Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":April 30, 2026, 6 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
227181 7.5 危険 webportal - WebPortal CMS の actions.php における任意のアカウントへのアクセス権を取得される脆弱性 CWE-255
証明書・パスワード管理 		CVE-2008-0141 2012-12-20 18:34 2008-01-8 Show GitHub Exploit DB Packet Storm
227182 6.4 警告 uebimiau - Uebimiau Webmail の error.php におけるディレクトリトラバーサルの脆弱性 CWE-22
パス・トラバーサル 		CVE-2008-0140 2012-12-20 18:34 2008-01-8 Show GitHub Exploit DB Packet Storm
227183 7.5 危険 snetworks - SNETWORKS PHP CLASSIFIEDS の config.inc.php における PHP リモートファイルインクルージョンの脆弱性 CWE-89
SQLインジェクション 		CVE-2008-0137 2012-12-20 18:34 2008-01-8 Show GitHub Exploit DB Packet Storm
227184 5 警告 snitz forums 2000 - Snitz Forums 2000 における重要な情報を取得される脆弱性 CWE-200
情報漏えい 		CVE-2008-0136 2012-12-20 18:34 2008-01-8 Show GitHub Exploit DB Packet Storm
227185 5 警告 snitz forums 2000 - Snitz Forums 2000 におけるデータベースをダウンロードされる脆弱性 CWE-264
認可・権限・アクセス制御 		CVE-2008-0135 2012-12-20 18:34 2008-01-8 Show GitHub Exploit DB Packet Storm
227186 4.3 警告 snitz forums 2000 - Snitz Forums 2000 の Forums/setup.asp におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2008-0134 2012-12-20 18:34 2008-01-8 Show GitHub Exploit DB Packet Storm
227187 7.5 危険 thomas perez - Tribisur における SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2008-0133 2012-12-20 18:34 2008-01-8 Show GitHub Exploit DB Packet Storm
227188 5 警告 pragma systems - Pragma FortressSSH におけるサービス運用妨害 (DoS) の脆弱性 CWE-399
リソース管理の問題 		CVE-2008-0132 2012-12-20 18:34 2008-01-8 Show GitHub Exploit DB Packet Storm
227189 6.8 警告 siteatschool - Site@School の starnet/addons/slideshow_full.php における SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2008-0129 2012-12-20 18:34 2008-01-8 Show GitHub Exploit DB Packet Storm
227190 4.3 警告 php-stats - Michael Wagner phpstats の phpstats.php におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2008-0125 2012-12-20 18:34 2008-03-24 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:May 1, 2026, 4:54 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
211701 6.5 MEDIUM
Network 		mailvelope mailvelope Mailvelope prior to 3.3.0 allows private key operations without user interaction via its client-API. By modifying an URL parameter in Mailvelope, an attacker is able to sign (and encrypt) arbitrary m… CWE-347
CWE-863
 Improper Verification of Cryptographic Signature
 Incorrect Authorization 		CVE-2019-9149 2024-11-21 13:51 2019-07-10 Show GitHub Exploit DB Packet Storm
211702 4.3 MEDIUM
Network 		mailvelope mailvelope Mailvelope prior to 3.3.0 accepts or operates with invalid PGP public keys: Mailvelope allows importing keys that contain users without a valid self-certification. Keys that are obviously invalid are… CWE-295
Improper Certificate Validation  		CVE-2019-9148 2024-11-21 13:51 2019-07-10 Show GitHub Exploit DB Packet Storm
211703 4.3 MEDIUM
Network 		mailvelope mailvelope Mailvelope prior to 3.1.0 is vulnerable to a clickjacking attack against the settings page. As the settings page is intended to be accessible from web applications, the browser's extension isolation … CWE-1021
 Improper Restriction of Rendered UI Layers or Frames 		CVE-2019-9147 2024-11-21 13:51 2019-07-10 Show GitHub Exploit DB Packet Storm
211704 9.8 CRITICAL
Network 		jetbrains intellij_idea In several JetBrains IntelliJ IDEA versions, a Spring Boot run configuration with the default setting allowed remote attackers to execute code when the configuration is running, because a JMX server … CWE-668
 Exposure of Resource to Wrong Sphere 		CVE-2019-9186 2024-11-21 13:51 2019-07-4 Show GitHub Exploit DB Packet Storm
211705 5.7 MEDIUM
Adjacent 		gemalto ezio_ds3_server Gemalto DS3 Authentication Server 2.6.1-SP01 has Broken Access Control. CWE-294
Authentication Bypass by Capture-replay  		CVE-2019-9158 2024-11-21 13:51 2019-06-6 Show GitHub Exploit DB Packet Storm
211706 5.7 MEDIUM
Adjacent 		gemalto ezio_ds3_server Gemalto DS3 Authentication Server 2.6.1-SP01 allows Local File Disclosure. CWE-22
Path Traversal 		CVE-2019-9157 2024-11-21 13:51 2019-06-6 Show GitHub Exploit DB Packet Storm
211707 8.0 HIGH
Adjacent 		gemalto ezio_ds3_server Gemalto DS3 Authentication Server 2.6.1-SP01 allows OS Command Injection. CWE-78
OS Command  		CVE-2019-9156 2024-11-21 13:51 2019-06-6 Show GitHub Exploit DB Packet Storm
211708 8.8 HIGH
Network 		primasystems flexair Prima Systems FlexAir, Versions 2.4.9api3 and prior. The application allows the upload of arbitrary Python scripts when configuring the main central controller. These scripts can be immediately execu… CWE-434
 Unrestricted Upload of File with Dangerous Type  		CVE-2019-9189 2024-11-21 13:51 2019-06-6 Show GitHub Exploit DB Packet Storm
211709 7.5 HIGH
Network 		ikiwiki ikiwiki ikiwiki before 3.20170111.1 and 3.2018x and 3.2019x before 3.20190228 allows SSRF via the aggregate plugin. The impact also includes reading local files via file: URIs. CWE-918
Server-Side Request Forgery (SSRF)  		CVE-2019-9187 2024-11-21 13:51 2019-06-6 Show GitHub Exploit DB Packet Storm
211710 10.0 CRITICAL
Network 		citrix application_delivery_management Citrix Application Delivery Management (ADM) 12.1.x before 12.1.50.33 has Incorrect Access Control. NVD-CWE-noinfo
CVE-2019-9548 2024-11-21 13:51 2019-06-6 Show GitHub Exploit DB Packet Storm