Vulnerability Search Top

Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

Vulnerability Information Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":June 14, 2026, 6 p.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
247201	8.5	危険	freeSSHd	-	freeSSHd の SFTP におけるスタックベースのバッファオーバーフローの脆弱性	CWE-119 バッファエラー	CVE-2008-2573	2012-06-26 16:02	2008-06-6	Show	GitHub Exploit DB Packet Storm

247202	4.3	警告	fourtwosevenbb	-	427BB におけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2008-2561	2012-06-26 16:02	2008-06-6	Show	GitHub Exploit DB Packet Storm

247203	7.5	危険	fourtwosevenbb	-	427BB の showpost.php における SQL インジェクションの脆弱性	CWE-89 SQLインジェクション	CVE-2008-2560	2012-06-26 16:02	2008-06-6	Show	GitHub Exploit DB Packet Storm

247204	7.5	危険	Borland Software Corporation	-	Borland Interbase における整数オーバーフローの脆弱性	CWE-189 数値処理の問題	CVE-2008-2559	2012-06-26 16:02	2008-06-5	Show	GitHub Exploit DB Packet Storm

247205	5	警告	creloaded	-	CRE Loaded におけるクッキーを傍受される脆弱性	CWE-310 暗号の問題	CVE-2008-2558	2012-06-26 16:02	2008-06-5	Show	GitHub Exploit DB Packet Storm

247206	4.3	警告	creloaded	-	CRE Loaded におけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2008-2557	2012-06-26 16:02	2008-06-5	Show	GitHub Exploit DB Packet Storm

247207	7.5	危険	easyway	-	EasyWay CMS の index.php における SQL インジェクションの脆弱性	CWE-89 SQLインジェクション	CVE-2008-2555	2012-06-26 16:02	2008-06-5	Show	GitHub Exploit DB Packet Storm

247208	7.5	危険	bp blog	-	BP Blog における SQL インジェクションの脆弱性	CWE-89 SQLインジェクション	CVE-2008-2554	2012-06-26 16:02	2008-06-5	Show	GitHub Exploit DB Packet Storm

247209	5	警告	Digium	-	Asterisk Addons の ooh323 チャネルドライバにおけるサービス運用妨害 (DoS) の脆弱性	CWE-399 リソース管理の問題	CVE-2008-2543	2012-06-26 16:02	2008-06-5	Show	GitHub Exploit DB Packet Storm

247210	7.5	危険	fkrauthan	-	Phoenix View CMS Pre Alpha2 における SQL インジェクションの脆弱性	CWE-89 SQLインジェクション	CVE-2008-2535	2012-06-26 16:02	2008-06-3	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:June 14, 2026, 4:12 a.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
219821	7.5	HIGH Network	oklok_project	oklok	The OKLOK (3.1.1) mobile companion app for Fingerprint Bluetooth Padlock FB50 (2.3) does not correctly implement its timeout on the four-digit verification code that is required for resetting passwor…	CWE-613 CWE-307 Insufficient Session Expiration mproper Restriction of Excessive Authentication Attempts	CVE-2020-10876	2024-11-21 13:56	2020-05-4	Show	GitHub Exploit DB Packet Storm

219822	4.7	MEDIUM Local	torchbox	wagtail	In Wagtail before versions 2.7.3 and 2.8.2, a potential timing attack exists on pages or documents that have been protected with a shared password through Wagtail's "Privacy" controls. This password …	CWE-362 Race Condition	CVE-2020-11037	2024-11-21 13:56	2020-05-1	Show	GitHub Exploit DB Packet Storm

219823	5.4	MEDIUM Network	wordpress debian	wordpress debian_linux	In affected versions of WordPress, a special payload can be crafted that can lead to scripts getting executed within the search block of the block editor. This requires an authenticated user with the…	CWE-79 Cross-site Scripting	CVE-2020-11030	2024-11-21 13:56	2020-05-1	Show	GitHub Exploit DB Packet Storm

219824	6.1	MEDIUM Network	debian wordpress	debian_linux wordpress	In affected versions of WordPress, a vulnerability in the stats() method of class-wp-object-cache.php can be exploited to execute cross-site scripting (XSS) attacks. This has been patched in version …	CWE-79 Cross-site Scripting	CVE-2020-11029	2024-11-21 13:56	2020-05-1	Show	GitHub Exploit DB Packet Storm

219825	7.5	HIGH Network	wordpress debian	wordpress debian_linux	In affected versions of WordPress, some private posts, which were previously public, can result in unauthenticated disclosure under a specific set of conditions. This has been patched in version 5.4.…	CWE-306 Missing Authentication for Critical Function	CVE-2020-11028	2024-11-21 13:56	2020-05-1	Show	GitHub Exploit DB Packet Storm

219826	8.1	HIGH Network	debian wordpress	debian_linux wordpress	In affected versions of WordPress, a password reset link emailed to a user does not expire upon changing the user password. Access would be needed to the email account of the user by a malicious part…	-	CVE-2020-11027	2024-11-21 13:56	2020-05-1	Show	GitHub Exploit DB Packet Storm

219827	5.4	MEDIUM Network	wordpress debian	wordpress debian_linux	In affected versions of WordPress, files with a specially crafted name when uploaded to the Media section can lead to script execution upon accessing the file. This requires an authenticated user wit…	CWE-79 Cross-site Scripting	CVE-2020-11026	2024-11-21 13:56	2020-05-1	Show	GitHub Exploit DB Packet Storm

219828	8.8	HIGH Network	intelmq_manager_project	intelmq_manager	IntelMQ Manager from version 1.1.0 and before version 2.1.1 has a vulnerability where the backend incorrectly handled messages given by user-input in the "send" functionality of the Inspect-tool of t…	CWE-78 OS Command	CVE-2020-11016	2024-11-21 13:56	2020-05-1	Show	GitHub Exploit DB Packet Storm

219829	5.4	MEDIUM Network	wordpress debian	wordpress debian_linux	In affected versions of WordPress, a cross-site scripting (XSS) vulnerability in the navigation section of Customizer allows JavaScript code to be executed. Exploitation requires an authenticated use…	CWE-79 Cross-site Scripting	CVE-2020-11025	2024-11-21 13:56	2020-05-1	Show	GitHub Exploit DB Packet Storm

219830	9.1	CRITICAL Network	thinx-device-api_project	thinx-device-api	A vulnerability has been disclosed in thinx-device-api IoT Device Management Server before version 2.5.0. Device MAC address can be spoofed. This means initial registration requests without UDID and …	-	CVE-2020-11015	2024-11-21 13:56	2020-05-1	Show	GitHub Exploit DB Packet Storm