Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":June 6, 2026, noon

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
231081 4.3 警告 torrenttrader - TorrentTrader Classic の account-inbox.php におけるクロスサイトリクエストフォージェリの脆弱性 CWE-352
同一生成元ポリシー違反 		CVE-2008-1172 2012-12-20 18:34 2008-03-5 Show GitHub Exploit DB Packet Storm
231082 7.8 危険 simm-comm - SCI Photo Chat Server の組み込まれた HTTP サーバにおけるディレクトリトラバーサルの脆弱性 CWE-22
パス・トラバーサル 		CVE-2008-1169 2012-12-20 18:34 2008-03-5 Show GitHub Exploit DB Packet Storm
231083 4.3 警告 sarg - Sarg におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2008-1168 2012-12-20 18:34 2008-03-5 Show GitHub Exploit DB Packet Storm
231084 10 危険 sarg - Sarg の useragent.c におけるスタックベースのバッファオーバーフローの脆弱性 CWE-119
バッファエラー 		CVE-2008-1167 2012-12-20 18:34 2008-03-5 Show GitHub Exploit DB Packet Storm
231085 7.5 危険 phpComasy - phpComasy の index.php における SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2008-1164 2012-12-20 18:34 2008-03-5 Show GitHub Exploit DB Packet Storm
231086 7.5 危険 phparcadescript - phpArcadeScript の index.php における SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2008-1163 2012-12-20 18:34 2008-03-5 Show GitHub Exploit DB Packet Storm
231087 7.5 危険 ZyXEL - ZyXEL ZyWALL における権限を取得される脆弱性 CWE-DesignError
CVE-2008-1160 2012-12-20 18:34 2008-03-24 Show GitHub Exploit DB Packet Storm
231088 5.1 警告 The phpMyAdmin Project - phpMyAdmin における SQL インジェクションおよびクロスサイトリクエストフォージェリ攻撃を実行される脆弱性 CWE-352
CWE-89
CVE-2008-1149 2012-12-20 18:34 2008-03-3 Show GitHub Exploit DB Packet Storm
231089 9.3 危険 synce - SynCE-dccm の vdccm の src/utils.cpp における任意のコマンドを実行される脆弱性 CWE-20
CWE-94
CVE-2008-1136 2012-12-20 18:34 2008-03-4 Show GitHub Exploit DB Packet Storm
231090 4.3 警告 xrms crm - XRMS CRM の admin/users/self.php におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2008-1129 2012-12-20 18:34 2008-03-3 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:June 6, 2026, 4:18 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
209871 6.5 MEDIUM
Network 		gitlab gitlab A DOS vulnerability exists in Gitlab CE/EE >=10.3, <13.4.7,>=13.5, <13.5.5,>=13.6, <13.6.2 that allows an attacker to trigger uncontrolled resource by bypassing input validation in markdown fields. CWE-20
CWE-400
 Improper Input Validation 
 Uncontrolled Resource Consumption 		CVE-2020-26409 2024-11-21 14:19 2020-12-11 Show GitHub Exploit DB Packet Storm
209872 3.3 LOW
Local 		google tensorflow In affected versions of TensorFlow running an LSTM/GRU model where the LSTM/GRU layer receives an input with zero-length results in a CHECK failure when using the CUDA backend. This can result in a q… CWE-20
 Improper Input Validation  		CVE-2020-26270 2024-11-21 14:19 2020-12-11 Show GitHub Exploit DB Packet Storm
209873 7.5 HIGH
Network 		google tensorflow In TensorFlow release candidate versions 2.4.0rc*, the general implementation for matching filesystem paths to globbing pattern is vulnerable to an access out of bounds of the array holding the direc… CWE-125
Out-of-bounds Read 		CVE-2020-26269 2024-11-21 14:19 2020-12-11 Show GitHub Exploit DB Packet Storm
209874 7.8 HIGH
Local 		google tensorflow In affected versions of TensorFlow the tf.raw_ops.DataFormatVecPermute API does not validate the src_format and dst_format attributes. The code assumes that these two arguments define a permutation o… CWE-125
Out-of-bounds Read 		CVE-2020-26267 2024-11-21 14:19 2020-12-11 Show GitHub Exploit DB Packet Storm
209875 5.3 MEDIUM
Local 		google tensorflow In affected versions of TensorFlow under certain cases a saved model can trigger use of uninitialized values during code execution. This is caused by having tensor buffers be filled with the default … CWE-908
 Use of Uninitialized Resource 		CVE-2020-26266 2024-11-21 14:19 2020-12-11 Show GitHub Exploit DB Packet Storm
209876 9.8 CRITICAL
Network 		askey ap5100w_firmware Askey AP5100W_Dual_SIG_1.01.097 and all prior versions use a weak password at the Operating System (rlx-linux) level. This allows an attacker to gain unauthorized access as an admin or root user to t… CWE-521
Weak Password Requirements  		CVE-2020-26201 2024-11-21 14:19 2020-12-11 Show GitHub Exploit DB Packet Storm
209877 4.4 MEDIUM
Local 		google tensorflow In affected versions of TensorFlow the tf.raw_ops.ImmutableConst operation returns a constant tensor created from a memory mapped file which is assumed immutable. However, if the type of the tensor i… NVD-CWE-Other
CVE-2020-26268 2024-11-21 14:19 2020-12-11 Show GitHub Exploit DB Packet Storm
209878 8.8 HIGH
Network 		fastadmin fastadmin The member center function in fastadmin V1.0.0.20200506_beta is vulnerable to a Server-Side Template Injection (SSTI) vulnerability. CWE-74
Injection 		CVE-2020-25967 2024-11-21 14:19 2020-12-11 Show GitHub Exploit DB Packet Storm
209879 3.3 LOW
Local 		google tensorflow In affected versions of TensorFlow under certain cases, loading a saved model can result in accessing uninitialized memory while building the computation graph. The MakeEdge function creates an edge … CWE-125
CWE-908
Out-of-bounds Read
 Use of Uninitialized Resource 		CVE-2020-26271 2024-11-21 14:19 2020-12-11 Show GitHub Exploit DB Packet Storm
209880 5.4 MEDIUM
Network 		gitlab gitlab A XSS vulnerability exists in Gitlab CE/EE from 12.4 before 13.4.7, 13.5 before 13.5.5, and 13.6 before 13.6.2 that allows an attacker to perform cross-site scripting to other users via importing a m… CWE-79
Cross-site Scripting 		CVE-2020-26407 2024-11-21 14:19 2020-12-10 Show GitHub Exploit DB Packet Storm