vastal I-Tech & Co.	-	Vastal I-Tech phpVID の search_results.php におけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2008-2335	2012-12-20 18:52	2008-05-19	Show	GitHub Exploit DB Packet Storm

230646	7.5	危険	phpway	-	Kostenloses Linkmanagementscript における SQL インジェクションの脆弱性	CWE-89 SQLインジェクション	CVE-2008-2301	2012-12-20 18:52	2008-05-18	Show	GitHub Exploit DB Packet Storm

230647	7.5	危険	加藤和良	-	Web Slider の Admin.php における認証を回避される脆弱性	CWE-287 不適切な認証	CVE-2008-2298	2012-12-20 18:52	2008-05-18	Show	GitHub Exploit DB Packet Storm

230648	7.5	危険	roticv	-	Rantx の admin.php における認証を回避される脆弱性	CWE-264 認可・権限・アクセス制御	CVE-2008-2297	2012-12-20 18:52	2008-05-18	Show	GitHub Exploit DB Packet Storm

230649	7.5	危険	rgboard	-	Rgboard の include/bbs.lib.inc.php における PHP リモートファイルインクルージョンの脆弱性	CWE-94 コード・インジェクション	CVE-2008-2296	2012-12-20 18:52	2008-05-18	Show	GitHub Exploit DB Packet Storm

230650	4.3	警告	rgboard	-	Rgboard の rg_search.php におけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2008-2295	2012-12-20 18:52	2008-05-18	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:June 3, 2026, 4:18 a.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
201051	6.5	MEDIUM Network	microchip	syncserver_s100_firmware syncserver_s200_firmware syncserver_s250_firmware syncserver_s300_firmware syncserver_s350_firmware	Symmetricom SyncServer S100 2.90.70.3, S200 1.30, S250 1.25, S300 2.65.0, and S350 2.80.1 devices allow Directory Traversal via the FileName parameter to kernlog.php.	CWE-22 Path Traversal	CVE-2020-9032	2024-11-21 14:39	2020-02-17	Show	GitHub Exploit DB Packet Storm

201052	6.5	MEDIUM Network	microchip	syncserver_s100_firmware syncserver_s200_firmware syncserver_s250_firmware syncserver_s300_firmware syncserver_s350_firmware	Symmetricom SyncServer S100 2.90.70.3, S200 1.30, S250 1.25, S300 2.65.0, and S350 2.80.1 devices allow Directory Traversal via the FileName parameter to daemonlog.php.	CWE-22 Path Traversal	CVE-2020-9031	2024-11-21 14:39	2020-02-17	Show	GitHub Exploit DB Packet Storm

201053	6.5	MEDIUM Network	microchip	syncserver_s100_firmware syncserver_s200_firmware syncserver_s250_firmware syncserver_s300_firmware syncserver_s350_firmware	Symmetricom SyncServer S100 2.90.70.3, S200 1.30, S250 1.25, S300 2.65.0, and S350 2.80.1 devices allow Directory Traversal via the FileName parameter to the syslog.php.	CWE-22 Path Traversal	CVE-2020-9030	2024-11-21 14:39	2020-02-17	Show	GitHub Exploit DB Packet Storm

201054	6.5	MEDIUM Network	microchip	syncserver_s100_firmware syncserver_s200_firmware syncserver_s250_firmware syncserver_s300_firmware syncserver_s350_firmware	Symmetricom SyncServer S100 2.90.70.3, S200 1.30, S250 1.25, S300 2.65.0, and S350 2.80.1 devices allow Directory Traversal via the FileName parameter to messagelog.php.	CWE-22 Path Traversal	CVE-2020-9029	2024-11-21 14:39	2020-02-17	Show	GitHub Exploit DB Packet Storm

201055	6.1	MEDIUM Network	microchip	syncserver_s100_firmware syncserver_s200_firmware syncserver_s250_firmware syncserver_s300_firmware syncserver_s350_firmware	Symmetricom SyncServer S100 2.90.70.3, S200 1.30, S250 1.25, S300 2.65.0, and S350 2.80.1 devices allow stored XSS via the newUserName parameter on the "User Creation, Deletion and Password Maintenan…	CWE-79 Cross-site Scripting	CVE-2020-9028	2024-11-21 14:39	2020-02-17	Show	GitHub Exploit DB Packet Storm

201056	9.8	CRITICAL Network	eltex-co	ntp-2_firmware ntp-rg-1402g_firmware	ELTEX NTP-RG-1402G 1v10 3.25.3.32 devices allow OS command injection via the TRACE field of the resource ping.cmd. The NTP-2 device is also affected.	CWE-78 OS Command	CVE-2020-9027	2024-11-21 14:39	2020-02-17	Show	GitHub Exploit DB Packet Storm

201057	9.8	CRITICAL Network	eltex-co	ntp-2_firmware ntp-rg-1402g_firmware	ELTEX NTP-RG-1402G 1v10 3.25.3.32 devices allow OS command injection via the PING field of the resource ping.cmd. The NTP-2 device is also affected.	CWE-78 OS Command	CVE-2020-9026	2024-11-21 14:39	2020-02-17	Show	GitHub Exploit DB Packet Storm

201058	6.1	MEDIUM Network	iteris	vantage_velocity_firmware	Iteris Vantage Velocity Field Unit 2.4.2 devices have multiple stored XSS issues in all parameters of the Start Data Viewer feature of the /cgi-bin/loaddata.py script.	CWE-79 Cross-site Scripting	CVE-2020-9025	2024-11-21 14:39	2020-02-17	Show	GitHub Exploit DB Packet Storm

201059	9.8	CRITICAL Network	iteris	vantage_velocity_firmware	Iteris Vantage Velocity Field Unit 2.3.1 and 2.4.2 devices have world-writable permissions for the /root/cleardata.pl (executed as root by crond) and /root/loadperl.sh (executed as root at boot time)…	CWE-732 Incorrect Permission Assignment for Critical Resource	CVE-2020-9024	2024-11-21 14:39	2020-02-17	Show	GitHub Exploit DB Packet Storm

201060	9.8	CRITICAL Network	iteris	vantage_velocity_firmware	Iteris Vantage Velocity Field Unit 2.3.1 and 2.4.2 devices have two users that are not documented and are configured with weak passwords (User bluetooth, password bluetooth; User eclipse, password ec…	CWE-521 Weak Password Requirements	CVE-2020-9023	2024-11-21 14:39	2020-02-17	Show	GitHub Exploit DB Packet Storm