Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":May 31, 2026, 6 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
230291 4.3 警告 slashcode.com - Slash におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2008-2553 2012-12-20 18:52 2008-06-5 Show GitHub Exploit DB Packet Storm
230292 9.3 危険 Skype Technologies S.A. - Skype における警告ダイアログを回避される脆弱性 CWE-20
不適切な入力確認 		CVE-2008-2545 2012-12-20 18:52 2008-06-6 Show GitHub Exploit DB Packet Storm
230293 7.2 危険 サン・マイクロシステムズ - Sun Solaris 上の Sun Cluster における任意の削除されたファイルデータが読まれる脆弱性 CWE-264
認可・権限・アクセス制御 		CVE-2008-2539 2012-12-20 18:52 2008-03-30 Show GitHub Exploit DB Packet Storm
230294 7.5 危険 YABSoft - YABSoft AIH Script の out.php における SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2008-2536 2012-12-20 18:52 2008-06-3 Show GitHub Exploit DB Packet Storm
230295 7.5 危険 quickupcms - Concepts & Solutions QuickUpCMS における SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2008-2530 2012-12-20 18:52 2008-06-3 Show GitHub Exploit DB Packet Storm
230296 4.3 警告 TYPO3 Association - TYPO3 用の WT Gallery エクステンションにおけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2008-2526 2012-12-20 18:52 2008-06-3 Show GitHub Exploit DB Packet Storm
230297 4.3 警告 TYPO3 Association - TYPO3 用の Event Database エクステンションにおけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2008-2525 2012-12-20 18:52 2008-06-3 Show GitHub Exploit DB Packet Storm
230298 7.5 危険 raknet - RakNet の Autopatcher サーバプラグインにおける SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2008-2523 2012-12-20 18:52 2008-06-3 Show GitHub Exploit DB Packet Storm
230299 6.5 警告 YABSoft - YABSoft Mega File Hosting Script の members.php における SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2008-2521 2012-12-20 18:52 2008-06-3 Show GitHub Exploit DB Packet Storm
230300 2.1 注意 sarab - SaraB の sarab.sh スクリプトにおける重要な情報を取得される脆弱性 CWE-200
情報漏えい 		CVE-2008-2517 2012-12-20 18:52 2008-06-3 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:May 31, 2026, 4:16 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
291971 9.8 CRITICAL
Network 		swfupload_project swfupload There is an object injection vulnerability in swfupload plugin for wordpress. CWE-74
Injection 		CVE-2013-4144 2024-11-21 10:54 2022-07-1 Show GitHub Exploit DB Packet Storm
291972 6.5 MEDIUM
Network 		otrs otrs Kernel/Modules/AgentTicketWatcher.pm in Open Ticket Request System (OTRS) 3.0.x before 3.0.21, 3.1.x before 3.1.17, and 3.2.x before 3.2.8 does not properly restrict tickets, which allows remote atta… CWE-200
Information Exposure 		CVE-2013-4088 2024-11-21 10:54 2020-02-22 Show GitHub Exploit DB Packet Storm
291973 7.5 HIGH
Network 		opensips opensips A Denial of Service (infinite loop) exists in OpenSIPS before 1.10 in lookup.c. CWE-835
 Loop with Unreachable Exit Condition ('Infinite Loop') 		CVE-2013-3722 2024-11-21 10:54 2020-02-18 Show GitHub Exploit DB Packet Storm
291974 9.8 CRITICAL
Network 		zabbix zabbix A File Inclusion vulnerability exists in Zabbix 2.0.6 due to inadequate sanitization of request strings in CGI scripts, which could let a remote malicious user execute arbitrary code. CWE-20
 Improper Input Validation  		CVE-2013-3738 2024-11-21 10:54 2020-02-18 Show GitHub Exploit DB Packet Storm
291975 9.8 CRITICAL
Network 		invisioncommunity invision_power_board Invision Power Board (IPB) through 3.x allows admin account takeover leading to code execution. NVD-CWE-noinfo
CVE-2013-3725 2024-11-21 10:54 2020-02-13 Show GitHub Exploit DB Packet Storm
291976 7.5 HIGH
Network 		varnish_cache_project varnish_cache Varnish HTTP cache before 3.0.4: ACL bug NVD-CWE-Other
CVE-2013-4090 2024-11-21 10:54 2020-02-13 Show GitHub Exploit DB Packet Storm
291977 7.0 HIGH
Local 		spritesoftware spritebackup
spritebud 		A Privilege Escalation Vulnerability exists in Sprite Software Spritebud 1.3.24 and 1.3.28 and Backup 2.5.4105 and 2.5.4108 on LG Android smartphones due to a race condition in the spritebud daemon, … CWE-362
Race Condition 		CVE-2013-3685 2024-11-21 10:54 2020-02-13 Show GitHub Exploit DB Packet Storm
291978 7.8 HIGH
Local 		daum potplayer Potplayer prior to 1.5.39659: DLL Loading Arbitrary Code Execution Vulnerability CWE-426
 Untrusted Search Path 		CVE-2013-3942 2024-11-21 10:54 2020-02-12 Show GitHub Exploit DB Packet Storm
291979 9.8 CRITICAL
Network 		imagely nextgen_gallery NextGEN Gallery plugin before 1.9.13 for WordPress: ngggallery.php file upload CWE-434
 Unrestricted Upload of File with Dangerous Type  		CVE-2013-3684 2024-11-21 10:54 2020-02-12 Show GitHub Exploit DB Packet Storm
291980 5.4 MEDIUM
Network 		projectpier projectpier ProjectPier 0.8.8 does not use the Secure flag for cookies CWE-79
Cross-site Scripting 		CVE-2013-3637 2024-11-21 10:54 2020-02-8 Show GitHub Exploit DB Packet Storm