Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":June 20, 2026, 6 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
233081 4.3 警告 smartscript - Smartscript Domain Trader の catalog.php におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2008-0688 2012-12-20 18:34 2008-02-11 Show GitHub Exploit DB Packet Storm
233082 7.5 危険 youtube - Youtube Clone Script の siteadmin/editor_files/includes/load_message.php におけるクロスサイトスクリプティングの脆弱性 CWE-94
コード・インジェクション 		CVE-2008-0687 2012-12-20 18:34 2008-02-11 Show GitHub Exploit DB Packet Storm
233083 7.5 危険 WordPress.org - WordPress 用の st_newsletter プラグインにおける SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2008-0683 2012-12-20 18:34 2008-02-11 Show GitHub Exploit DB Packet Storm
233084 7.5 危険 WordPress.org - WordPress 用の Wordspew プラグインにおける SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2008-0682 2012-12-20 18:34 2008-02-11 Show GitHub Exploit DB Packet Storm
233085 6.8 警告 phpshop - PHPShop の index.php における SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2008-0681 2012-12-20 18:34 2008-02-11 Show GitHub Exploit DB Packet Storm
233086 7.5 危険 the everything development company - The Everything Development System の The Everything Development Engine における SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2008-0675 2012-12-20 18:34 2008-02-11 Show GitHub Exploit DB Packet Storm
233087 7.5 危険 tintin - TinTin++ および WinTin++ におけるホームディレクトリの一番上のレベルにある任意のファイルを切り捨てられる脆弱性 CWE-DesignError
CVE-2008-0673 2012-12-20 18:34 2008-02-11 Show GitHub Exploit DB Packet Storm
233088 5 警告 tintin - TinTin++ および WinTin++ の process_chat_input 関数におけるサービス運用妨害 (DoS) の脆弱性 CWE-20
不適切な入力確認 		CVE-2008-0672 2012-12-20 18:34 2008-02-11 Show GitHub Exploit DB Packet Storm
233089 10 危険 tintin - TinTin++ および WinTin++ の add_line_buffer 関数におけるスタックベースのバッファオーバーフローの脆弱性 CWE-119
バッファエラー 		CVE-2008-0671 2012-12-20 18:34 2008-02-11 Show GitHub Exploit DB Packet Storm
233090 4.3 警告 sift - Sift Unity の search.cgi におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2008-0669 2012-12-20 18:34 2008-02-11 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:June 21, 2026, 4:01 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
313971 4.4 MEDIUM
Local 		- - Three vulnerabilities in the CLI of Cisco TelePresence CE and RoomOS could allow an authenticated, local attacker to overwrite arbitrary files on the local file system of an affected device. These… CWE-59
Link Following 		CVE-2023-20004 2024-11-19 02:11 2024-11-16 Show GitHub Exploit DB Packet Storm
313972 5.4 MEDIUM
Network 		- - A vulnerability in the web management interface of Cisco BroadWorks Hosted Thin Receptionist could allow an authenticated, remote attacker to conduct a cross-site scripting (XSS) attack against … CWE-79
Cross-site Scripting 		CVE-2022-20948 2024-11-19 02:11 2024-11-16 Show GitHub Exploit DB Packet Storm
313973 4.3 MEDIUM
Network 		- - A vulnerability in the web-based management interface of Cisco Smart Software Manager On-Prem could allow an authenticated, remote attacker to elevate privileges on an affected system. This vul… CWE-922
 Insecure Storage of Sensitive Information 		CVE-2022-20939 2024-11-19 02:11 2024-11-16 Show GitHub Exploit DB Packet Storm
313974 6.1 MEDIUM
Network 		- - IBM Concert Software 1.0.0 through 1.0.1 is vulnerable to cross-site scripting. This vulnerability allows an unauthenticated attacker to embed arbitrary JavaScript code in the Web UI thus altering th… CWE-79
Cross-site Scripting 		CVE-2024-41785 2024-11-19 02:11 2024-11-16 Show GitHub Exploit DB Packet Storm
313975 - - - A vulnerability classified as problematic has been found in code-projects Online Shop Store 1.0. This affects an unknown part of the file /signup.php. The manipulation of the argument m2 with the inp… CWE-79
CWE-94
Cross-site Scripting
Code Injection 		CVE-2024-11243 2024-11-19 02:11 2024-11-16 Show GitHub Exploit DB Packet Storm
313976 - - - A vulnerability was found in ZZCMS 2023. It has been rated as critical. Affected by this issue is some unknown functionality of the file /admin/ad_list.php?action=pass of the component Keyword Filter… CWE-89
CWE-74
SQL Injection
Injection 		CVE-2024-11242 2024-11-19 02:11 2024-11-16 Show GitHub Exploit DB Packet Storm
313977 6.5 MEDIUM
Adjacent 		- - A vulnerability in the version control of Cisco TelePresence CE Software for Cisco Touch 10 Devices could allow an unauthenticated, adjacent attacker to install an older version of the soft… CWE-527
 Exposure of Version-Control Repository to an Unauthorized Control Sphere 		CVE-2022-20931 2024-11-19 02:11 2024-11-16 Show GitHub Exploit DB Packet Storm
313978 6.3 MEDIUM
Network 		- - A vulnerability in the web management interface of Cisco AsyncOS for Cisco Secure Web Appliance, formerly Cisco Web Security Appliance (WSA), could allow an authenticated, remote … CWE-78
OS Command  		CVE-2022-20871 2024-11-19 02:11 2024-11-16 Show GitHub Exploit DB Packet Storm
313979 7.4 HIGH
Network 		- - A vulnerability in the REST API of Cisco Expressway Series and Cisco TelePresence VCS could allow an unauthenticated, remote attacker to conduct a cross-site request forgery (CSRF) attack o… CWE-352
 Origin Validation Error 		CVE-2022-20853 2024-11-19 02:11 2024-11-16 Show GitHub Exploit DB Packet Storm
313980 6.1 MEDIUM
Adjacent 		- - A vulnerability in the Broadband Network Gateway PPP over Ethernet (PPPoE) feature of Cisco IOS XR Software could allow an unauthenticated, adjacent attacker to cause the PPPoE process to contin… CWE-391
 Unchecked Error Condition 		CVE-2022-20849 2024-11-19 02:11 2024-11-16 Show GitHub Exploit DB Packet Storm