Vulnerability Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":June 21, 2026, 6 p.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
247601	4.3	警告	Claroline Consortium	-	Claroline におけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2008-3315	2012-06-26 16:02	2008-07-25	Show	GitHub Exploit DB Packet Storm

247602	7.5	危険	creacms	-	CreaCMS における PHP リモートファイルインクルージョンの脆弱性	CWE-94 コード・インジェクション	CVE-2008-3313	2012-06-26 16:02	2008-07-25	Show	GitHub Exploit DB Packet Storm

247603	7.5	危険	adam scheinberg	-	Adam Scheinberg Flip の config.php における PHP リモートファイルインクルージョンの脆弱性	CWE-94 コード・インジェクション	CVE-2008-3311	2012-06-26 16:02	2008-07-25	Show	GitHub Exploit DB Packet Storm

247604	7.5	危険	digiappz	-	DigiLeave の info_book.asp における SQL インジェクションの脆弱性	CWE-89 SQLインジェクション	CVE-2008-3309	2012-06-26 16:02	2008-07-25	Show	GitHub Exploit DB Packet Storm

247605	6.8	警告	carlos desseno	-	C. Desseno YouTube Blog の cuenta/cuerpo.php における PHP リモートファイルインクルージョンの脆弱性	CWE-94 コード・インジェクション	CVE-2008-3308	2012-06-26 16:02	2008-07-25	Show	GitHub Exploit DB Packet Storm

247606	4.3	警告	carlos desseno	-	C. Desseno YouTube Blog の mensaje.php におけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2008-3305	2012-06-26 16:02	2008-07-25	Show	GitHub Exploit DB Packet Storm

247607	7.5	危険	alphadmin	-	AlphAdmin CMS における管理アクセス権を取得される脆弱性	CWE-264 認可・権限・アクセス制御	CVE-2008-3300	2012-06-26 16:02	2008-07-25	Show	GitHub Exploit DB Packet Storm

247608	7.5	危険	eSyndiCat	-	eSyndiCat における管理者アクセス権を取得される脆弱性	CWE-287 不適切な認証	CVE-2008-3299	2012-06-26 16:02	2008-07-25	Show	GitHub Exploit DB Packet Storm

247609	5	警告	ezwebalbum	-	EZWebAlbum の download.php におけるディレクトリトラバーサルの脆弱性	CWE-22 パス・トラバーサル	CVE-2008-3293	2012-06-26 16:02	2008-07-24	Show	GitHub Exploit DB Packet Storm

247610	6.4	警告	ezwebalbum	-	constants.inc の EZWebAlbum における管理者権限を取得される脆弱性	CWE-287 不適切な認証	CVE-2008-3292	2012-06-26 16:02	2008-07-24	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:June 22, 2026, 4 a.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
219611	5.5	MEDIUM Local	oppo	reno3_pro_firmware find_x2_pro_firmware	In /SM8250_Q_Master/android/vendor/oppo_charger/oppo/oppo_vooc.c, the function proc_fastchg_fw_update_write in proc_fastchg_fw_update_write does not check the parameter len, resulting in a vulnerabil…	CWE-787 Out-of-bounds Write	CVE-2020-11834	2024-11-21 13:58	2021-01-1	Show	GitHub Exploit DB Packet Storm

219612	5.5	MEDIUM Local	oppo	reno3_pro_firmware find_x2_pro_firmware	In /SM8250_Q_Master/android/vendor/oppo_charger/oppo/charger_ic/oppo_mp2650.c, the function mp2650_data_log_write in mp2650_data_log_write does not check the parameter len which causes a vulnerabilit…	CWE-787 Out-of-bounds Write	CVE-2020-11833	2024-11-21 13:58	2021-01-1	Show	GitHub Exploit DB Packet Storm

219613	5.5	MEDIUM Local	oppo	reno3_pro_firmware find_x2_pro_firmware	In functions charging_limit_current_write and charging_limit_time_write in /SM8250_Q_Master/android/vendor/oppo_charger/oppo/oppo_charger.c have not checked the parameters, which causes a vulnerabili…	CWE-787 Out-of-bounds Write	CVE-2020-11832	2024-11-21 13:58	2021-01-1	Show	GitHub Exploit DB Packet Storm

219614	3.8	LOW Local	qemu	qemu	iscsi_aio_ioctl_cb in block/iscsi.c in QEMU 4.1.0 has a heap-based buffer over-read that may disclose unrelated information from process memory to an attacker.	CWE-125 Out-of-bounds Read	CVE-2020-11947	2024-11-21 13:58	2020-12-31	Show	GitHub Exploit DB Packet Storm

219615	7.5	HIGH Network	bilanc	bilanc	An issue was discovered in Programi Bilanc build 007 release 014 31.01.2020 and possibly below. It relies on broken encryption with a weak and guessable static encryption key.	CWE-798 Use of Hard-coded Credentials	CVE-2020-11719	2024-11-21 13:58	2020-12-24	Show	GitHub Exploit DB Packet Storm

219616	9.8	CRITICAL Network	bilanc	bilanc	An issue was discovered in Programi Bilanc build 007 release 014 31.01.2020 and possibly below. During the installation, it sets up administrative access by default with the account admin and passwor…	CWE-798 Use of Hard-coded Credentials	CVE-2020-11720	2024-11-21 13:58	2020-12-24	Show	GitHub Exploit DB Packet Storm

219617	7.4	HIGH Network	bilanc	bilanc	An issue was discovered in Programi Bilanc build 007 release 014 31.01.2020 and below. Its software-update packages are downloaded via cleartext HTTP.	CWE-319 Cleartext Transmission of Sensitive Information	CVE-2020-11718	2024-11-21 13:58	2020-12-24	Show	GitHub Exploit DB Packet Storm

219618	9.8	CRITICAL Network	bilanc	bilanc	An issue was discovered in Programi 014 31.01.2020. It has multiple SQL injection vulnerabilities.	CWE-89 SQL Injection	CVE-2020-11717	2024-11-21 13:58	2020-12-22	Show	GitHub Exploit DB Packet Storm

219619	3.3	LOW Local	audacityteam fedoraproject	audacity fedora	Audacity through 2.3.3 saves temporary files to /var/tmp/audacity-$USER by default. After Audacity creates the temporary directory, it sets its permissions to 755. Any user on the system can read and…	CWE-276 Incorrect Default Permissions	CVE-2020-11867	2024-11-21 13:58	2020-12-1	Show	GitHub Exploit DB Packet Storm

219620	9.8	CRITICAL Network	oppo	ovoicemanager	OvoiceManager has system permission to write vulnerability reports for arbitrary files, affected product is com.oppo.ovoicemanager V2.0.1.	CWE-732 Incorrect Permission Assignment for Critical Resource	CVE-2020-11831	2024-11-21 13:58	2020-11-20	Show	GitHub Exploit DB Packet Storm

Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed