Vulnerability Search Top
Show Search Menu
|
You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database). |
JVN Vulnerability Information
Update Date":May 9, 2026, 6 p.m.
| No | CVSS | Level Attach Vector |
Vendor Name | Project Name | Title | CWE | CVE | Update Date | Publication Date | Impact Show |
Exploit PoC Search |
|---|---|---|---|---|---|---|---|---|---|---|---|
| 227261 | 7.5 | 危険 | webportal | - | WebPortal CMS の download.php における SQL インジェクションの脆弱性 |
CWE-89
SQLインジェクション |
CVE-2008-4345 | 2012-12-20 18:52 | 2008-09-30 | Show | GitHub Exploit DB Packet Storm |
| 227262 | 6 | 警告 | vacilanda | - | Drupal 用の Brilliant Gallery モジュールにおける SQL インジェクションの脆弱性 |
CWE-89
SQLインジェクション |
CVE-2008-4338 | 2012-12-20 18:52 | 2008-09-30 | Show | GitHub Exploit DB Packet Storm |
| 227263 | 7.5 | 危険 | phpocs | - | phpOCS の library/pagefunctions.inc.php におけるディレクトリトラバーサルの脆弱性 |
CWE-22
パス・トラバーサル |
CVE-2008-4331 | 2012-12-20 18:52 | 2008-09-30 | Show | GitHub Exploit DB Packet Storm |
| 227264 | 5.8 | 警告 | ViewVC | - | ViewVC の lib/viewvc.py におけるブラウザにコンテンツを誤って解釈させる脆弱性 |
CWE-noinfo
情報不足 |
CVE-2008-4325 | 2012-12-20 18:52 | 2008-06-4 | Show | GitHub Exploit DB Packet Storm |
| 227265 | 10 | 危険 | project-observer | - | Observer における任意のコマンドを実行される脆弱性 |
CWE-20
不適切な入力確認 |
CVE-2008-4318 | 2012-12-20 18:52 | 2008-09-29 | Show | GitHub Exploit DB Packet Storm |
| 227266 | 9 | 危険 | phpCollab | - | phpCollab の installation/setup.php における include/settings.php に任意の PHP コードを挿入される脆弱性 |
CWE-94
コード・インジェクション |
CVE-2008-4305 | 2012-12-20 18:52 | 2008-12-23 | Show | GitHub Exploit DB Packet Storm |
| 227267 | 10 | 危険 | phpCollab | - | phpCollab の general/login.php における任意のコマンドを実行される脆弱性 |
CWE-78
OSコマンド・インジェクション |
CVE-2008-4304 | 2012-12-20 18:52 | 2008-12-23 | Show | GitHub Exploit DB Packet Storm |
| 227268 | 6.8 | 警告 | phpCollab | - | phpCollab における SQL インジェクションの脆弱性 |
CWE-89
SQLインジェクション |
CVE-2008-4303 | 2012-12-20 18:52 | 2008-12-23 | Show | GitHub Exploit DB Packet Storm |
| 227269 | 6.5 | 警告 | rianxosencabos cms | - | Rianxosencabos CMS の Admin Control Panel におけるユーザの権限を変更される脆弱性 |
CWE-264
認可・権限・アクセス制御 |
CVE-2008-4245 | 2012-12-20 18:52 | 2008-09-25 | Show | GitHub Exploit DB Packet Storm |
| 227270 | 7.5 | 危険 | webcms | - | webCMS Portal Edition の index.php における SQL インジェクションの脆弱性 |
CWE-89
SQLインジェクション |
CVE-2008-4185 | 2012-12-20 18:52 | 2008-09-23 | Show | GitHub Exploit DB Packet Storm |
NVD Vulnerability Information
Update Date:May 9, 2026, 5:07 a.m.
| No | CVSS | Level Attach Vector |
Vendor Name | Project Name | Title | CWE | CVE | Update Date | Publication Date | Show Affected | Exploit PoC Search |
|---|---|---|---|---|---|---|---|---|---|---|---|
| 222671 | 6.5 |
MEDIUM
Network |
myhtml_project | myhtml | MyHTML through 4.0.5 has a NULL pointer dereference in myhtml_tree_node_remove in tree.c. |
CWE-476
NULL Pointer Dereference |
CVE-2019-16164 | 2024-11-21 13:30 | 2019-09-10 | Show | GitHub Exploit DB Packet Storm |
| 222672 | 7.5 |
HIGH
Network |
oniguruma_project fedoraproject debian canonical |
oniguruma fedora debian_linux ubuntu_linux |
Oniguruma before 6.9.3 allows Stack Exhaustion in regcomp.c because of recursion in regparse.c. |
CWE-674
Uncontrolled Recursion |
CVE-2019-16163 | 2024-11-21 13:30 | 2019-09-10 | Show | GitHub Exploit DB Packet Storm |
| 222673 | 7.5 |
HIGH
Network |
k-takata | onigmo | Onigmo through 6.2.0 has an out-of-bounds read in parse_char_class because of missing codepoint validation in regenc.c. |
CWE-125
Out-of-bounds Read |
CVE-2019-16162 | 2024-11-21 13:30 | 2019-09-10 | Show | GitHub Exploit DB Packet Storm |
| 222674 | 6.5 |
MEDIUM
Network |
sqlite netapp canonical fedoraproject debian tenable oracle mcafee |
sqlite steelstore_cloud_integrated_storage oncommand_workflow_automation oncommand_insight ontap_select_deploy_administration_utility active_iq_unified_manager santricity_unified_ma… |
In SQLite through 3.29.0, whereLoopAddBtreeIndex in sqlite3.c can crash a browser or other application because of missing validation of a sqlite_stat1 sz field, aka a "severe division by zero in the … |
CWE-369
Divide By Zero |
CVE-2019-16168 | 2024-11-21 13:30 | 2019-09-10 | Show | GitHub Exploit DB Packet Storm |
| 222675 | 7.5 |
HIGH
Network |
k-takata | onigmo | Onigmo through 6.2.0 has a NULL pointer dereference in onig_error_code_to_str because of fetch_token in regparse.c. |
CWE-476
NULL Pointer Dereference |
CVE-2019-16161 | 2024-11-21 13:30 | 2019-09-10 | Show | GitHub Exploit DB Packet Storm |
| 222676 | 7.5 |
HIGH
Network |
nic opensuse fedoraproject debian |
bird backports_sle fedora debian_linux |
BIRD Internet Routing Daemon 1.6.x through 1.6.7 and 2.x through 2.0.5 has a stack-based buffer overflow. The BGP daemon's support for RFC 8203 administrative shutdown communication messages included… |
CWE-787
Out-of-bounds Write |
CVE-2019-16159 | 2024-11-21 13:30 | 2019-09-10 | Show | GitHub Exploit DB Packet Storm |
| 222677 | 6.1 |
MEDIUM
Network |
sakailms | sakai | Sakai through 12.6 allows XSS via a chat user name. |
CWE-79
Cross-site Scripting |
CVE-2019-16148 | 2024-11-21 13:30 | 2019-09-9 | Show | GitHub Exploit DB Packet Storm |
| 222678 | 4.8 |
MEDIUM
Network |
getgophish | gophish | Gophish through 0.8.0 allows XSS via a username. |
CWE-79
Cross-site Scripting |
CVE-2019-16146 | 2024-11-21 13:30 | 2019-09-9 | Show | GitHub Exploit DB Packet Storm |
| 222679 | 9.8 |
CRITICAL
Network |
atutor | atutor | In ATutor 2.2.4, an unauthenticated attacker can change the application settings and force it to use his crafted database, which allows him to gain access to the application. Next, he can change the … |
CWE-863
Incorrect Authorization |
CVE-2019-16114 | 2024-11-21 13:30 | 2019-09-9 | Show | GitHub Exploit DB Packet Storm |
| 222680 | 7.5 |
HIGH
Network |
generator-rs_project | generator-rs | An issue was discovered in the generator crate before 0.6.18 for Rust. Uninitialized memory is used by Scope, done, and yield_ during API calls. |
CWE-908
Use of Uninitialized Resource |
CVE-2019-16144 | 2024-11-21 13:30 | 2019-09-9 | Show | GitHub Exploit DB Packet Storm |