Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":June 30, 2026, 10 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
247361 7.5 危険 Drupal
brian miller		 - Drupal の Taxonomy Timer モジュールにおける SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2009-4296 2012-06-26 16:18 2009-12-11 Show GitHub Exploit DB Packet Storm
247362 6.8 警告 barnraiser - AROUNDMe の components/core/connect.php における PHP リモートファイルインクルージョンの脆弱性 CWE-94
コード・インジェクション 		CVE-2009-4264 2012-06-26 16:18 2009-12-10 Show GitHub Exploit DB Packet Storm
247363 4.3 警告 Clixint Technologies - Image Hosting Script DPI の images.php におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2009-4252 2012-06-26 16:18 2009-12-9 Show GitHub Exploit DB Packet Storm
247364 9.3 危険 コーレル株式会社 - Jasc Paint Shop Pro におけるスタックベースのバッファオーバーフローの脆弱性 CWE-119
バッファエラー 		CVE-2009-4251 2012-06-26 16:18 2009-12-9 Show GitHub Exploit DB Packet Storm
247365 4.3 警告 korn19
CutePHP		 - CutePHP CuteNews および UTF-8 CuteNews におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2009-4250 2012-06-26 16:18 2009-12-9 Show GitHub Exploit DB Packet Storm
247366 2.6 注意 CutePHP - CutePHP CuteNews におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2009-4249 2012-06-26 16:18 2009-12-9 Show GitHub Exploit DB Packet Storm
247367 7.5 危険 Basic-CMS - SweetRice の as/lib/plugins.php におけるディレクトリトラバーサルの脆弱性 CWE-22
パス・トラバーサル 		CVE-2009-4231 2012-06-26 16:18 2009-12-8 Show GitHub Exploit DB Packet Storm
247368 7.5 危険 Activewebsoftwares - ActiveWebSoftwares Active Bids における SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2009-4229 2012-06-26 16:18 2009-12-8 Show GitHub Exploit DB Packet Storm
247369 6.8 警告 Basic-CMS - SweetRice における PHP リモートファイルインクルージョンの脆弱性 CWE-20
不適切な入力確認 		CVE-2009-4224 2012-06-26 16:18 2009-12-7 Show GitHub Exploit DB Packet Storm
247370 7.5 危険 gianni tommasi - KR-Web の adm/krgourl.php における PHP リモートファイルインクルージョンの脆弱性 CWE-94
コード・インジェクション 		CVE-2009-4223 2012-06-26 16:18 2009-12-7 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:June 30, 2026, 4:22 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
211841 9.8 CRITICAL
Network 		inxedu inxedu SQL Injection vulnerability in file /inxedu/demo_inxedu_open/src/main/resources/mybatis/inxedu/website/WebsiteImagesMapper.xml in inxedu 2.0.6 via the id value. CWE-89
SQL Injection 		CVE-2020-35326 2024-11-21 14:27 2023-01-19 Show GitHub Exploit DB Packet Storm
211842 4.3 MEDIUM
Adjacent 		bluetooth bluetooth_core_specification An information leakage vulnerability in the Bluetooth Low Energy advertisement scan response in Bluetooth Core Specifications 4.0 through 5.2, and extended scan response in Bluetooth Core Specificati… CWE-203
CWE-294
 Information Exposure Through Discrepancy
Authentication Bypass by Capture-replay  		CVE-2020-35473 2024-11-21 14:27 2022-11-8 Show GitHub Exploit DB Packet Storm
211843 8.8 HIGH
Network 		bigprof online_invoicing_system BigProf Online Invoicing System before 3.0 offers a functionality that allows an administrator to move the records of members across groups. The applicable endpoint (admin/pageTransferOwnership.php) … CWE-352
 Origin Validation Error 		CVE-2020-35675 2024-11-21 14:27 2022-09-29 Show GitHub Exploit DB Packet Storm
211844 9.8 CRITICAL
Network 		bigprof online_invoicing_system BigProf Online Invoicing System before 2.9 suffers from an unauthenticated SQL Injection found in /membership_passwordReset.php (the endpoint that is responsible for issuing self-service password res… CWE-89
SQL Injection 		CVE-2020-35674 2024-11-21 14:27 2022-09-29 Show GitHub Exploit DB Packet Storm
211845 5.5 MEDIUM
Local 		libraw libraw In LibRaw, there is an out-of-bounds read vulnerability within the "LibRaw::parseSonySRF()" function (libraw\src\metadata\sony.cpp) when processing srf files. CWE-125
Out-of-bounds Read 		CVE-2020-35535 2024-11-21 14:27 2022-09-2 Show GitHub Exploit DB Packet Storm
211846 5.5 MEDIUM
Local 		libraw libraw In LibRaw, there is a memory corruption vulnerability within the "crxFreeSubbandData()" function (libraw\src\decoders\crx.cpp) when processing cr3 files. CWE-770
 Allocation of Resources Without Limits or Throttling 		CVE-2020-35534 2024-11-21 14:27 2022-09-2 Show GitHub Exploit DB Packet Storm
211847 5.5 MEDIUM
Local 		libraw
debian 		libraw
debian_linux 		In LibRaw, an out-of-bounds read vulnerability exists within the "LibRaw::adobe_copy_pixel()" function (libraw\src\decoders\dng.cpp) when reading data from the image file. CWE-125
Out-of-bounds Read 		CVE-2020-35533 2024-11-21 14:27 2022-09-2 Show GitHub Exploit DB Packet Storm
211848 5.5 MEDIUM
Local 		libraw
debian 		libraw
debian_linux 		In LibRaw, an out-of-bounds read vulnerability exists within the "simple_decode_row()" function (libraw\src\x3f\x3f_utils_patched.cpp) which can be triggered via an image with a large row_stride fiel… CWE-125
Out-of-bounds Read 		CVE-2020-35532 2024-11-21 14:27 2022-09-2 Show GitHub Exploit DB Packet Storm
211849 5.5 MEDIUM
Local 		libraw
debian 		libraw
debian_linux 		In LibRaw, an out-of-bounds read vulnerability exists within the get_huffman_diff() function (libraw\src\x3f\x3f_utils_patched.cpp) when reading data from an image file. CWE-125
Out-of-bounds Read 		CVE-2020-35531 2024-11-21 14:27 2022-09-2 Show GitHub Exploit DB Packet Storm
211850 5.5 MEDIUM
Local 		libraw
debian 		libraw
debian_linux 		In LibRaw, there is an out-of-bounds write vulnerability within the "new_node()" function (libraw\src\x3f\x3f_utils_patched.cpp) that can be triggered via a crafted X3F file. CWE-787
 Out-of-bounds Write 		CVE-2020-35530 2024-11-21 14:27 2022-09-2 Show GitHub Exploit DB Packet Storm