Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":June 15, 2026, 4:01 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
246981 9.3 危険 オートデスク株式会社 - Revit Architecture 2009 SP2 で使用される DWF Viewer ActiveX コントロール (AdView.dll) の CExpressViewerControl クラスにおけるディレクトリトラバーサルの脆弱性 CWE-22
パス・トラバーサル 		CVE-2008-4471 2012-06-26 16:02 2008-10-7 Show GitHub Exploit DB Packet Storm
246982 7.5 危険 extrovert software - eXtrovert Thyme の groups モジュールの pick_users.php における SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2008-4459 2012-06-26 16:02 2008-10-6 Show GitHub Exploit DB Packet Storm
246983 7.5 危険 ephpscripts - E-Php B2B Trading Marketplace Script の listings.php における SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2008-4458 2012-06-26 16:02 2008-10-6 Show GitHub Exploit DB Packet Storm
246984 9.3 危険 dspicture - GdPicture Light Imaging Toolkit の GdPicture4S.Imaging ActiveX コントロールなどにおける任意のファイルを変更される脆弱性 CWE-264
認可・権限・アクセス制御 		CVE-2008-4453 2012-06-26 16:02 2008-10-6 Show GitHub Exploit DB Packet Storm
246985 9 危険 cambridge computer corporation - Cambridge Computer Corporation vxFtpSrv におけるバッファオーバーフローの脆弱性 CWE-119
バッファエラー 		CVE-2008-4452 2012-06-26 16:02 2008-10-6 Show GitHub Exploit DB Packet Storm
246986 4.3 警告 domain group network - Domain Group Network GooCMS の index.php におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2008-4424 2012-06-26 16:02 2008-10-3 Show GitHub Exploit DB Packet Storm
246987 2.1 注意 Debian - sabre の XRunSabre におけるサービス運用妨害 (DoS) の脆弱性 CWE-Other
その他 		CVE-2008-4407 2012-06-26 16:02 2008-07-20 Show GitHub Exploit DB Packet Storm
246988 7.2 危険 Debian - sabre の run スクリプトへの特定の Debian のパッチにおける任意のファイルを削除される脆弱性 CWE-59
リンク解釈の問題 		CVE-2008-4406 2012-06-26 16:02 2008-07-20 Show GitHub Exploit DB Packet Storm
246989 6.9 警告 Gentoo Linux - Portage における任意のコードを実行される脆弱性 CWE-Other
その他 		CVE-2008-4394 2012-06-26 16:02 2008-10-9 Show GitHub Exploit DB Packet Storm
246990 9.3 危険 シスコシステムズ - Cisco Linksys WVC54GC ワイアレスビデオカメラにおけるスタックベースのバッファオーバーフローの脆弱性 CWE-119
バッファエラー 		CVE-2008-4391 2012-06-26 16:02 2008-12-8 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:June 15, 2026, 4:10 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
220181 5.5 MEDIUM
Local 		eaton hmisoft_vu3_firmware Eaton HMiSoft VU3 (HMIVU3 runtime not impacted), Version 3.00.23 and prior, however, the HMIVU runtimes are not impacted by these issues. A specially crafted input file could trigger an out-of-bounds… CWE-125
Out-of-bounds Read 		CVE-2020-10637 2024-11-21 13:55 2020-04-16 Show GitHub Exploit DB Packet Storm
220182 7.8 HIGH
Local 		targetcli-fb_project targetcli-fb A flaw was found in Linux, in targetcli-fb versions 2.1.50 and 2.1.51 where the socket used by targetclid was world-writable. If a system enables the targetclid socket, a local attacker can use this … CWE-732
 Incorrect Permission Assignment for Critical Resource 		CVE-2020-10699 2024-11-21 13:55 2020-04-15 Show GitHub Exploit DB Packet Storm
220183 8.8 HIGH
Network 		icatchinc dvr_firmware iCatch DVR firmware before 20200103 do not validate function parameter properly, resulting attackers executing arbitrary command. CWE-77
Command Injection 		CVE-2020-10514 2024-11-21 13:55 2020-04-15 Show GitHub Exploit DB Packet Storm
220184 6.5 MEDIUM
Network 		icatchinc dvr_interface The file management interface of iCatch DVR firmware before 20200103 contains broken access control which allows the attacker to remotely manipulate arbitrary file. CWE-732
 Incorrect Permission Assignment for Critical Resource 		CVE-2020-10513 2024-11-21 13:55 2020-04-15 Show GitHub Exploit DB Packet Storm
220185 8.8 HIGH
Network 		hgiga oaklouds_ccm\@il HGiga C&Cmail CCMAILQ before olln-calendar-6.0-100.i386.rpm and CCMAILN before olln-calendar-5.0-100.i386.rpm contains a SQL Injection vulnerability which allows attackers to injecting SQL commands i… CWE-89
SQL Injection 		CVE-2020-10512 2024-11-21 13:55 2020-04-15 Show GitHub Exploit DB Packet Storm
220186 9.8 CRITICAL
Network 		hgiga oaklouds_ccm\@il HGiga C&Cmail CCMAILQ before olln-base-6.0-418.i386.rpm and CCMAILN before olln-base-5.0-418.i386.rpm contains insecure configurations. Attackers can exploit these flaws to access unauthorized functi… CWE-78
OS Command  		CVE-2020-10511 2024-11-21 13:55 2020-04-15 Show GitHub Exploit DB Packet Storm
220187 9.8 CRITICAL
Network 		the_school_manage_system_project the_school_manage_system The School Manage System before 2020, developed by ALLE INFORMATION CO., LTD., contains a vulnerability of Unrestricted file upload (RCE) , that would allow attackers to gain access in the hosting ma… CWE-434
 Unrestricted Upload of File with Dangerous Type  		CVE-2020-10507 2024-11-21 13:55 2020-04-15 Show GitHub Exploit DB Packet Storm
220188 7.5 HIGH
Network 		the_school_manage_system_project the_school_manage_system The School Manage System before 2020, developed by ALLE INFORMATION CO., LTD., contains a vulnerability of Path Traversal, allowing attackers to access arbitrary files. CWE-22
Path Traversal 		CVE-2020-10506 2024-11-21 13:55 2020-04-15 Show GitHub Exploit DB Packet Storm
220189 9.8 CRITICAL
Network 		the_school_manage_system_project the_school_manage_system The School Manage System before 2020, developed by ALLE INFORMATION CO., LTD., contains a vulnerability of SQL Injection, an attacker can use a union based injection query string to get databases sch… CWE-89
SQL Injection 		CVE-2020-10505 2024-11-21 13:55 2020-04-15 Show GitHub Exploit DB Packet Storm
220190 7.8 HIGH
Local 		mbconnectline mymbconnect24
mbconnect24 		An issue was discovered in the MB CONNECT LINE mymbCONNECT24 and mbCONNECT24 software in all versions through 2.6.1. There is a local privilege escalation from the www-data account to the root accoun… CWE-269
 Improper Privilege Management 		CVE-2020-10384 2024-11-21 13:55 2020-04-15 Show GitHub Exploit DB Packet Storm