Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":June 16, 2026, 6 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
232371 6.8 警告 webchamado - WebChamado の lista_anexos.php における SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2008-2906 2012-12-20 18:52 2008-06-30 Show GitHub Exploit DB Packet Storm
232372 7.5 危険 phpmycart - Conkurent PHPMyCart の shop.php における SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2008-2904 2012-12-20 18:52 2008-06-30 Show GitHub Exploit DB Packet Storm
232373 7.5 危険 phpauction - PHPAuction の item.php における SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2008-2900 2012-12-20 18:52 2008-06-27 Show GitHub Exploit DB Packet Storm
232374 6.8 警告 wise-ftp - AceBIT WISE-FTP の FTP クライアントにおけるディレクトリトラバーサルの脆弱性 CWE-22
パス・トラバーサル 		CVE-2008-2889 2012-12-20 18:52 2008-06-27 Show GitHub Exploit DB Packet Storm
232375 9.3 危険 rss aggregator - RSS-aggregator の display.php における PHP リモートファイルインクルージョンの脆弱性 CWE-94
コード・インジェクション 		CVE-2008-2884 2012-12-20 18:52 2008-06-27 Show GitHub Exploit DB Packet Storm
232376 5 警告 relative real estate systems - Relative Real Estate Systems における重要な情報を取得される脆弱性 CWE-200
情報漏えい 		CVE-2008-2881 2012-12-20 18:52 2008-06-26 Show GitHub Exploit DB Packet Storm
232377 6.4 警告 yektaweb - AWT YEKTA の rss_getfile.php におけるオープンリダイレクトの脆弱性 CWE-Other
その他 		CVE-2008-2878 2012-12-20 18:52 2008-06-26 Show GitHub Exploit DB Packet Storm
232378 7.5 危険 webdevindo-cms - Webdevindo-CMS の index.php における SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2008-2875 2012-12-20 18:52 2008-06-26 Show GitHub Exploit DB Packet Storm
232379 7.5 危険 SoftbizScripts - Softbiz Jokes & Funny Pics Script の index.php における SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2008-2874 2012-12-20 18:52 2008-06-26 Show GitHub Exploit DB Packet Storm
232380 7.5 危険 sharecms - ShareCMS における SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2008-2870 2012-12-20 18:52 2008-06-26 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:June 16, 2026, 4:13 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
211651 7.5 HIGH
Network 		octopus octopus_deploy An issue was discovered in Octopus Deploy through 2020.4.4. If enabled, the websocket endpoint may allow an untrusted tentacle host to present itself as a trusted one. NVD-CWE-noinfo
CVE-2020-27155 2024-11-21 14:20 2020-10-23 Show GitHub Exploit DB Packet Storm
211652 5.3 MEDIUM
Network 		atomx atomxcms AtomXCMS 2.0 is affected by Arbitrary File Read via admin/dump.php CWE-22
CWE-668
Path Traversal
 Exposure of Resource to Wrong Sphere 		CVE-2020-26650 2024-11-21 14:20 2020-10-23 Show GitHub Exploit DB Packet Storm
211653 8.1 HIGH
Network 		atomx atomxcms_2 AtomXCMS 2.0 is affected by Incorrect Access Control via admin/dump.php CWE-306
CWE-862
Missing Authentication for Critical Function
 Missing Authorization 		CVE-2020-26649 2024-11-21 14:20 2020-10-23 Show GitHub Exploit DB Packet Storm
211654 5.3 MEDIUM
Network 		lightning_network_daemon_project lightning_network_daemon Prior to 0.10.0-beta, LND (Lightning Network Daemon) would have accepted a counterparty high-S signature and broadcast tx-relay invalid local commitment/HTLC transactions. This can be exploited by an… CWE-354
 Improper Validation of Integrity Check Value 		CVE-2020-26895 2024-11-21 14:20 2020-10-21 Show GitHub Exploit DB Packet Storm
211655 6.1 MEDIUM
Network 		matrix synapse AuthRestServlet in Matrix Synapse before 1.21.0 is vulnerable to XSS due to unsafe interpolation of the session GET parameter. This allows a remote attacker to execute an XSS attack on the domain Syn… CWE-79
Cross-site Scripting 		CVE-2020-26891 2024-11-21 14:20 2020-10-20 Show GitHub Exploit DB Packet Storm
211656 9.8 CRITICAL
Network 		libtaxii_project
eclecticiq 		libtaxii
opentaxii 		TAXII libtaxii through 1.1.117, as used in EclecticIQ OpenTAXII through 0.2.0 and other products, allows SSRF via an initial http:// substring to the parse method, even when the no_network setting is… CWE-918
Server-Side Request Forgery (SSRF)  		CVE-2020-27197 2024-11-21 14:20 2020-10-18 Show GitHub Exploit DB Packet Storm
211657 8.2 HIGH
Network 		lightning_network_daemon_project lightning_network_daemon Prior to 0.11.0-beta, LND (Lightning Network Daemon) had a vulnerability in its invoice database. While claiming on-chain a received HTLC output, it didn't verify that the corresponding outgoing off-… CWE-354
 Improper Validation of Integrity Check Value 		CVE-2020-26896 2024-11-21 14:20 2020-10-21 Show GitHub Exploit DB Packet Storm
211658 5.5 MEDIUM
Local 		linux linux_kernel An issue was discovered in the Linux kernel before 5.8.15. scalar32_min_max_or in kernel/bpf/verifier.c mishandles bounds tracking during use of 64-bit values, aka CID-5b9fbeb75b6a. CWE-681
 Incorrect Conversion between Numeric Types 		CVE-2020-27194 2024-11-21 14:20 2020-10-17 Show GitHub Exploit DB Packet Storm
211659 7.5 HIGH
Network 		apereo central_authentication_service Apereo CAS 5.3.x before 5.3.16, 6.x before 6.1.7.2, 6.2.x before 6.2.4, and 6.3.x before 6.3.0-RC4 mishandles secret keys with Google Authenticator for multifactor authentication. NVD-CWE-noinfo
CVE-2020-27178 2024-11-21 14:20 2020-10-17 Show GitHub Exploit DB Packet Storm
211660 5.4 MEDIUM
Network 		testimonial_rotator_project testimonial_rotator Testimonial Rotator Wordpress Plugin 3.0.2 is affected by Cross Site Scripting (XSS) in /wp-admin/post.php. If a user intercepts a request and inserts a payload in "cite" parameter, the payload will … CWE-79
Cross-site Scripting 		CVE-2020-26672 2024-11-21 14:20 2020-10-17 Show GitHub Exploit DB Packet Storm