Vulnerability Search Top

Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

Vulnerability Information Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":June 5, 2026, 6 p.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
230751	7.5	危険	y-blog	-	yBlog における SQL インジェクションの脆弱性	CWE-89 SQLインジェクション	CVE-2008-2669	2012-12-20 18:52	2008-06-11	Show	GitHub Exploit DB Packet Storm

230752	4.3	警告	y-blog	-	yBlog におけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2008-2668	2012-12-20 18:52	2008-06-11	Show	GitHub Exploit DB Packet Storm

230753	7.5	危険	smeweb	-	SMEWeb の catalog.php における SQL インジェクションの脆弱性	CWE-89 SQLインジェクション	CVE-2008-2652	2012-12-20 18:52	2008-06-10	Show	GitHub Exploit DB Packet Storm

230754	4.3	警告	smeweb	-	SMEWeb における任意の Web スクリプトまたは HTML を挿入される脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2008-2644	2012-12-20 18:52	2008-06-10	Show	GitHub Exploit DB Packet Storm

230755	7.5	危険	theflashblog	-	FlashBlog の php/leer_comentarios.php における SQL インジェクションの脆弱性	CWE-89 SQLインジェクション	CVE-2008-2572	2012-12-20 18:52	2008-06-6	Show	GitHub Exploit DB Packet Storm

230756	4.3	警告	samtodo	-	SamTodo の dsp_main.php などにおけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2008-2563	2012-12-20 18:52	2008-06-6	Show	GitHub Exploit DB Packet Storm

230757	6.5	警告	powerphlogger	-	PowerPhlogger の edCss.php における SQL インジェクションの脆弱性	CWE-89 SQLインジェクション	CVE-2008-2562	2012-12-20 18:52	2008-06-6	Show	GitHub Exploit DB Packet Storm

230758	4.3	警告	slashcode.com	-	Slash におけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2008-2553	2012-12-20 18:52	2008-06-5	Show	GitHub Exploit DB Packet Storm

230759	9.3	危険	Skype Technologies S.A.	-	Skype における警告ダイアログを回避される脆弱性	CWE-20 不適切な入力確認	CVE-2008-2545	2012-12-20 18:52	2008-06-6	Show	GitHub Exploit DB Packet Storm

230760	7.2	危険	サン・マイクロシステムズ	-	Sun Solaris 上の Sun Cluster における任意の削除されたファイルデータが読まれる脆弱性	CWE-264 認可・権限・アクセス制御	CVE-2008-2539	2012-12-20 18:52	2008-03-30	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:June 6, 2026, 4:18 a.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
209431	5.7	MEDIUM Adjacent	sooil	anydana-a_firmware anydana-i_firmware diabecare_rs_firmware	SOOIL Developments CoLtd DiabecareRS, AnyDana-i, AnyDana-A, The communication protocol of the insulin pump and AnyDana-i,AnyDana-A mobile apps doesn't use adequate measures to authenticate the pump b…	NVD-CWE-noinfo	CVE-2020-27272	2024-11-21 14:20	2021-01-20	Show	GitHub Exploit DB Packet Storm

209432	5.7	MEDIUM Adjacent	sooil	anydana-a_firmware anydana-i_firmware diabecare_rs_firmware	SOOIL Developments CoLtd DiabecareRS, AnyDana-i ,AnyDana-A, communication protocol of the insulin pump & AnyDana-i,AnyDana-A mobile apps doesnt use adequate measures to protect encryption keys in tra…	CWE-522 Insufficiently Protected Credentials	CVE-2020-27270	2024-11-21 14:20	2021-01-20	Show	GitHub Exploit DB Packet Storm

209433	6.1	MEDIUM Network	eclipse	hawkbit	In all version of Eclipse Hawkbit prior to 0.3.0M7, the HTTP 404 (Not Found) JSON response body returned by the REST API may contain unsafe characters within the path attribute. Sending a POST reques…	CWE-79 Cross-site Scripting	CVE-2020-27219	2024-11-21 14:20	2021-01-15	Show	GitHub Exploit DB Packet Storm

209434	5.4	MEDIUM Network	skyworth	gn542vf_firmware	Cross Site Scripting (XSS) in Configuration page in SKYWORTH GN542VF Hardware Version 2.0 and Software Version 2.0.0.16 allows authenticated attacker to inject their own script into the page via DDNS…	CWE-79 Cross-site Scripting	CVE-2020-26733	2024-11-21 14:20	2021-01-15	Show	GitHub Exploit DB Packet Storm

209435	7.5	HIGH Network	skyworth	gn542vf_boa_firmware	SKYWORTH GN542VF Hardware Version 2.0 and Software Version 2.0.0.16 does not set the Secure flag for the session cookie in an HTTPS session, which makes it easier for remote attackers to capture this…	CWE-311 Missing Encryption of Sensitive Data	CVE-2020-26732	2024-11-21 14:20	2021-01-15	Show	GitHub Exploit DB Packet Storm

209436	8.8	HIGH Network	eclipse	hono	The Eclipse Hono AMQP and MQTT protocol adapters do not check whether an authenticated gateway device is authorized to receive command & control messages when it has subscribed only to commands for a…	CWE-862 Missing Authorization	CVE-2020-27220	2024-11-21 14:20	2021-01-15	Show	GitHub Exploit DB Packet Storm

209437	9.1	CRITICAL Network	ptc ge rockwellautomation softwaretoolbox	opc-aggregator thingworx_industrial_connectivity thingworx_kepware_server kepware_kepserverex industrial_gateway_server kepserver_enterprise top_server	KEPServerEX v6.0 to v6.9, ThingWorx Kepware Server v6.8 and v6.9, ThingWorx Industrial Connectivity (all versions), OPC-Aggregator (all versions), Rockwell Automation KEPServer Enterprise, GE Digital…	CWE-787 Out-of-bounds Write	CVE-2020-27267	2024-11-21 14:20	2021-01-14	Show	GitHub Exploit DB Packet Storm

209438	9.8	CRITICAL Network	ptc ge rockwellautomation softwaretoolbox	opc-aggregator thingworx_industrial_connectivity thingworx_kepware_server kepware_kepserverex industrial_gateway_server kepserver_enterprise top_server	KEPServerEX: v6.0 to v6.9, ThingWorx Kepware Server: v6.8 and v6.9, ThingWorx Industrial Connectivity: All versions, OPC-Aggregator: All versions, Rockwell Automation KEPServer Enterprise, GE Digital…	CWE-787 Out-of-bounds Write	CVE-2020-27265	2024-11-21 14:20	2021-01-14	Show	GitHub Exploit DB Packet Storm

209439	9.1	CRITICAL Network	ptc ge rockwellautomation softwaretoolbox	opc-aggregator thingworx_industrial_connectivity thingworx_kepware_server kepware_kepserverex industrial_gateway_server kepserver_enterprise top_server	KEPServerEX: v6.0 to v6.9, ThingWorx Kepware Server: v6.8 and v6.9, ThingWorx Industrial Connectivity: All versions, OPC-Aggregator: All versions, Rockwell Automation KEPServer Enterprise, GE Digital…	CWE-787 Out-of-bounds Write	CVE-2020-27263	2024-11-21 14:20	2021-01-14	Show	GitHub Exploit DB Packet Storm

209440	8.8	HIGH Network	siemens	teamcenter_visualization jt2go	A vulnerability has been identified in JT2Go (All versions < V13.1.0), Teamcenter Visualization (All versions < V13.1.0). Affected applications lack proper validation of user-supplied data when parsi…	CWE-125 Out-of-bounds Read	CVE-2020-26996	2024-11-21 14:20	2021-01-13	Show	GitHub Exploit DB Packet Storm