Vulnerability Search Top

Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

Vulnerability Information Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":June 16, 2026, 6 p.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
230861	7.5	危険	zipstore	-	Zip Store Chat の admin/index.asp における SQL インジェクションの脆弱性	CWE-89 SQLインジェクション	CVE-2009-2142	2012-12-20 19:10	2009-06-22	Show	GitHub Exploit DB Packet Storm

230862	4.3	警告	tbdev	-	TBDev.NET におけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2009-2141	2012-12-20 19:10	2009-06-22	Show	GitHub Exploit DB Packet Storm

230863	9.3	危険	サン・マイクロシステムズ	-	Go-oo の svtools/source/filter.vcl/wmf/enhwmf.cxx におけるヒープベースのバッファオーバーフローの脆弱性	CWE-119 バッファエラー	CVE-2009-2139	2012-12-20 19:10	2009-09-8	Show	GitHub Exploit DB Packet Storm

230864	4.3	警告	tbdev	-	TBDev.NET におけるオープンリダイレクトの脆弱性	CWE-20 不適切な入力確認	CVE-2009-2138	2012-12-20 19:10	2009-06-19	Show	GitHub Exploit DB Packet Storm

230865	5	警告	pivot	-	Pivot の pivot/tb.php における重要な情報を取得される脆弱性	CWE-200 情報漏えい	CVE-2009-2134	2012-12-20 19:10	2009-06-19	Show	GitHub Exploit DB Packet Storm

230866	4.3	警告	pivot	-	Pivot におけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2009-2133	2012-12-20 19:10	2009-06-19	Show	GitHub Exploit DB Packet Storm

230867	6.5	警告	tekbase	-	TekBase All-in-One における SQL インジェクションの脆弱性	CWE-89 SQLインジェクション	CVE-2009-2120	2012-12-20 19:10	2009-06-18	Show	GitHub Exploit DB Packet Storm

230868	7.5	危険	phportal	-	phPortal の uye_paneli.php における管理者アクセス権を取得される脆弱性	CWE-287 不適切な認証	CVE-2009-2117	2012-12-20 19:10	2009-06-18	Show	GitHub Exploit DB Packet Storm

230869	4	警告	Iconify.it	-	SkyBlueCanvas の admin.php におけるディレクトリトラバーサルの脆弱性	CWE-22 パス・トラバーサル	CVE-2009-2116	2012-12-20 19:10	2009-06-18	Show	GitHub Exploit DB Packet Storm

230870	6.8	警告	Iconify.it	-	SkyBlueCanvas の admin.php における重要な情報を取得される脆弱性	CWE-200 情報漏えい	CVE-2009-2115	2012-12-20 19:10	2009-06-18	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:June 16, 2026, 4:13 a.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
209031	9.8	CRITICAL Network	inxedu	inxedu	SQL Injection in com/inxedu/OS/edu/controller/letter/AdminMsgSystemController in Inxedu v2.0.6 via the ids parameter to admin/letter/delsystem.	CWE-89 SQL Injection	CVE-2020-35430	2024-11-21 14:27	2021-04-30	Show	GitHub Exploit DB Packet Storm

209032	5.4	MEDIUM Network	unisys	data_exchange_management_studio	Unisys Data Exchange Management Studio through 5.0.34 doesn't sanitize the input to a HTML document field. This could be used for an XSS attack.	CWE-79 Cross-site Scripting	CVE-2020-35542	2024-11-21 14:27	2021-04-27	Show	GitHub Exploit DB Packet Storm

209033	9.8	CRITICAL Network	wondercms	wondercms	A remote code execution vulnerability in the installUpdateThemePluginAction function in index.php in WonderCMS 3.1.3, allows remote attackers to upload a custom plugin which can contain arbitrary cod…	CWE-78 OS Command	CVE-2020-35314	2024-11-21 14:27	2021-04-21	Show	GitHub Exploit DB Packet Storm

209034	9.8	CRITICAL Network	wondercms	wondercms	A server-side request forgery (SSRF) vulnerability in the addCustomThemePluginRepository function in index.php in WonderCMS 3.1.3 allows remote attackers to execute arbitrary code via a crafted URL t…	CWE-918 Server-Side Request Forgery (SSRF)	CVE-2020-35313	2024-11-21 14:27	2021-04-21	Show	GitHub Exploit DB Packet Storm

209035	5.4	MEDIUM Network	monicahq	monica	Cross Site Scripting (XSS) in Monica before 2.19.1 via the journal page.	CWE-79 Cross-site Scripting	CVE-2020-35660	2024-11-21 14:27	2021-04-15	Show	GitHub Exploit DB Packet Storm

209036	6.1	MEDIUM Network	group-office	group_office	Cross Site Scripting (XSS) in Group Office CRM 6.4.196 via the SET_LANGUAGE parameter.	CWE-79 Cross-site Scripting	CVE-2020-35419	2024-11-21 14:27	2021-04-15	Show	GitHub Exploit DB Packet Storm

209037	5.4	MEDIUM Network	group-office	group_office	Cross Site Scripting (XSS) in the contact page of Group Office CRM 6.4.196 by uploading a crafted svg file.	CWE-79 Cross-site Scripting	CVE-2020-35418	2024-11-21 14:27	2021-04-15	Show	GitHub Exploit DB Packet Storm

209038	9.8	CRITICAL Network	conquest_dicom_server_project	conquest_dicom_server	CONQUEST DICOM SERVER before 1.5.0 has a code execution vulnerability which can be exploited by attackers to execute malicious code.	NVD-CWE-noinfo	CVE-2020-35308	2024-11-21 14:27	2021-04-1	Show	GitHub Exploit DB Packet Storm

209039	5.3	MEDIUM Network	redhat	389_directory_server enterprise_linux directory_server	When binding against a DN during authentication, the reply from 389-ds-base will be different whether the DN exists or not. This can be used by an unauthenticated attacker to check the existence of a…	CWE-203 Information Exposure Through Discrepancy	CVE-2020-35518	2024-11-21 14:27	2021-03-27	Show	GitHub Exploit DB Packet Storm

209040	4.5	MEDIUM Local	linux redhat netapp	linux_kernel enterprise_linux a700s_firmware brocade_fabric_operating_system_firmware fas8300_firmware fas8700_firmware aff_a400_firmware h300s_firmware h500s_firmware h700…	A flaw possibility of race condition and incorrect initialization of the process id was found in the Linux kernel child/parent process identification handling while filtering signal handlers. A local…	-	CVE-2020-35508	2024-11-21 14:27	2021-03-27	Show	GitHub Exploit DB Packet Storm