Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":May 12, 2026, 4:01 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
227031 7.5 危険 phpexplorer - phPhotoGallery の index.php における SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2008-6802 2012-12-20 19:10 2009-05-7 Show GitHub Exploit DB Packet Storm
227032 4.4 警告 vivvo - Vivvo CMS におけるクロスサイトリクエストフォージェリの脆弱性 CWE-352
同一生成元ポリシー違反 		CVE-2008-6801 2012-12-20 19:10 2009-05-7 Show GitHub Exploit DB Packet Storm
227033 7.5 危険 tufat - FlashChat の connection.php におけるロールフィルタメカニズムを回避される脆弱性 CWE-264
認可・権限・アクセス制御 		CVE-2008-6799 2012-12-20 19:10 2009-05-7 Show GitHub Exploit DB Packet Storm
227034 7.5 危険 PreProject.com - Pre Projects Pre Real Estate Listings の login.php における SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2008-6798 2012-12-20 19:10 2009-05-7 Show GitHub Exploit DB Packet Storm
227035 7.5 危険 PreProject.com - Pre Projects Pre Real Estate Listings の manager/login.php における SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2008-6796 2012-12-20 19:10 2009-05-7 Show GitHub Exploit DB Packet Storm
227036 7.5 危険 sfs ez pub - SFS EZ Pub Site の directory.php における SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2008-6794 2012-12-20 19:10 2009-05-7 Show GitHub Exploit DB Packet Storm
227037 7.5 危険 scripts-for-sites - SFS EZ Adult Directory の directory.php における SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2008-6784 2012-12-20 19:10 2009-05-1 Show GitHub Exploit DB Packet Storm
227038 7.5 危険 scripts-for-sites - SFS EZ Home Business Directory の directory.php における SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2008-6783 2012-12-20 19:10 2009-05-1 Show GitHub Exploit DB Packet Storm
227039 7.5 危険 scripts-for-sites - SFS EZ Hosting Directory の directory.php における SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2008-6782 2012-12-20 19:10 2009-05-1 Show GitHub Exploit DB Packet Storm
227040 7.5 危険 scripts-for-sites - SFS Gaming Directory の directory.php における SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2008-6781 2012-12-20 19:10 2009-05-1 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:May 12, 2026, 5:06 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
223821 6.1 MEDIUM
Network 		laracom laracom laracom (aka Laravel FREE E-Commerce Software) 1.4.11 has search?q= XSS. CWE-79
Cross-site Scripting 		CVE-2019-15489 2024-11-21 13:28 2019-08-26 Show GitHub Exploit DB Packet Storm
223822 6.1 MEDIUM
Network 		status_board_project status_board Status Board 1.1.81 has reflected XSS via logic.ts. CWE-79
Cross-site Scripting 		CVE-2019-15478 2024-11-21 13:28 2019-08-26 Show GitHub Exploit DB Packet Storm
223823 7.8 HIGH
Local 		cdemu libmirage filters/filter-cso/filter-stream.c in the CSO filter in libMirage 3.2.2 in CDemu does not validate the part size, triggering a heap-based buffer overflow that can lead to root access by a local Linux… CWE-787
 Out-of-bounds Write 		CVE-2019-15540 2024-11-21 13:28 2019-08-26 Show GitHub Exploit DB Packet Storm
223824 7.5 HIGH
Network 		linux
canonical
netapp
opensuse
debian
fedoraproject 		linux_kernel
ubuntu_linux
data_availability_services
solidfire
hci_management_node
aff_a700s_firmware
h300s_firmware
h500s_firmware
h700s_firmware
h300e_firmware
h500e_f… 		An issue was discovered in xfs_setattr_nonsize in fs/xfs/xfs_iops.c in the Linux kernel through 5.2.9. XFS partially wedges when a chgrp fails on account of being out of disk quota. xfs_setattr_nonsi… CWE-400
 Uncontrolled Resource Consumption 		CVE-2019-15538 2024-11-21 13:28 2019-08-26 Show GitHub Exploit DB Packet Storm
223825 7.3 HIGH
Local 		webtoffee import_export_wordpress_users The webtoffee "WordPress Users & WooCommerce Customers Import Export" plugin 1.3.0 for WordPress allows CSV injection in the user_url, display_name, first_name, and last_name columns in an exported C… CWE-1236
 Improper Neutralization of Formula Elements in a CSV File 		CVE-2019-15092 2024-11-21 13:28 2019-08-24 Show GitHub Exploit DB Packet Storm
223826 9.8 CRITICAL
Network 		cesnet proxystatistics The proxystatistics module before 3.1.0 for SimpleSAMLphp allows SQL Injection in lib/Auth/Process/DatabaseCommand.php. CWE-89
SQL Injection 		CVE-2019-15537 2024-11-21 13:28 2019-08-24 Show GitHub Exploit DB Packet Storm
223827 9.8 CRITICAL
Network 		youracclaim acclaim The Acclaim block plugin before 2019-06-26 for Moodle allows SQL Injection via delete_records. CWE-89
SQL Injection 		CVE-2019-15536 2024-11-21 13:28 2019-08-24 Show GitHub Exploit DB Packet Storm
223828 9.8 CRITICAL
Network 		hostosm tasking_manager Tasking Manager before 3.4.0 allows SQL Injection via custom SQL. CWE-89
SQL Injection 		CVE-2019-15535 2024-11-21 13:28 2019-08-24 Show GitHub Exploit DB Packet Storm
223829 6.5 MEDIUM
Network 		gnu
debian
fedoraproject 		libextractor
debian_linux
fedora 		GNU Libextractor through 1.9 has a heap-based buffer over-read in the function EXTRACTOR_dvi_extract_method in plugins/dvi_extractor.c. CWE-125
Out-of-bounds Read 		CVE-2019-15531 2024-11-21 13:28 2019-08-24 Show GitHub Exploit DB Packet Storm
223830 8.8 HIGH
Network 		dlink dir-823g_firmware An issue was discovered on D-Link DIR-823G devices with firmware V1.0.2B05. There is a command injection in HNAP1 (exploitable with Authentication) via shell metacharacters in the LoginPassword field… CWE-78
OS Command  		CVE-2019-15530 2024-11-21 13:28 2019-08-24 Show GitHub Exploit DB Packet Storm