Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":June 4, 2026, 4 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
230991 10 危険 titan - Titan FTP Server の FTP サービスなどにおけるヒープベースのバッファオーバーフローの脆弱性 CWE-119
バッファエラー 		CVE-2008-0725 2012-12-20 18:34 2008-02-11 Show GitHub Exploit DB Packet Storm
230992 5 警告 the everything development company - The Everything Development System の The Everything Development Engine におけるユーザアカウントへアクセス権を取得される脆弱性 CWE-255
証明書・パスワード管理 		CVE-2008-0724 2012-12-20 18:34 2008-02-11 Show GitHub Exploit DB Packet Storm
230993 4.3 警告 planetluc - MyNews の mynews.inc.php におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2008-0723 2012-12-20 18:34 2008-02-11 Show GitHub Exploit DB Packet Storm
230994 4.3 警告 Webmin Project - Webmin および Usermin におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2008-0720 2012-12-20 18:34 2008-02-11 Show GitHub Exploit DB Packet Storm
230995 6.8 警告 シマンテック - Symantec Altiris Notification Server のエージェントにおける権限を取得される脆弱性 CWE-DesignError
CVE-2008-0716 2012-12-20 18:34 2008-02-6 Show GitHub Exploit DB Packet Storm
230996 5 警告 sflog - sflog! におけるディレクトリトラバーサルの脆弱性 CWE-22
パス・トラバーサル 		CVE-2008-0703 2012-12-20 18:34 2008-02-11 Show GitHub Exploit DB Packet Storm
230997 9.3 危険 south river technologies - Titan FTP Server におけるヒープベースのバッファオーバーフローの脆弱性 CWE-119
バッファエラー 		CVE-2008-0702 2012-12-20 18:34 2008-02-11 Show GitHub Exploit DB Packet Storm
230998 7.8 危険 print manager plus - Print Manager Plus 2008 Client Billing and Authentication におけるスタックベースのバッファオーバーフローの脆弱性 CWE-119
バッファエラー 		CVE-2008-0693 2012-12-20 18:34 2008-02-11 Show GitHub Exploit DB Packet Storm
230999 4.3 警告 simon elvery
WordPress.org		 - WordPress 用の Simon Elvery WP-Footnotes プラグイにおけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2008-0691 2012-12-20 18:34 2008-02-11 Show GitHub Exploit DB Packet Storm
231000 4.3 警告 smartscript - Smartscript Domain Trader の catalog.php におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2008-0688 2012-12-20 18:34 2008-02-11 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:June 4, 2026, 4:17 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
213611 9.8 CRITICAL
Network 		claws-mail
fedoraproject
opensuse 		claws-mail
fedora
leap
backports_sle 		common/session.c in Claws Mail before 3.17.6 has a protocol violation because suffix data after STARTTLS is mishandled. NVD-CWE-noinfo
CVE-2020-15917 2024-11-21 14:06 2020-07-24 Show GitHub Exploit DB Packet Storm
213612 9.8 CRITICAL
Network 		tenda ac15_firmware goform/AdvSetLanip endpoint on Tenda AC15 AC1900 15.03.05.19 devices allows remote attackers to execute arbitrary system commands via shell metacharacters in the lanIp POST parameter. CWE-78
OS Command  		CVE-2020-15916 2024-11-21 14:06 2020-07-24 Show GitHub Exploit DB Packet Storm
213613 6.5 MEDIUM
Adjacent 		tesla model_3_firmware Tesla Model 3 vehicles allow attackers to open a door by leveraging access to a legitimate key card, and then using NFC Relay. NOTE: the vendor has developed Pin2Drive to mitigate this issue NVD-CWE-noinfo
CVE-2020-15912 2024-11-21 14:06 2020-07-24 Show GitHub Exploit DB Packet Storm
213614 8.8 HIGH
Network 		softwareupdate_project softwareupdate A SQL injection vulnerability in softwareupdate_controller.php in the Software Update module before 1.6 for MunkiReport allows attackers to execute arbitrary SQL commands via the last URL parameter o… CWE-89
SQL Injection 		CVE-2020-15887 2024-11-21 14:06 2020-07-23 Show GitHub Exploit DB Packet Storm
213615 8.8 HIGH
Network 		reportdata_project reportdata A SQL injection vulnerability in reportdata_controller.php in the reportdata module before 3.5 for MunkiReport allows attackers to execute arbitrary SQL commands via the req parameter of the /module/… CWE-89
SQL Injection 		CVE-2020-15886 2024-11-21 14:06 2020-07-23 Show GitHub Exploit DB Packet Storm
213616 5.4 MEDIUM
Network 		munkireport_project comment A Cross-Site Scripting (XSS) vulnerability in the comment module before 4.0 for MunkiReport allows remote attackers to inject arbitrary web script or HTML by posting a new comment. CWE-79
Cross-site Scripting 		CVE-2020-15885 2024-11-21 14:06 2020-07-23 Show GitHub Exploit DB Packet Storm
213617 8.8 HIGH
Network 		munkireport_project munkireport A SQL injection vulnerability in TableQuery.php in MunkiReport before 5.6.3 allows attackers to execute arbitrary SQL commands via the order[0][dir] field on POST requests to /datatables/data. CWE-89
SQL Injection 		CVE-2020-15884 2024-11-21 14:06 2020-07-23 Show GitHub Exploit DB Packet Storm
213618 6.1 MEDIUM
Network 		managedinstalls_project managedinstalls A Cross-Site Scripting (XSS) vulnerability in the managedinstalls module before 2.6 for MunkiReport allows remote attackers to inject arbitrary web script or HTML via the last two URL parameters (thr… CWE-79
Cross-site Scripting 		CVE-2020-15883 2024-11-21 14:06 2020-07-23 Show GitHub Exploit DB Packet Storm
213619 8.1 HIGH
Network 		munkireport_project munkireport A CSRF issue in manager/delete_machine/{id} in MunkiReport before 5.6.3 allows attackers to delete arbitrary machines from the MunkiReport database. CWE-352
 Origin Validation Error 		CVE-2020-15882 2024-11-21 14:06 2020-07-23 Show GitHub Exploit DB Packet Storm
213620 6.1 MEDIUM
Network 		munki_facts_project munki_facts A Cross-Site Scripting (XSS) vulnerability in the munki_facts (aka Munki Conditions) module before 1.5 for MunkiReport allows remote attackers to inject arbitrary web script or HTML via the key name. CWE-79
Cross-site Scripting 		CVE-2020-15881 2024-11-21 14:06 2020-07-23 Show GitHub Exploit DB Packet Storm