Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":June 5, 2026, 6 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
230761 7.5 危険 YABSoft - YABSoft AIH Script の out.php における SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2008-2536 2012-12-20 18:52 2008-06-3 Show GitHub Exploit DB Packet Storm
230762 7.5 危険 quickupcms - Concepts & Solutions QuickUpCMS における SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2008-2530 2012-12-20 18:52 2008-06-3 Show GitHub Exploit DB Packet Storm
230763 4.3 警告 TYPO3 Association - TYPO3 用の WT Gallery エクステンションにおけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2008-2526 2012-12-20 18:52 2008-06-3 Show GitHub Exploit DB Packet Storm
230764 4.3 警告 TYPO3 Association - TYPO3 用の Event Database エクステンションにおけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2008-2525 2012-12-20 18:52 2008-06-3 Show GitHub Exploit DB Packet Storm
230765 7.5 危険 raknet - RakNet の Autopatcher サーバプラグインにおける SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2008-2523 2012-12-20 18:52 2008-06-3 Show GitHub Exploit DB Packet Storm
230766 6.5 警告 YABSoft - YABSoft Mega File Hosting Script の members.php における SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2008-2521 2012-12-20 18:52 2008-06-3 Show GitHub Exploit DB Packet Storm
230767 2.1 注意 sarab - SaraB の sarab.sh スクリプトにおける重要な情報を取得される脆弱性 CWE-200
情報漏えい 		CVE-2008-2517 2012-12-20 18:52 2008-06-3 Show GitHub Exploit DB Packet Storm
230768 5 警告 シマンテック - Symantec Backup Exec System Recovery Manager におけるディレクトリトラバーサルの脆弱性 CWE-22
パス・トラバーサル 		CVE-2008-2512 2012-12-20 18:52 2008-05-28 Show GitHub Exploit DB Packet Storm
230769 7.5 危険 WordPress.org - WordPress 用 Upload File プラグインにおける SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2008-2510 2012-12-20 18:52 2008-05-29 Show GitHub Exploit DB Packet Storm
230770 4.3 警告 tr script news - Tr Script News の news.php におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2008-2508 2012-12-20 18:52 2008-05-29 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:June 5, 2026, 4:11 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
201061 7.5 HIGH
Network 		sympa
fedoraproject
debian 		sympa
fedora
debian_linux 		Sympa 6.2.38 through 6.2.52 allows remote attackers to cause a denial of service (disk consumption from temporary files, and a flood of notifications to listmasters) via a series of requests with mal… CWE-400
 Uncontrolled Resource Consumption 		CVE-2020-9369 2024-11-21 14:40 2020-02-25 Show GitHub Exploit DB Packet Storm
201062 9.8 CRITICAL
Network 		gnu screen A buffer overflow was found in the way GNU Screen before 4.8.0 treated the special escape OSC 49. Specially crafted output, or a special program, could corrupt memory and crash Screen or possibly hav… CWE-787
 Out-of-bounds Write 		CVE-2020-9366 2024-11-21 14:40 2020-02-25 Show GitHub Exploit DB Packet Storm
201063 7.5 HIGH
Network 		pureftpd
fedoraproject 		pure-ftpd
fedora 		An issue was discovered in Pure-FTPd 1.0.49. An out-of-bounds (OOB) read has been detected in the pure_strcmp function in utils.c. CWE-125
Out-of-bounds Read 		CVE-2020-9365 2024-11-21 14:40 2020-02-25 Show GitHub Exploit DB Packet Storm
201064 7.8 HIGH
Local 		sophos cloud_optix
mobile
intercept_x_endpoint
intercept_x_for_server
secure_web_gateway
endpoint_protection 		The Sophos AV parsing engine before 2020-01-14 allows virus-detection bypass via a crafted ZIP archive. This affects Endpoint Protection, Cloud Optix, Mobile, Intercept X Endpoint, Intercept X for Se… CWE-436
 Interpretation Conflict 		CVE-2020-9363 2024-11-21 14:40 2020-02-25 Show GitHub Exploit DB Packet Storm
201065 7.8 HIGH
Local 		quickheal home_security
internet_security
total_security_multi-device
antivirus_pro
antivirus_for_server
total_security 		The Quick Heal AV parsing engine (November 2019) allows virus-detection bypass via a crafted GPFLAG in a ZIP archive. This affects Total Security, Home Security, Total Security Multi-Device, Internet… CWE-436
 Interpretation Conflict 		CVE-2020-9362 2024-11-21 14:40 2020-02-25 Show GitHub Exploit DB Packet Storm
201066 9.8 CRITICAL
Network 		networkmanager-ssh_project
debian 		networkmanager-ssh
debian_linux 		danfruehauf NetworkManager-ssh before 1.2.11 allows privilege escalation because extra options are mishandled. NVD-CWE-noinfo
CVE-2020-9355 2024-11-21 14:40 2020-02-23 Show GitHub Exploit DB Packet Storm
201067 7.5 HIGH
Network 		smartclient smartclient An issue was discovered in SmartClient 12.0. The Remote Procedure Call (RPC) saveFile provided by the console functionality on the /tools/developerConsoleOperations.jsp (or /isomorphic/IDACall) URL a… CWE-22
Path Traversal 		CVE-2020-9354 2024-11-21 14:40 2020-02-23 Show GitHub Exploit DB Packet Storm
201068 7.5 HIGH
Network 		smartclient smartclient An issue was discovered in SmartClient 12.0. The Remote Procedure Call (RPC) loadFile provided by the console functionality on the /tools/developerConsoleOperations.jsp (or /isomorphic/IDACall) URL i… CWE-22
Path Traversal 		CVE-2020-9353 2024-11-21 14:40 2020-02-23 Show GitHub Exploit DB Packet Storm
201069 9.8 CRITICAL
Network 		smartclient smartclient An issue was discovered in SmartClient 12.0. Unauthenticated exploitation of blind XXE can occur in the downloadWSDL feature by sending a POST request to /tools/developerConsoleOperations.jsp with a … CWE-611
XXE 		CVE-2020-9352 2024-11-21 14:40 2020-02-23 Show GitHub Exploit DB Packet Storm
201070 5.4 MEDIUM
Network 		sas visual_analytics Graph Builder in SAS Visual Analytics 8.5 allows XSS via a graph template that is accessed directly. CWE-79
Cross-site Scripting 		CVE-2020-9350 2024-11-21 14:40 2020-02-23 Show GitHub Exploit DB Packet Storm