Vulnerability Search Top

Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

Vulnerability Information Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":June 19, 2026, 4 p.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
232621	10	危険	tmsnc	-	tmsnc におけるスタックベースのバッファオーバーフローの脆弱性	CWE-119 バッファエラー	CVE-2008-2828	2012-12-20 18:52	2008-06-23	Show	GitHub Exploit DB Packet Storm

232622	4.3	警告	Xerox	-	Xerox WorkCentre M123 などの組込み Web Server におけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2008-2825	2012-12-20 18:52	2008-06-12	Show	GitHub Exploit DB Packet Storm

232623	10	危険	Xerox	-	Xerox WorkCentre 7655 などの Web Services における変更を設定される脆弱性	CWE-264 認可・権限・アクセス制御	CVE-2008-2824	2012-12-20 18:52	2008-06-12	Show	GitHub Exploit DB Packet Storm

232624	7.5	危険	phpeasynews	-	PHPeasyblog の newsarchive.php における SQL インジェクションの脆弱性	CWE-89 SQLインジェクション	CVE-2008-2823	2012-12-20 18:52	2008-06-23	Show	GitHub Exploit DB Packet Storm

232625	4.3	警告	shoutcastadmin	-	WallCity-Server Shoutcast Admin Panel におけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2008-2814	2012-12-20 18:52	2008-06-23	Show	GitHub Exploit DB Packet Storm

232626	6.8	警告	shoutcastadmin	-	WallCity-Server Shoutcast Admin Panel の index.php におけるディレクトリトラバーサルの脆弱性	CWE-22 パス・トラバーサル	CVE-2008-2813	2012-12-20 18:52	2008-06-23	Show	GitHub Exploit DB Packet Storm

232627	6.8	警告	シマンテック	-	Symantec Altiris Notification Server Agent の GUI における権限を取得される脆弱性	CWE-264 認可・権限・アクセス制御	CVE-2008-2794	2012-12-20 18:52	2008-06-17	Show	GitHub Exploit DB Packet Storm

232628	6.4	警告	Spamdyke	-	spamdyke の smtp_filter 関数におけるオープンメールリレーとしてサーバを使用される脆弱性	CWE-264 認可・権限・アクセス制御	CVE-2008-2784	2012-12-20 18:52	2008-06-19	Show	GitHub Exploit DB Packet Storm

232629	7.5	危険	revokesoft	-	RevokeBB の Search System における SQL インジェクションの脆弱性	CWE-89 SQLインジェクション	CVE-2008-2778	2012-12-20 18:52	2008-06-19	Show	GitHub Exploit DB Packet Storm

232630	7.5	危険	phpraider	-	Simple Machines phpRaider の authentication/smf/smf.functions.php における PHP リモートファイルインクルージョンの脆弱性	CWE-94 コード・インジェクション	CVE-2008-2769	2012-12-20 18:52	2008-06-18	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:June 19, 2026, 4:01 a.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
211791	6.8	MEDIUM Physics	solokeys nitrokey	solo_firmware somu_firmware fido2_firmware	The flash read-out protection (RDP) level is not enforced during the device initialization phase of the SoloKeys Solo 4.0.0 & Somu and the Nitrokey FIDO2 token. This allows an adversary to downgrade …	CWE-326 Inadequate Encryption Strength	CVE-2020-27208	2024-11-21 14:20	2021-05-21	Show	GitHub Exploit DB Packet Storm

211792	7.5	HIGH Network	micro-ecc_project	micro-ecc	The ECDSA operation of the micro-ecc library 1.0 is vulnerable to simple power analysis attacks which allows an adversary to extract the private ECC key.	NVD-CWE-noinfo	CVE-2020-27209	2024-11-21 14:20	2021-05-21	Show	GitHub Exploit DB Packet Storm

211793	7.5	HIGH Network	moxa	nport_ia5150a_firmware nport_ia5250a_firmware nport_ia5450a_firmware	Cleartext transmission of sensitive information via Moxa Service in NPort IA5000A series serial devices. Successfully exploiting the vulnerability could enable attackers to read authentication data, …	CWE-319 Cleartext Transmission of Sensitive Information	CVE-2020-27185	2024-11-21 14:20	2021-05-14	Show	GitHub Exploit DB Packet Storm

211794	5.9	MEDIUM Network	moxa	nport_ia5150a_firmware nport_ia5250a_firmware nport_ia5450a_firmware	The NPort IA5000A Series devices use Telnet as one of the network device management services. Telnet does not support the encryption of client-server communications, making it vulnerable to Man-in-th…	CWE-319 Cleartext Transmission of Sensitive Information	CVE-2020-27184	2024-11-21 14:20	2021-05-14	Show	GitHub Exploit DB Packet Storm

211795	7.5	HIGH Network	moxa	nport_ia5150a_firmware nport_ia5250a_firmware nport_ia5450a_firmware	In multiple versions of NPort IA5000A Series, the result of exporting a device’s configuration contains the passwords of all users on the system and other sensitive data in the original form if “Pre-…	NVD-CWE-noinfo	CVE-2020-27150	2024-11-21 14:20	2021-05-14	Show	GitHub Exploit DB Packet Storm

211796	6.5	MEDIUM Network	moxa	nport_ia5150a_firmware nport_ia5250a_firmware nport_ia5450a_firmware	By exploiting a vulnerability in NPort IA5150A/IA5250A Series before version 1.5, a user with “Read Only” privilege level can send requests via the web console to have the device’s configuration chan…	NVD-CWE-noinfo	CVE-2020-27149	2024-11-21 14:20	2021-05-14	Show	GitHub Exploit DB Packet Storm

211797	7.5	HIGH Network	kaspersky	password_manager	Password generator feature in Kaspersky Password Manager was not completely cryptographically strong and potentially allowed an attacker to predict generated passwords in some cases. An attacker woul…	CWE-326 Inadequate Encryption Strength	CVE-2020-27020	2024-11-21 14:20	2021-05-14	Show	GitHub Exploit DB Packet Storm

211798	8.8	HIGH Network	openclinic_ga_project	openclinic_ga	An exploitable SQL injection vulnerability exists in ‘listImmoLabels.jsp’ page of OpenClinic GA 5.173.3 application. The immoComment parameter in the ‘listImmoLabels.jsp’ page is vulnerable to authen…	CWE-89 SQL Injection	CVE-2020-27246	2024-11-21 14:20	2021-05-11	Show	GitHub Exploit DB Packet Storm

211799	8.8	HIGH Network	openclinic_ga_project	openclinic_ga	An exploitable SQL injection vulnerability exists in ‘listImmoLabels.jsp’ page of OpenClinic GA 5.173.3 application. The immoBuyer parameter in the ‘listImmoLabels.jsp’ page is vulnerable to authenti…	CWE-89 SQL Injection	CVE-2020-27245	2024-11-21 14:20	2021-05-11	Show	GitHub Exploit DB Packet Storm

211800	8.8	HIGH Network	openclinic_ga_project	openclinic_ga	An exploitable SQL injection vulnerability exists in ‘listImmoLabels.jsp’ page of OpenClinic GA 5.173.3 application. The immoCode parameter in the ‘listImmoLabels.jsp’ page is vulnerable to authentic…	CWE-89 SQL Injection	CVE-2020-27244	2024-11-21 14:20	2021-05-11	Show	GitHub Exploit DB Packet Storm