Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":May 14, 2026, 10 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
226861 7.5 危険 YABSoft - YABSoft Mega File Hosting の cross.php における PHP リモートファイルインクルージョンの脆弱性 CWE-94
コード・インジェクション 		CVE-2009-0966 2012-12-20 19:10 2009-03-19 Show GitHub Exploit DB Packet Storm
226862 5 警告 xlinesoft - PHPRunner の UserView_list.php における権限を取得される脆弱性 CWE-255
証明書・パスワード管理 		CVE-2009-0964 2012-12-20 19:10 2009-03-19 Show GitHub Exploit DB Packet Storm
226863 7.5 危険 xlinesoft - PHPRunner における SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2009-0963 2012-12-20 19:10 2009-03-19 Show GitHub Exploit DB Packet Storm
226864 10 危険 The Tor Project - Tor における脆弱性 CWE-noinfo
情報不足 		CVE-2009-0939 2012-12-20 19:10 2009-03-17 Show GitHub Exploit DB Packet Storm
226865 5 警告 The Tor Project - Tor におけるサービス運用妨害 (DoS) の脆弱性 CWE-noinfo
情報不足 		CVE-2009-0938 2012-12-20 19:10 2009-03-17 Show GitHub Exploit DB Packet Storm
226866 5 警告 The Tor Project - Tor におけるサービス運用妨害 (DoS) の脆弱性 CWE-noinfo
情報不足 		CVE-2009-0937 2012-12-20 19:10 2009-03-17 Show GitHub Exploit DB Packet Storm
226867 5 警告 The Tor Project - Tor におけるサービス運用妨害 (DoS) の脆弱性 CWE-noinfo
情報不足 		CVE-2009-0936 2012-12-20 19:10 2009-03-17 Show GitHub Exploit DB Packet Storm
226868 4.3 警告 ProcessOne - ejabberd におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2009-0934 2012-12-20 19:10 2009-03-17 Show GitHub Exploit DB Packet Storm
226869 7.5 危険 roman bogorodskiy - nForum における SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2009-0882 2012-12-20 19:10 2009-03-12 Show GitHub Exploit DB Packet Storm
226870 5 警告 wesnoth - Wesnoth の src/terrain_translation.cpp におけるサービス運用妨害 (DoS) の脆弱性 CWE-399
リソース管理の問題 		CVE-2009-0878 2012-12-20 19:10 2009-03-12 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:May 14, 2026, 4 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
222701 7.7 HIGH
Network 		video_converter_project video_converter The Video_Converter app 0.1.0 for Nextcloud allows denial of service (CPU and memory consumption) via multiple concurrent conversions because many FFmpeg processes may be running at once. (The worklo… CWE-772
 Missing Release of Resource after Effective Lifetime 		CVE-2019-18214 2024-11-21 13:32 2019-10-19 Show GitHub Exploit DB Packet Storm
222702 6.1 MEDIUM
Network 		etherpad etherpad templates/pad.html in Etherpad-Lite 1.7.5 has XSS when the browser does not encode the path of the URL, as demonstrated by Internet Explorer. CWE-79
Cross-site Scripting 		CVE-2019-18209 2024-11-21 13:32 2019-10-19 Show GitHub Exploit DB Packet Storm
222703 5.3 MEDIUM
Network 		wago pfc_firmware Information Disclosure is possible on WAGO Series PFC100 and PFC200 devices before FW12 due to improper access control. A remote attacker can check for the existence of paths and file names via craft… NVD-CWE-noinfo
CVE-2019-18202 2024-11-21 13:32 2019-10-19 Show GitHub Exploit DB Packet Storm
222704 7.8 HIGH
Local 		linux
canonical 		linux_kernel
ubuntu_linux 		In the Linux kernel before 5.3.4, a reference count usage error in the fib6_rule_suppress() function in the fib6 suppression feature of net/ipv6/fib6_rules.c, when handling the FIB_LOOKUP_NOREF flag,… CWE-772
 Missing Release of Resource after Effective Lifetime 		CVE-2019-18198 2024-11-21 13:32 2019-10-19 Show GitHub Exploit DB Packet Storm
222705 7.5 HIGH
Network 		xmlsoft
debian
canonical 		libxslt
debian_linux
ubuntu_linux 		In xsltCopyText in transform.c in libxslt 1.1.33, a pointer variable isn't reset under certain circumstances. If the relevant memory area happened to be freed and reused in a certain way, a bounds ch… CWE-416
CWE-908
 Use After Free
 Use of Uninitialized Resource 		CVE-2019-18197 2024-11-21 13:32 2019-10-19 Show GitHub Exploit DB Packet Storm
222706 9.8 CRITICAL
Network 		sagemath sagemathcell An issue was discovered in SageMath Sage Cell Server through 2019-10-05. Python Code Injection can occur in the context of an internet facing web application. Malicious actors can execute arbitrary c… CWE-94
CWE-78
Code Injection
OS Command  		CVE-2019-17526 2024-11-21 13:32 2019-10-19 Show GitHub Exploit DB Packet Storm
222707 9.8 CRITICAL
Network 		tomedo server The Customer's Tomedo Server in Version 1.7.3 communicates to the Vendor Tomedo Server via HTTP (in cleartext) that can be sniffed by unauthorized actors. Basic authentication is used for the authent… CWE-319
CWE-522
Cleartext Transmission of Sensitive Information
 Insufficiently Protected Credentials 		CVE-2019-17393 2024-11-21 13:32 2019-10-19 Show GitHub Exploit DB Packet Storm
222708 8.8 HIGH
Network 		openwrt openwrt OpenWRT firmware version 18.06.4 is vulnerable to CSRF via wireless/radio0.network1, wireless/radio1.network1, firewall, firewall/zones, firewall/forwards, firewall/rules, network/wan, network/wan6, … CWE-352
 Origin Validation Error 		CVE-2019-17367 2024-11-21 13:32 2019-10-19 Show GitHub Exploit DB Packet Storm
222709 7.5 HIGH
Network 		ratpack_project ratpack An issue was discovered in Ratpack before 1.7.5. Due to a misuse of the Netty library class DefaultHttpHeaders, there is no validation that headers lack HTTP control characters. Thus, if untrusted da… CWE-74
Injection 		CVE-2019-17513 2024-11-21 13:32 2019-10-18 Show GitHub Exploit DB Packet Storm
222710 7.8 HIGH
Local 		gnu guix GNU Guix 1.0.1 allows local users to gain access to an arbitrary user's account because the parent directory of the user-profile directories is world writable, a similar issue to CVE-2019-17365. CWE-732
 Incorrect Permission Assignment for Critical Resource 		CVE-2019-18192 2024-11-21 13:32 2019-10-18 Show GitHub Exploit DB Packet Storm