Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":June 13, 2026, 2 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
246251 5 警告 BitDefender
Linux		 - Bitdefender のスキャンエンジンにおける整数オーバーフローの脆弱性 CWE-189
数値処理の問題 		CVE-2008-6661 2012-06-26 16:10 2009-04-7 Show GitHub Exploit DB Packet Storm
246252 4.3 警告 comscripts - GEDCOM_TO_MYSQL におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2008-6655 2012-06-26 16:10 2009-04-7 Show GitHub Exploit DB Packet Storm
246253 4.3 警告 coronamatrix - CoronaMatrix phpAddressBook の index.php におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2008-6646 2012-06-26 16:10 2009-04-7 Show GitHub Exploit DB Packet Storm
246254 7.5 危険 dotcontent - DotContent FluentCMS の view.php における SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2008-6642 2012-06-26 16:10 2009-04-7 Show GitHub Exploit DB Packet Storm
246255 6.5 警告 ASP indir - Shader TV (Beta) における SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2008-6641 2012-06-26 16:10 2009-04-7 Show GitHub Exploit DB Packet Storm
246256 7.5 危険 ASP indir - BatmanPorTaL における SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2008-6640 2012-06-26 16:10 2009-04-7 Show GitHub Exploit DB Packet Storm
246257 6.8 警告 Pydio - AjaXplorer の admin.php におけるクロスサイトリクエストフォージェリの脆弱性 CWE-352
同一生成元ポリシー違反 		CVE-2008-6639 2012-06-26 16:10 2009-04-7 Show GitHub Exploit DB Packet Storm
246258 6.8 警告 geody - Geody Labs Dagger - The Cutting Edge における PHP リモートファイルインクルージョンの脆弱性 CWE-94
コード・インジェクション 		CVE-2008-6636 2012-06-26 16:10 2009-04-7 Show GitHub Exploit DB Packet Storm
246259 6.8 警告 geody - Geody Labs Dagger - The Cutting Edge における PHP リモートファイルインクルージョンの脆弱性 CWE-94
コード・インジェクション 		CVE-2008-6635 2012-06-26 16:10 2009-04-7 Show GitHub Exploit DB Packet Storm
246260 9 危険 アバイア - Avaya SES の Web 管理インターフェースにおける任意のコマンドを実行される脆弱性 CWE-noinfo
情報不足 		CVE-2008-6709 2012-06-26 16:10 2008-06-25 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:June 13, 2026, 4:20 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
218361 6.5 MEDIUM
Network 		linux
opensuse
debian
canonical
netapp 		linux_kernel
leap
debian_linux
ubuntu_linux
cloud_backup
element_software
steelstore_cloud_integrated_storage
solidfire
hci_management_node
active_iq_unified_manager
sol… 		gadget_dev_desc_UDC_store in drivers/usb/gadget/configfs.c in the Linux kernel 3.16 through 5.6.13 relies on kstrdup without considering the possibility of an internal '\0' value, which allows attack… CWE-125
Out-of-bounds Read 		CVE-2020-13143 2024-11-21 14:00 2020-05-19 Show GitHub Exploit DB Packet Storm
218362 7.5 HIGH
Network 		dlink dsp-w215_firmware D-Link DSP-W215 1.26b03 devices send an obfuscated hash that can be retrieved and understood by a network sniffer. NVD-CWE-noinfo
CVE-2020-13136 2024-11-21 14:00 2020-05-19 Show GitHub Exploit DB Packet Storm
218363 6.5 MEDIUM
Adjacent 		dlink dsp-w215_firmware D-Link DSP-W215 1.26b03 devices allow information disclosure by intercepting messages on the local network, as demonstrated by a Squid Proxy. CWE-327
 Use of a Broken or Risky Cryptographic Algorithm 		CVE-2020-13135 2024-11-21 14:00 2020-05-19 Show GitHub Exploit DB Packet Storm
218364 5.3 MEDIUM
Network 		libreoffice
opensuse 		libreoffice
leap 		If LibreOffice has an encrypted document open and crashes, that document is auto-saved encrypted. On restart, LibreOffice offers to restore the document and prompts for the password to decrypt it. If… CWE-312
 Cleartext Storage of Sensitive Information 		CVE-2020-12801 2024-11-21 14:00 2020-05-19 Show GitHub Exploit DB Packet Storm
218365 7.2 HIGH
Network 		heinekingmedia stashcat An issue was discovered in the stashcat app through 3.9.1 for macOS, Windows, Android, iOS, and possibly other platforms. The GET method is used with client_key and device_id data in the query string… CWE-200
Information Exposure 		CVE-2020-13129 2024-11-21 14:00 2020-05-18 Show GitHub Exploit DB Packet Storm
218366 5.3 MEDIUM
Network 		health covidsafe COVIDSafe through v1.0.17 allows a remote attacker to access phone name and model information because a BLE device can have four roles and COVIDSafe uses all of them. This allows for re-identificatio… CWE-269
 Improper Privilege Management 		CVE-2020-12860 2024-11-21 14:00 2020-05-18 Show GitHub Exploit DB Packet Storm
218367 5.3 MEDIUM
Network 		health covidsafe Unnecessary fields in the OpenTrace/BlueTrace protocol in COVIDSafe through v1.0.17 allow a remote attacker to identify a device model by observing cleartext payload data. This allows re-identificati… CWE-312
 Cleartext Storage of Sensitive Information 		CVE-2020-12859 2024-11-21 14:00 2020-05-18 Show GitHub Exploit DB Packet Storm
218368 7.5 HIGH
Network 		health covidsafe Non-reinitialisation of random data in the advertising payload in COVIDSafe v1.0.15 and v1.0.16 allows a remote attacker to re-identify Android devices running COVIDSafe by scanning for their adverti… CWE-330
 Use of Insufficiently Random Values 		CVE-2020-12858 2024-11-21 14:00 2020-05-18 Show GitHub Exploit DB Packet Storm
218369 7.5 HIGH
Network 		health covidsafe Caching of GATT characteristic values (TempID) in COVIDSafe v1.0.15 and v1.0.16 allows a remote attacker to long-term re-identify an Android device running COVIDSafe. CWE-459
 Incomplete Cleanup 		CVE-2020-12857 2024-11-21 14:00 2020-05-18 Show GitHub Exploit DB Packet Storm
218370 9.8 CRITICAL
Network 		alberta
tracetogether
health 		abtracetogether
tracetogether
covidsafe 		OpenTrace, as used in COVIDSafe through v1.0.17, TraceTogether, ABTraceTogether, and other applications on iOS and Android, allows remote attackers to conduct long-term re-identification attacks and … NVD-CWE-noinfo
CVE-2020-12856 2024-11-21 14:00 2020-05-18 Show GitHub Exploit DB Packet Storm