Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":May 14, 2026, 6:01 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
226991 5 警告 webfileexplorer - Web File Explorer におけるデータベースをダウンロードされる脆弱性 CWE-264
認可・権限・アクセス制御 		CVE-2009-1495 2012-12-20 19:10 2009-05-1 Show GitHub Exploit DB Packet Storm
226992 5 警告 Sendmail Consortium - Sendmail におけるヒープベースのバッファオーバーフローの脆弱性 CWE-119
バッファエラー 		CVE-2009-1490 2012-12-20 19:10 2009-05-5 Show GitHub Exploit DB Packet Storm
226993 7.5 危険 rens rikkerink - Fungamez の includes/user.php における認証を回避される脆弱性 CWE-287
不適切な認証 		CVE-2009-1489 2012-12-20 19:10 2009-04-29 Show GitHub Exploit DB Packet Storm
226994 6.8 警告 rens rikkerink - FunGamez の admin/load.php におけるディレクトリトラバーサルの脆弱性 CWE-22
パス・トラバーサル 		CVE-2009-1488 2012-12-20 19:10 2009-04-29 Show GitHub Exploit DB Packet Storm
226995 7.5 危険 rens rikkerink - FunGamez の pages/login.php における SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2009-1487 2012-12-20 19:10 2009-04-29 Show GitHub Exploit DB Packet Storm
226996 6.8 警告 studiolounge - index2.php から到達可能な Adam Patterson Studio Lounge Address Book における任意のコードを実行される脆弱性 CWE-Other
その他 		CVE-2009-1483 2012-12-20 19:10 2009-04-29 Show GitHub Exploit DB Packet Storm
226997 7.5 危険 pjhome - PJBlog3 の action.asp における SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2009-1481 2012-12-20 19:10 2009-04-29 Show GitHub Exploit DB Packet Storm
226998 7.5 危険 Pragyan CMS Project - index.php Pragyan CMS における SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2009-1480 2012-12-20 19:10 2009-04-29 Show GitHub Exploit DB Packet Storm
226999 7.5 危険 razorCMS - razorCMS における任意のページへ任意の PHP コードを挿入される脆弱性 CWE-94
コード・インジェクション 		CVE-2009-1463 2012-12-20 19:10 2009-04-20 Show GitHub Exploit DB Packet Storm
227000 7.2 危険 razorCMS - razorCMS の Security Manager における脆弱性 CWE-264
認可・権限・アクセス制御 		CVE-2009-1462 2012-12-20 19:10 2009-04-20 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:May 15, 2026, 4:28 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
224221 7.8 HIGH
Local 		gnucobol_project gnucobol GnuCOBOL 2.2 has a stack-based buffer overflow in the cb_name() function in cobc/tree.c via crafted COBOL source code. CWE-787
 Out-of-bounds Write 		CVE-2019-16395 2024-11-21 13:30 2019-09-18 Show GitHub Exploit DB Packet Storm
224222 5.3 MEDIUM
Network 		spip
debian
canonical 		spip
debian_linux
ubuntu_linux 		SPIP before 3.1.11 and 3.2 before 3.2.5 provides different error messages from the password-reminder page depending on whether an e-mail address exists, which might help attackers to enumerate subscr… CWE-203
 Information Exposure Through Discrepancy 		CVE-2019-16394 2024-11-21 13:30 2019-09-18 Show GitHub Exploit DB Packet Storm
224223 6.1 MEDIUM
Network 		spip
debian
canonical 		spip
debian_linux
ubuntu_linux 		SPIP before 3.1.11 and 3.2 before 3.2.5 mishandles redirect URLs in ecrire/inc/headers.php with a %0D, %0A, or %20 character. CWE-601
Open Redirect 		CVE-2019-16393 2024-11-21 13:30 2019-09-18 Show GitHub Exploit DB Packet Storm
224224 6.1 MEDIUM
Network 		spip
debian
canonical 		spip
debian_linux
ubuntu_linux 		SPIP before 3.1.11 and 3.2 before 3.2.5 allows prive/formulaires/login.php XSS via error messages. CWE-79
Cross-site Scripting 		CVE-2019-16392 2024-11-21 13:30 2019-09-18 Show GitHub Exploit DB Packet Storm
224225 6.5 MEDIUM
Network 		spip
debian
canonical 		spip
debian_linux
ubuntu_linux 		SPIP before 3.1.11 and 3.2 before 3.2.5 allows authenticated visitors to modify any published content and execute other modifications in the database. This is related to ecrire/inc/meta.php and ecrir… NVD-CWE-noinfo
CVE-2019-16391 2024-11-21 13:30 2019-09-18 Show GitHub Exploit DB Packet Storm
224226 9.8 CRITICAL
Network 		eq-3 homematic_ccu2_firmware
homematic_ccu3_firmware 		eQ-3 Homematic CCU2 before 2.47.18 and CCU3 before 3.47.18 allow Remote Code Execution by unauthenticated attackers with access to the web interface via an HTTP POST request to certain URLs related t… CWE-306
Missing Authentication for Critical Function 		CVE-2019-16199 2024-11-21 13:30 2019-09-18 Show GitHub Exploit DB Packet Storm
224227 9.8 CRITICAL
Network 		trusteddomain
debian
fedoraproject
canonical 		opendmarc
debian_linux
fedora
ubuntu_linux 		OpenDMARC through 1.3.2 and 1.4.x through 1.4.0-Beta1 is prone to a signature-bypass vulnerability with multiple From: addresses, which might affect applications that consider a domain name to be rel… CWE-290
 Authentication Bypass by Spoofing 		CVE-2019-16378 2024-11-21 13:30 2019-09-17 Show GitHub Exploit DB Packet Storm
224228 9.8 CRITICAL
Network 		infradead
fedoraproject
debian
canonical
opensuse 		openconnect
fedora
debian_linux
ubuntu_linux
leap 		process_http_response in OpenConnect before 8.05 has a Buffer Overflow when a malicious server uses HTTP chunked encoding with crafted chunk sizes. CWE-120
Classic Buffer Overflow 		CVE-2019-16239 2024-11-21 13:30 2019-09-17 Show GitHub Exploit DB Packet Storm
224229 8.2 HIGH
Network 		logmein lastpass LogMeIn LastPass before 4.33.0 allows attackers to construct a crafted web site that captures the credentials for a victim's account on a previously visited web site, because do_popupregister can be … CWE-1021
 Improper Restriction of Rendered UI Layers or Frames 		CVE-2019-16371 2024-11-21 13:30 2019-09-17 Show GitHub Exploit DB Packet Storm
224230 5.9 MEDIUM
Network 		gradle gradle The PGP signing plugin in Gradle before 6.0 relies on the SHA-1 algorithm, which might allow an attacker to replace an artifact with a different one that has the same SHA-1 message digest, a related … CWE-327
 Use of a Broken or Risky Cryptographic Algorithm 		CVE-2019-16370 2024-11-21 13:30 2019-09-17 Show GitHub Exploit DB Packet Storm