Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":June 6, 2026, 10 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
230761 7.5 危険 YABSoft - YABSoft AIH Script の out.php における SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2008-2536 2012-12-20 18:52 2008-06-3 Show GitHub Exploit DB Packet Storm
230762 7.5 危険 quickupcms - Concepts & Solutions QuickUpCMS における SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2008-2530 2012-12-20 18:52 2008-06-3 Show GitHub Exploit DB Packet Storm
230763 4.3 警告 TYPO3 Association - TYPO3 用の WT Gallery エクステンションにおけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2008-2526 2012-12-20 18:52 2008-06-3 Show GitHub Exploit DB Packet Storm
230764 4.3 警告 TYPO3 Association - TYPO3 用の Event Database エクステンションにおけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2008-2525 2012-12-20 18:52 2008-06-3 Show GitHub Exploit DB Packet Storm
230765 7.5 危険 raknet - RakNet の Autopatcher サーバプラグインにおける SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2008-2523 2012-12-20 18:52 2008-06-3 Show GitHub Exploit DB Packet Storm
230766 6.5 警告 YABSoft - YABSoft Mega File Hosting Script の members.php における SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2008-2521 2012-12-20 18:52 2008-06-3 Show GitHub Exploit DB Packet Storm
230767 2.1 注意 sarab - SaraB の sarab.sh スクリプトにおける重要な情報を取得される脆弱性 CWE-200
情報漏えい 		CVE-2008-2517 2012-12-20 18:52 2008-06-3 Show GitHub Exploit DB Packet Storm
230768 5 警告 シマンテック - Symantec Backup Exec System Recovery Manager におけるディレクトリトラバーサルの脆弱性 CWE-22
パス・トラバーサル 		CVE-2008-2512 2012-12-20 18:52 2008-05-28 Show GitHub Exploit DB Packet Storm
230769 7.5 危険 WordPress.org - WordPress 用 Upload File プラグインにおける SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2008-2510 2012-12-20 18:52 2008-05-29 Show GitHub Exploit DB Packet Storm
230770 4.3 警告 tr script news - Tr Script News の news.php におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2008-2508 2012-12-20 18:52 2008-05-29 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:June 6, 2026, 4:18 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
209431 5.7 MEDIUM
Adjacent 		sooil anydana-a_firmware
anydana-i_firmware
diabecare_rs_firmware 		SOOIL Developments CoLtd DiabecareRS, AnyDana-i, AnyDana-A, The communication protocol of the insulin pump and AnyDana-i,AnyDana-A mobile apps doesn't use adequate measures to authenticate the pump b… NVD-CWE-noinfo
CVE-2020-27272 2024-11-21 14:20 2021-01-20 Show GitHub Exploit DB Packet Storm
209432 5.7 MEDIUM
Adjacent 		sooil anydana-a_firmware
anydana-i_firmware
diabecare_rs_firmware 		SOOIL Developments CoLtd DiabecareRS, AnyDana-i ,AnyDana-A, communication protocol of the insulin pump & AnyDana-i,AnyDana-A mobile apps doesnt use adequate measures to protect encryption keys in tra… CWE-522
 Insufficiently Protected Credentials 		CVE-2020-27270 2024-11-21 14:20 2021-01-20 Show GitHub Exploit DB Packet Storm
209433 6.1 MEDIUM
Network 		eclipse hawkbit In all version of Eclipse Hawkbit prior to 0.3.0M7, the HTTP 404 (Not Found) JSON response body returned by the REST API may contain unsafe characters within the path attribute. Sending a POST reques… CWE-79
Cross-site Scripting 		CVE-2020-27219 2024-11-21 14:20 2021-01-15 Show GitHub Exploit DB Packet Storm
209434 5.4 MEDIUM
Network 		skyworth gn542vf_firmware Cross Site Scripting (XSS) in Configuration page in SKYWORTH GN542VF Hardware Version 2.0 and Software Version 2.0.0.16 allows authenticated attacker to inject their own script into the page via DDNS… CWE-79
Cross-site Scripting 		CVE-2020-26733 2024-11-21 14:20 2021-01-15 Show GitHub Exploit DB Packet Storm
209435 7.5 HIGH
Network 		skyworth gn542vf_boa_firmware SKYWORTH GN542VF Hardware Version 2.0 and Software Version 2.0.0.16 does not set the Secure flag for the session cookie in an HTTPS session, which makes it easier for remote attackers to capture this… CWE-311
Missing Encryption of Sensitive Data 		CVE-2020-26732 2024-11-21 14:20 2021-01-15 Show GitHub Exploit DB Packet Storm
209436 8.8 HIGH
Network 		eclipse hono The Eclipse Hono AMQP and MQTT protocol adapters do not check whether an authenticated gateway device is authorized to receive command & control messages when it has subscribed only to commands for a… CWE-862
 Missing Authorization 		CVE-2020-27220 2024-11-21 14:20 2021-01-15 Show GitHub Exploit DB Packet Storm
209437 9.1 CRITICAL
Network 		ptc
ge
rockwellautomation
softwaretoolbox 		opc-aggregator
thingworx_industrial_connectivity
thingworx_kepware_server
kepware_kepserverex
industrial_gateway_server
kepserver_enterprise
top_server 		KEPServerEX v6.0 to v6.9, ThingWorx Kepware Server v6.8 and v6.9, ThingWorx Industrial Connectivity (all versions), OPC-Aggregator (all versions), Rockwell Automation KEPServer Enterprise, GE Digital… CWE-787
 Out-of-bounds Write 		CVE-2020-27267 2024-11-21 14:20 2021-01-14 Show GitHub Exploit DB Packet Storm
209438 9.8 CRITICAL
Network 		ptc
ge
rockwellautomation
softwaretoolbox 		opc-aggregator
thingworx_industrial_connectivity
thingworx_kepware_server
kepware_kepserverex
industrial_gateway_server
kepserver_enterprise
top_server 		KEPServerEX: v6.0 to v6.9, ThingWorx Kepware Server: v6.8 and v6.9, ThingWorx Industrial Connectivity: All versions, OPC-Aggregator: All versions, Rockwell Automation KEPServer Enterprise, GE Digital… CWE-787
 Out-of-bounds Write 		CVE-2020-27265 2024-11-21 14:20 2021-01-14 Show GitHub Exploit DB Packet Storm
209439 9.1 CRITICAL
Network 		ptc
ge
rockwellautomation
softwaretoolbox 		opc-aggregator
thingworx_industrial_connectivity
thingworx_kepware_server
kepware_kepserverex
industrial_gateway_server
kepserver_enterprise
top_server 		KEPServerEX: v6.0 to v6.9, ThingWorx Kepware Server: v6.8 and v6.9, ThingWorx Industrial Connectivity: All versions, OPC-Aggregator: All versions, Rockwell Automation KEPServer Enterprise, GE Digital… CWE-787
 Out-of-bounds Write 		CVE-2020-27263 2024-11-21 14:20 2021-01-14 Show GitHub Exploit DB Packet Storm
209440 8.8 HIGH
Network 		siemens teamcenter_visualization
jt2go 		A vulnerability has been identified in JT2Go (All versions < V13.1.0), Teamcenter Visualization (All versions < V13.1.0). Affected applications lack proper validation of user-supplied data when parsi… CWE-125
Out-of-bounds Read 		CVE-2020-26996 2024-11-21 14:20 2021-01-13 Show GitHub Exploit DB Packet Storm