Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":June 12, 2026, 6 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
246441 7.5 危険 Drupal - Drupal 用の EveryBlog モジュールにおけるアクセス制限を回避される脆弱性 CWE-264
認可・権限・アクセス制御 		CVE-2008-6137 2012-06-26 16:10 2008-10-8 Show GitHub Exploit DB Packet Storm
246442 5 警告 codecall
Joomla!		 - Joomla! の ionfiles コンポーネントの download.php におけるディレクトリトラバーサルの脆弱性 CWE-22
パス・トラバーサル 		CVE-2008-6080 2012-06-26 16:10 2009-02-6 Show GitHub Exploit DB Packet Storm
246443 10 危険 Enlightenment - imlib2 における詳細不明な脆弱性 CWE-noinfo
情報不足 		CVE-2008-6079 2012-06-26 16:10 2009-02-6 Show GitHub Exploit DB Packet Storm
246444 5 警告 GraphicsMagick - GraphicsMagick におけるサービス運用妨害 (DoS) の脆弱性 CWE-noinfo
情報不足 		CVE-2008-6072 2012-06-26 16:10 2009-02-10 Show GitHub Exploit DB Packet Storm
246445 10 危険 GraphicsMagick - GraphicsMagick の DecodeImage 関数におけるヒープベースのバッファオーバーフローの脆弱性 CWE-119
バッファエラー 		CVE-2008-6071 2012-06-26 16:10 2009-02-10 Show GitHub Exploit DB Packet Storm
246446 9.3 危険 GraphicsMagick - GraphicsMagick の ReadPALMImage 関数におけるサービス運用妨害 (DoS) の脆弱性 CWE-119
バッファエラー 		CVE-2008-6070 2012-06-26 16:10 2009-02-10 Show GitHub Exploit DB Packet Storm
246447 6.8 警告 e107.org
123flashchat		 - eChat プラグインの e107chat.php における SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2008-6069 2012-06-26 16:10 2009-02-10 Show GitHub Exploit DB Packet Storm
246448 7.5 危険 DomPHP - DomPHP における SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2008-6064 2012-06-26 16:10 2009-02-4 Show GitHub Exploit DB Packet Storm
246449 4.3 警告 ex-designs - World Recipe におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2008-6056 2012-06-26 16:10 2009-02-4 Show GitHub Exploit DB Packet Storm
246450 4.3 警告 adbnewssender - ADbNewsSender におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2008-6047 2012-06-26 16:10 2009-02-4 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:June 12, 2026, 4:20 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
218571 9.8 CRITICAL
Network 		bigbluebutton bigbluebutton BigBlueButton before 2.2.6 allows remote attackers to read arbitrary files because the presfilename (lowercase) value can be a .pdf filename while the presFilename (mixed case) value has a ../ sequen… CWE-22
Path Traversal 		CVE-2020-12443 2024-11-21 13:59 2020-04-29 Show GitHub Exploit DB Packet Storm
218572 9.8 CRITICAL
Network 		ivanti avalanche Ivanti Avalanche 6.3 allows a SQL injection that is vaguely associated with the Apache HTTP Server, aka Bug 683250. CWE-89
SQL Injection 		CVE-2020-12442 2024-11-21 13:59 2020-04-29 Show GitHub Exploit DB Packet Storm
218573 5.4 MEDIUM
Network 		opmantek open-audit Open-AudIT 3.3.0 allows an XSS attack after login. CWE-79
Cross-site Scripting 		CVE-2020-12261 2024-11-21 13:59 2020-04-29 Show GitHub Exploit DB Packet Storm
218574 7.7 HIGH
Network 		tiny_file_manager_project tiny_file_manager In Tiny File Manager 2.4.1 there is a vulnerability in the ajax file backup copy functionality which allows authenticated users to create backup copies of files (with .bak extension) outside the scop… CWE-22
Path Traversal 		CVE-2020-12103 2024-11-21 13:59 2020-04-29 Show GitHub Exploit DB Packet Storm
218575 5.4 MEDIUM
Network 		php-fusion php-fusion An XSS vulnerability exists in the banners.php page of PHP-Fusion 9.03.50. This can be exploited because the only security measure used against XSS is the stripping of SCRIPT tags. A malicious actor … CWE-79
Cross-site Scripting 		CVE-2020-12438 2024-11-21 13:59 2020-04-29 Show GitHub Exploit DB Packet Storm
218576 7.7 HIGH
Network 		tiny_file_manager_project tiny_file_manager In Tiny File Manager 2.4.1, there is a Path Traversal vulnerability in the ajax recursive directory listing functionality. This allows authenticated users to enumerate directories and files on the fi… CWE-22
Path Traversal 		CVE-2020-12102 2024-11-21 13:59 2020-04-29 Show GitHub Exploit DB Packet Storm
218577 6.5 MEDIUM
Network 		redhat libvirt
enterprise_linux 		An issue was discovered in qemuDomainGetStatsIOThread in qemu/qemu_driver.c in libvirt 4.10.0 though 6.x before 6.1.0. A memory leak was found in the virDomainListGetStats libvirt API that is respons… CWE-401
 Missing Release of Memory after Effective Lifetime 		CVE-2020-12430 2024-11-21 13:59 2020-04-29 Show GitHub Exploit DB Packet Storm
218578 9.8 CRITICAL
Network 		phpgurukul online_course_registration Online Course Registration 2.0 has multiple SQL injections that would can lead to a complete database compromise and authentication bypass in the login pages: admin/change-password.php, admin/check_a… CWE-89
SQL Injection 		CVE-2020-12429 2024-11-21 13:59 2020-04-29 Show GitHub Exploit DB Packet Storm
218579 7.5 HIGH
Network 		openldap
debian
opensuse
canonical
netapp
broadcom
apple
oracle 		openldap
debian_linux
leap
ubuntu_linux
cloud_backup
steelstore_cloud_integrated_storage
h410c_firmware
h300s_firmware
h500s_firmware
h700s_firmware
h300e_firmware
h5… 		In filter.c in slapd in OpenLDAP before 2.4.50, LDAP search filters with nested boolean expressions can result in denial of service (daemon crash). CWE-674
 Uncontrolled Recursion 		CVE-2020-12243 2024-11-21 13:59 2020-04-29 Show GitHub Exploit DB Packet Storm
218580 4.3 MEDIUM
Network 		octopus octopus_deploy In Octopus Deploy before 2019.12.9 and 2020 before 2020.1.12, the TaskView permission is not scoped to any dimension. For example, a scoped user who is scoped to only one tenant can view server tasks… NVD-CWE-noinfo
CVE-2020-12286 2024-11-21 13:59 2020-04-28 Show GitHub Exploit DB Packet Storm