Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":May 6, 2026, 6 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
227231 7.5 危険 Smarty - S9Y などの製品で使用される Smarty における任意の PHP 関数を呼び出される脆弱性 CWE-20
不適切な入力確認 		CVE-2008-1066 2012-12-20 18:34 2008-02-28 Show GitHub Exploit DB Packet Storm
227232 4.3 警告 WordPress.org - WordPress 用の Sniplets プラグインにおけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2008-1061 2012-12-20 18:34 2008-02-28 Show GitHub Exploit DB Packet Storm
227233 7.5 危険 WordPress.org - WordPress 用の Sniplets プラグインにおける任意の PHP コードを実行される脆弱性 CWE-94
コード・インジェクション 		CVE-2008-1060 2012-12-20 18:34 2008-02-28 Show GitHub Exploit DB Packet Storm
227234 7.5 危険 WordPress.org - WordPress 用の Sniplets プラグインにおける PHP リモートファイルインクルージョンの脆弱性 CWE-94
コード・インジェクション 		CVE-2008-1059 2012-12-20 18:34 2008-02-28 Show GitHub Exploit DB Packet Storm
227235 6.9 警告 symark - Symark PowerBroker におけるスタックベースのバッファオーバーフローの脆弱性 CWE-119
バッファエラー 		CVE-2008-1056 2012-12-20 18:34 2008-02-28 Show GitHub Exploit DB Packet Storm
227236 7.5 危険 PHPNUKE - PHP-Nuke 用の Kose_Yazilari モジュールにおける SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2008-1053 2012-12-20 18:34 2008-02-27 Show GitHub Exploit DB Packet Storm
227237 6.8 警告 phpprofiles - phpProfiles の include/body_comm.inc.php における PHP リモートファイルインクルージョンの脆弱性 CWE-94
コード・インジェクション 		CVE-2008-1051 2012-12-20 18:34 2008-02-27 Show GitHub Exploit DB Packet Storm
227238 7.5 危険 softbiz - Softbiz Jokes & Funny Pics Script の index.php における SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2008-1050 2012-12-20 18:34 2008-02-27 Show GitHub Exploit DB Packet Storm
227239 10 危険 positive software - Parallels H-Sphere で使用される Parallels SiteStudio における脆弱性 CWE-noinfo
情報不足 		CVE-2008-1049 2012-12-20 18:34 2008-02-26 Show GitHub Exploit DB Packet Storm
227240 4.3 警告 Plume CMS - Plume CMS の manager/xmedia.php におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2008-1048 2012-12-20 18:34 2008-02-27 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:May 7, 2026, 4:22 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
223041 9.8 CRITICAL
Network 		gitlab gitlab An issue was discovered in GitLab Community and Enterprise Edition 12.0 through 12.1.4. It uses Hard-coded Credentials. CWE-798
 Use of Hard-coded Credentials 		CVE-2019-14943 2024-11-21 13:27 2019-08-29 Show GitHub Exploit DB Packet Storm
223042 4.7 MEDIUM
Local 		comodo antivirus A use-after-free flaw in the sandbox container implemented in cmdguard.sys in Comodo Antivirus 12.0.0.6870 can be triggered due to a race condition when handling IRP_MJ_CLEANUP requests in the minifi… CWE-362
CWE-416
Race Condition
 Use After Free 		CVE-2019-14694 2024-11-21 13:27 2019-08-29 Show GitHub Exploit DB Packet Storm
223043 6.5 MEDIUM
Network 		mikrotik routeros MikroTik RouterOS through 6.44.5 and 6.45.x through 6.45.3 improperly handles the disk name, which allows authenticated users to delete arbitrary files. Attackers can exploit this vulnerability to re… CWE-22
Path Traversal 		CVE-2019-15055 2024-11-21 13:27 2019-08-27 Show GitHub Exploit DB Packet Storm
223044 4.3 MEDIUM
Network 		atlassian universal_plugin_manager The Uninstall REST endpoint in Atlassian Universal Plugin Manager before version 2.22.19, from version 3.0.0 before version 3.0.3 and from version 4.0.0 before version 4.0.3 allows remote attackers t… CWE-352
 Origin Validation Error 		CVE-2019-14999 2024-11-21 13:27 2019-08-23 Show GitHub Exploit DB Packet Storm
223045 8.8 HIGH
Network 		tp-link tl-wr840n_firmware The traceroute function on the TP-Link TL-WR840N v4 router with firmware through 0.9.1 3.16 is vulnerable to remote code execution via a crafted payload in an IP address input field. CWE-78
OS Command  		CVE-2019-15060 2024-11-21 13:27 2019-08-23 Show GitHub Exploit DB Packet Storm
223046 7.5 HIGH
Network 		nltk nltk NLTK Downloader before 3.4.5 is vulnerable to a directory traversal, allowing attackers to write arbitrary files via a ../ (dot dot slash) in an NLTK package (ZIP archive) that is mishandled during e… CWE-22
Path Traversal 		CVE-2019-14751 2024-11-21 13:27 2019-08-23 Show GitHub Exploit DB Packet Storm
223047 7.8 HIGH
Local 		trendmicro antivirus_\+_security_2019
internet_security_2019
maximum_security_2019
premium_security_2019
ransom_buster 		A DLL hijacking vulnerability exists in the Trend Micro Security's 2019 consumer family of products (v15) Folder Shield component and the standalone Trend Micro Ransom Buster (1.0) tool in which, if … CWE-427
 Uncontrolled Search Path Element 		CVE-2019-14686 2024-11-21 13:27 2019-08-22 Show GitHub Exploit DB Packet Storm
223048 7.8 HIGH
Local 		trendmicro antivirus_\+_security_2019
internet_security_2019
maximum_security_2019
premium_security_2019 		A local privilege escalation vulnerability exists in Trend Micro Security 2019 (v15.0) in which, if exploited, would allow an attacker to manipulate a specific product feature to load a malicious ser… CWE-428
 Unquoted Search Path or Element 		CVE-2019-14685 2024-11-21 13:27 2019-08-22 Show GitHub Exploit DB Packet Storm
223049 5.3 MEDIUM
Network 		zohocorp manageengine_servicedesk_plus AjaxDomainServlet in Zoho ManageEngine ServiceDesk Plus 10 allows User Enumeration. NOTE: the vendor's position is that this is intended functionality CWE-200
Information Exposure 		CVE-2019-15045 2024-11-21 13:27 2019-08-22 Show GitHub Exploit DB Packet Storm
223050 7.8 HIGH
Local 		trendmicro password_manager A DLL hijacking vulnerability exists in Trend Micro Password Manager 5.0 in which, if exploited, would allow an attacker to load an arbitrary unsigned DLL into the signed service's process. This proc… CWE-427
 Uncontrolled Search Path Element 		CVE-2019-14687 2024-11-21 13:27 2019-08-20 Show GitHub Exploit DB Packet Storm