Vulnerability Search Top

Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

Vulnerability Information Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":May 18, 2026, 6 p.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
227051	7.5	危険	resalecode	-	Request It の addlink.php における SQL インジェクションの脆弱性	CWE-89 SQLインジェクション	CVE-2009-4691	2012-12-20 19:28	2010-03-10	Show	GitHub Exploit DB Packet Storm

227052	4.3	警告	YourFreeWorld.com	-	YourFreeWorld Programs Rating Script におけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2009-4690	2012-12-20 19:28	2010-03-10	Show	GitHub Exploit DB Packet Storm

227053	7.5	危険	resalecode	-	PHP Shopping Cart Selling Website Script の index.php における SQL インジェクションの脆弱性	CWE-89 SQLインジェクション	CVE-2009-4689	2012-12-20 19:28	2010-03-10	Show	GitHub Exploit DB Packet Storm

227054	4.3	警告	resalecode	-	PHP Shopping Cart Selling Website Script の index.php におけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2009-4688	2012-12-20 19:28	2010-03-10	Show	GitHub Exploit DB Packet Storm

227055	4.3	警告	phplemon	-	phplemon AdQuick の account.php におけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2009-4686	2012-12-20 19:28	2010-03-10	Show	GitHub Exploit DB Packet Storm

227056	4.3	警告	phpscriptsnow	-	PHP Scripts Now Astrology の celebrities.php におけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2009-4685	2012-12-20 19:28	2010-03-10	Show	GitHub Exploit DB Packet Storm

227057	7.5	危険	Scriptsez.net	-	Good/Bad Vote の vote.php におけるディレクトリトラバーサルの脆弱性	CWE-22 パス・トラバーサル	CVE-2009-4683	2012-12-20 19:28	2010-03-10	Show	GitHub Exploit DB Packet Storm

227058	4.3	警告	Scriptsez.net	-	Good/Bad Vote の vote.php におけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2009-4682	2012-12-20 19:28	2010-03-10	Show	GitHub Exploit DB Packet Storm

227059	4.3	警告	php directory source	-	phpDirectorySource の search.php におけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2009-4681	2012-12-20 19:28	2010-03-10	Show	GitHub Exploit DB Packet Storm

227060	7.5	危険	php directory source	-	phpDirectorySource の search.php における SQL インジェクションの脆弱性	CWE-89 SQLインジェクション	CVE-2009-4680	2012-12-20 19:28	2010-03-10	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:May 18, 2026, 4:12 a.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
222011	5.5	MEDIUM Local	microsoft	excel office office_365 office_online_server sharepoint_enterprise_server excel_services	An information disclosure vulnerability exists when Microsoft Excel improperly discloses the contents of its memory, aka 'Microsoft Excel Information Disclosure Vulnerability'.	CWE-200 Information Exposure	CVE-2019-1446	2024-11-21 13:36	2019-11-13	Show	GitHub Exploit DB Packet Storm

222012	5.4	MEDIUM Network	microsoft	office_online_server	A spoofing vulnerability exists when Office Online does not validate origin in cross-origin communications handlers correctly, aka 'Microsoft Office Online Spoofing Vulnerability'. This CVE ID is uni…	CWE-346 Origin Validation Error	CVE-2019-1445	2024-11-21 13:36	2019-11-13	Show	GitHub Exploit DB Packet Storm

222013	5.5	MEDIUM Local	microsoft	sharepoint_server	A security feature bypass vulnerability exists when Microsoft Office does not validate URLs.An attacker could send a victim a specially crafted file, which could trick the victim into entering creden…	CWE-346 Origin Validation Error	CVE-2019-1442	2024-11-21 13:36	2019-11-13	Show	GitHub Exploit DB Packet Storm

222014	6.5	MEDIUM Network	microsoft	sharepoint_foundation sharepoint_enterprise_server sharepoint_server	An information disclosure vulnerability exists in Microsoft SharePoint when an attacker uploads a specially crafted file to the SharePoint Server.An authenticated attacker who successfully exploited …	CWE-434 Unrestricted Upload of File with Dangerous Type	CVE-2019-1443	2024-11-21 13:36	2019-11-13	Show	GitHub Exploit DB Packet Storm

222015	8.8	HIGH Network	microsoft	windows_server_2008 windows_7	A remote code execution vulnerability exists when the Windows font library improperly handles specially crafted embedded fonts, aka 'Win32k Graphics Remote Code Execution Vulnerability'.	CWE-119 Incorrect Access of Indexable Resource ('Range Error')	CVE-2019-1441	2024-11-21 13:36	2019-11-13	Show	GitHub Exploit DB Packet Storm

222016	5.5	MEDIUM Local	microsoft	windows_10 windows_server_2016 windows_server_2019	An information disclosure vulnerability exists when the win32k component improperly provides kernel information, aka 'Win32k Information Disclosure Vulnerability'. This CVE ID is unique from CVE-2019…	CWE-200 Information Exposure	CVE-2019-1440	2024-11-21 13:36	2019-11-13	Show	GitHub Exploit DB Packet Storm

222017	6.5	MEDIUM Network	microsoft	windows_server_2008 windows_server_2012 windows_10 windows_8.1 windows_server_2016 windows_7 windows_rt_8.1 windows_server_2019	An information disclosure vulnerability exists when the Windows GDI component improperly discloses the contents of its memory, aka 'Windows GDI Information Disclosure Vulnerability'.	CWE-200 Information Exposure	CVE-2019-1439	2024-11-21 13:36	2019-11-13	Show	GitHub Exploit DB Packet Storm

222018	7.8	HIGH Local	microsoft	windows_server_2008 windows_server_2012 windows_10 windows_8.1 windows_server_2016 windows_7 windows_rt_8.1 windows_server_2019	An elevation of privilege vulnerability exists when the Windows Graphics Component improperly handles objects in memory, aka 'Windows Graphics Component Elevation of Privilege Vulnerability'. This CV…	NVD-CWE-noinfo	CVE-2019-1438	2024-11-21 13:36	2019-11-13	Show	GitHub Exploit DB Packet Storm

222019	7.8	HIGH Local	microsoft	windows_server_2019 windows_10 windows_server_2016	An elevation of privilege vulnerability exists when the Windows Graphics Component improperly handles objects in memory, aka 'Windows Graphics Component Elevation of Privilege Vulnerability'. This CV…	NVD-CWE-noinfo	CVE-2019-1437	2024-11-21 13:36	2019-11-13	Show	GitHub Exploit DB Packet Storm

222020	5.5	MEDIUM Local	microsoft	windows_10 windows_server_2016 windows_server_2019	An information disclosure vulnerability exists when the win32k component improperly provides kernel information, aka 'Win32k Information Disclosure Vulnerability'. This CVE ID is unique from CVE-2019…	CWE-200 Information Exposure	CVE-2019-1436	2024-11-21 13:36	2019-11-13	Show	GitHub Exploit DB Packet Storm