Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":June 16, 2026, 6 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
248001 5 警告 csphere - Clansphere の install.php におけるディレクトリトラバーサルの脆弱性 CWE-22
パス・トラバーサル 		CVE-2008-0489 2012-06-26 15:55 2008-01-30 Show GitHub Exploit DB Packet Storm
248002 9.3 危険 Comodo
マイクロソフト		 - Comodo AntiVirus の特定の ActiveX コントロールにおける任意のコードを実行される脆弱性 CWE-DesignError
CVE-2008-0470 2012-06-26 15:55 2008-01-29 Show GitHub Exploit DB Packet Storm
248003 7.5 危険 flinx - Flinx の category.php における SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2008-0468 2012-06-26 15:55 2008-01-29 Show GitHub Exploit DB Packet Storm
248004 10 危険 Firebird Project - Firebird におけるスタックベースのバッファオーバーフローの脆弱性 CWE-119
バッファエラー 		CVE-2008-0467 2012-06-26 15:55 2008-01-28 Show GitHub Exploit DB Packet Storm
248005 5 警告 absofort - absofort aconon Mail 2007 Enterprise SQL の archiv.cgi におけるディレクトリトラバーサルの脆弱性 CWE-22
パス・トラバーサル 		CVE-2008-0464 2012-06-26 15:55 2008-01-25 Show GitHub Exploit DB Packet Storm
248006 6.8 警告 francisco burzi - PHP-Nuke の Search モジュールの index.php における SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2008-0461 2012-06-26 15:55 2008-01-25 Show GitHub Exploit DB Packet Storm
248007 6.8 警告 easysitenetwork - Easysitenetwork Recipe の list.php における SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2008-0453 2012-06-26 15:55 2008-01-24 Show GitHub Exploit DB Packet Storm
248008 7.5 危険 blogcms - BLOG:CMS における PHP リモートファイルインクルージョンの脆弱性 CWE-94
コード・インジェクション 		CVE-2008-0450 2012-06-26 15:55 2008-01-24 Show GitHub Exploit DB Packet Storm
248009 7.5 危険 cybergl dev team - phpSearch の utils/class_HTTPRetriever.php における PHP リモートファイルインクルージョンの脆弱性 CWE-94
コード・インジェクション 		CVE-2008-0448 2012-06-26 15:55 2008-01-24 Show GitHub Exploit DB Packet Storm
248010 7.5 危険 foojan - Foojan WMS PHP Weblog の index.php における SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2008-0447 2012-06-26 15:55 2008-01-24 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:June 16, 2026, 4:13 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
211431 6.8 MEDIUM
Physics 		sooil anydana-a_firmware
anydana-i_firmware
diabecare_rs_firmware 		In SOOIL Developments Co., Ltd Diabecare RS, AnyDana-i and AnyDana-A, a hard-coded physician PIN in the physician menu of the insulin pump allows attackers with physical access to change insulin ther… CWE-798
 Use of Hard-coded Credentials 		CVE-2020-27256 2024-11-21 14:20 2021-01-20 Show GitHub Exploit DB Packet Storm
211432 5.7 MEDIUM
Adjacent 		sooil anydana-a_firmware
anydana-i_firmware
diabecare_rs_firmware 		SOOIL Developments Co Ltd DiabecareRS,AnyDana-i & AnyDana-A, the communication protocol of the insulin pump and its AnyDana-i & AnyDana-A mobile apps doesn't use adequate measures to authenticate the… CWE-290
 Authentication Bypass by Spoofing 		CVE-2020-27276 2024-11-21 14:20 2021-01-20 Show GitHub Exploit DB Packet Storm
211433 5.7 MEDIUM
Adjacent 		sooil anydana-a_firmware
anydana-i_firmware
diabecare_rs_firmware 		SOOIL Developments CoLtd DiabecareRS, AnyDana-i, AnyDana-A, The communication protocol of the insulin pump and AnyDana-i,AnyDana-A mobile apps doesn't use adequate measures to authenticate the pump b… NVD-CWE-noinfo
CVE-2020-27272 2024-11-21 14:20 2021-01-20 Show GitHub Exploit DB Packet Storm
211434 5.7 MEDIUM
Adjacent 		sooil anydana-a_firmware
anydana-i_firmware
diabecare_rs_firmware 		SOOIL Developments CoLtd DiabecareRS, AnyDana-i ,AnyDana-A, communication protocol of the insulin pump & AnyDana-i,AnyDana-A mobile apps doesnt use adequate measures to protect encryption keys in tra… CWE-522
 Insufficiently Protected Credentials 		CVE-2020-27270 2024-11-21 14:20 2021-01-20 Show GitHub Exploit DB Packet Storm
211435 6.1 MEDIUM
Network 		eclipse hawkbit In all version of Eclipse Hawkbit prior to 0.3.0M7, the HTTP 404 (Not Found) JSON response body returned by the REST API may contain unsafe characters within the path attribute. Sending a POST reques… CWE-79
Cross-site Scripting 		CVE-2020-27219 2024-11-21 14:20 2021-01-15 Show GitHub Exploit DB Packet Storm
211436 5.4 MEDIUM
Network 		skyworth gn542vf_firmware Cross Site Scripting (XSS) in Configuration page in SKYWORTH GN542VF Hardware Version 2.0 and Software Version 2.0.0.16 allows authenticated attacker to inject their own script into the page via DDNS… CWE-79
Cross-site Scripting 		CVE-2020-26733 2024-11-21 14:20 2021-01-15 Show GitHub Exploit DB Packet Storm
211437 7.5 HIGH
Network 		skyworth gn542vf_boa_firmware SKYWORTH GN542VF Hardware Version 2.0 and Software Version 2.0.0.16 does not set the Secure flag for the session cookie in an HTTPS session, which makes it easier for remote attackers to capture this… CWE-311
Missing Encryption of Sensitive Data 		CVE-2020-26732 2024-11-21 14:20 2021-01-15 Show GitHub Exploit DB Packet Storm
211438 8.8 HIGH
Network 		eclipse hono The Eclipse Hono AMQP and MQTT protocol adapters do not check whether an authenticated gateway device is authorized to receive command & control messages when it has subscribed only to commands for a… CWE-862
 Missing Authorization 		CVE-2020-27220 2024-11-21 14:20 2021-01-15 Show GitHub Exploit DB Packet Storm
211439 9.1 CRITICAL
Network 		ptc
ge
rockwellautomation
softwaretoolbox 		opc-aggregator
thingworx_industrial_connectivity
thingworx_kepware_server
kepware_kepserverex
industrial_gateway_server
kepserver_enterprise
top_server 		KEPServerEX v6.0 to v6.9, ThingWorx Kepware Server v6.8 and v6.9, ThingWorx Industrial Connectivity (all versions), OPC-Aggregator (all versions), Rockwell Automation KEPServer Enterprise, GE Digital… CWE-787
 Out-of-bounds Write 		CVE-2020-27267 2024-11-21 14:20 2021-01-14 Show GitHub Exploit DB Packet Storm
211440 9.8 CRITICAL
Network 		ptc
ge
rockwellautomation
softwaretoolbox 		opc-aggregator
thingworx_industrial_connectivity
thingworx_kepware_server
kepware_kepserverex
industrial_gateway_server
kepserver_enterprise
top_server 		KEPServerEX: v6.0 to v6.9, ThingWorx Kepware Server: v6.8 and v6.9, ThingWorx Industrial Connectivity: All versions, OPC-Aggregator: All versions, Rockwell Automation KEPServer Enterprise, GE Digital… CWE-787
 Out-of-bounds Write 		CVE-2020-27265 2024-11-21 14:20 2021-01-14 Show GitHub Exploit DB Packet Storm