Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":May 13, 2026, 10 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
226931 7.5 危険 qsoft-inc - Qsoft K-Rate Premium における SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2008-7097 2012-12-20 19:10 2009-08-27 Show GitHub Exploit DB Packet Storm
226932 5 警告 unica - Unica Affinium Campaign のリスナーサーバにおけるサービス運用妨害 (DoS) の脆弱性 CWE-399
リソース管理の問題 		CVE-2008-7094 2012-12-20 19:10 2009-08-26 Show GitHub Exploit DB Packet Storm
226933 6.8 警告 unica - Unica Affinium Campaign におけるディレクトリトラバーサルの脆弱性 CWE-22
パス・トラバーサル 		CVE-2008-7093 2012-12-20 19:10 2009-08-26 Show GitHub Exploit DB Packet Storm
226934 4.3 警告 unica - Unica Affinium Campaign におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2008-7092 2012-12-20 19:10 2009-08-26 Show GitHub Exploit DB Packet Storm
226935 7.5 危険 Pligg - Pligg における SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2008-7091 2012-12-20 19:10 2009-08-26 Show GitHub Exploit DB Packet Storm
226936 7.8 危険 Pligg - Pligg におけるディレクトリトラバーサルの脆弱性 CWE-22
パス・トラバーサル 		CVE-2008-7090 2012-12-20 19:10 2009-08-26 Show GitHub Exploit DB Packet Storm
226937 4.3 警告 Pligg - Pligg におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2008-7089 2012-12-20 19:10 2009-08-26 Show GitHub Exploit DB Packet Storm
226938 7.5 危険 thehockeystop - TheHockeyStop HockeySTATS Online における SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2008-7085 2012-12-20 19:10 2009-08-26 Show GitHub Exploit DB Packet Storm
226939 7.5 危険 revou - ReVou Micro Blogging Twitter クローンにおける SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2008-7083 2012-12-20 19:10 2009-08-25 Show GitHub Exploit DB Packet Storm
226940 4.3 警告 Simple Machines
phpraider		 - Simple Machines phpRaider の不特定のコンポーネントにおけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2008-7035 2012-12-20 19:10 2009-08-24 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:May 13, 2026, 5:05 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
214041 7.2 HIGH
Network 		miniblog_project miniblog madskristensen MiniBlog through 2018-05-18 allows remote attackers to execute arbitrary ASPX code via an IMG element with a data: URL, because SaveFilesToDisk in app_code/handlers/PostHandler.cs writ… CWE-434
 Unrestricted Upload of File with Dangerous Type  		CVE-2019-9842 2024-11-21 13:52 2019-06-15 Show GitHub Exploit DB Packet Storm
214042 7.8 HIGH
Local 		dahuasecurity ipc-hfw1xxx_firmware
ipc-hdw1xxx_firmware
ipc-hfw2xxx_firmware 		Buffer overflow vulnerability found in some Dahua IP Camera devices IPC-HFW1XXX,IPC-HDW1XXX,IPC-HFW2XXX Build before 2018/11. The vulnerability exits in the function of redirection display for serial… CWE-119
Incorrect Access of Indexable Resource ('Range Error')  		CVE-2019-9676 2024-11-21 13:52 2019-06-13 Show GitHub Exploit DB Packet Storm
214043 5.3 MEDIUM
Network 		wpengine wpgraphql The createComment mutation in the WPGraphQL 0.2.3 plugin for WordPress allows unauthenticated users to post comments on any article, even when 'allow comment' is disabled. CWE-306
Missing Authentication for Critical Function 		CVE-2019-9881 2024-11-21 13:52 2019-06-11 Show GitHub Exploit DB Packet Storm
214044 9.1 CRITICAL
Network 		wpengine wpgraphql An issue was discovered in the WPGraphQL 0.2.3 plugin for WordPress. By querying the 'users' RootQuery, it is possible, for an unauthenticated attacker, to retrieve all WordPress users details such a… CWE-306
Missing Authentication for Critical Function 		CVE-2019-9880 2024-11-21 13:52 2019-06-11 Show GitHub Exploit DB Packet Storm
214045 9.8 CRITICAL
Network 		wpengine wpgraphql The WPGraphQL 0.2.3 plugin for WordPress allows remote attackers to register a new user with admin privileges, whenever new user registrations are allowed. This is related to the registerUser mutatio… CWE-306
Missing Authentication for Critical Function 		CVE-2019-9879 2024-11-21 13:52 2019-06-11 Show GitHub Exploit DB Packet Storm
214046 8.8 HIGH
Network 		northern cfengine Northern.tech CFEngine Enterprise 3.12.1 has Insecure Permissions. CWE-532
 Inclusion of Sensitive Information in Log Files 		CVE-2019-9929 2024-11-21 13:52 2019-06-7 Show GitHub Exploit DB Packet Storm
214047 9.8 CRITICAL
Network 		pydio pydio An issue was discovered in proxy.php in pydio-core in Pydio through 8.2.2. Through an unauthenticated request, it possible to evaluate malicious PHP code by placing it on the fourth line of a .php fi… CWE-22
CWE-434
Path Traversal
 Unrestricted Upload of File with Dangerous Type  		CVE-2019-9642 2024-11-21 13:52 2019-06-6 Show GitHub Exploit DB Packet Storm
214048 8.8 HIGH
Local 		synaptics sound_device Incorrect access control in the CxUtilSvc component of the Synaptics Sound Device drivers prior to version 2.29 allows a local attacker to increase access privileges to the Windows Registry via an un… NVD-CWE-noinfo
CVE-2019-9730 2024-11-21 13:52 2019-06-6 Show GitHub Exploit DB Packet Storm
214049 8.8 HIGH
Network 		freenetproject freenet Freenet 1483 has a MIME type bypass that allows arbitrary JavaScript execution via a crafted Freenet URI. CWE-19
 Data Processing Errors 		CVE-2019-9673 2024-11-21 13:52 2019-06-6 Show GitHub Exploit DB Packet Storm
214050 6.1 MEDIUM
Network 		gilacms gila_cms Gila CMS 1.9.1 has XSS. CWE-79
Cross-site Scripting 		CVE-2019-9647 2024-11-21 13:52 2019-06-6 Show GitHub Exploit DB Packet Storm