Vulnerability Search Top

Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

Vulnerability Information Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":May 6, 2026, 10 a.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
227271	6.4	警告	statcountex	-	StatCounteX における重要な情報を取得される脆弱性	CWE-264 認可・権限・アクセス制御	CVE-2008-0843	2012-12-20 18:34	2008-02-20	Show	GitHub Exploit DB Packet Storm

227272	4.4	警告	publicwarehouse	-	Public Warehouse LightBlog の view_member.php におけるディレクトリトラバーサルの脆弱性	CWE-22 パス・トラバーサル	CVE-2008-0840	2012-12-20 18:34	2008-02-20	Show	GitHub Exploit DB Packet Storm

227273	4.3	警告	ソフォス	-	Sophos ES1000 および ES4000 Email Security Appliance の Web の管理インターフェースにおけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2008-0838	2012-12-20 18:34	2008-02-20	Show	GitHub Exploit DB Packet Storm

227274	7.5	危険	simple cms	-	Simple CMS の indexen.php における SQL インジェクションの脆弱性	CWE-89 SQLインジェクション	CVE-2008-0835	2012-12-20 18:34	2008-02-20	Show	GitHub Exploit DB Packet Storm

227275	7.5	危険	PHPNUKE	-	PHP-Nuke の Books モジュールにおける SQL インジェクションの脆弱性	CWE-89 SQLインジェクション	CVE-2008-0827	2012-12-20 18:34	2008-02-19	Show	GitHub Exploit DB Packet Storm

227276	3.6	注意	scribe	-	Scribe の index.php におけるディレクトリトラバーサルの脆弱性	CWE-22 パス・トラバーサル	CVE-2008-0822	2012-12-20 18:34	2008-02-19	Show	GitHub Exploit DB Packet Storm

227277	3.6	注意	plutostatus	-	PlutoStatus Locator の index.php におけるディレクトリトラバーサルの脆弱性	CWE-22 パス・トラバーサル	CVE-2008-0819	2012-12-20 18:34	2008-02-19	Show	GitHub Exploit DB Packet Storm

227278	6.4	警告	truc	-	TRUC の download.php におけるディレクトリトラバーサルの脆弱性	CWE-22 パス・トラバーサル	CVE-2008-0814	2012-12-20 18:34	2008-02-18	Show	GitHub Exploit DB Packet Storm

227279	5	警告	xpweb	-	XPWeb の Download.php におけるディレクトリトラバーサルの脆弱性	CWE-22 パス・トラバーサル	CVE-2008-0813	2012-12-20 18:34	2008-02-18	Show	GitHub Exploit DB Packet Storm

227280	9.3	危険	reality	-	PHPizabi の image.php における任意のコードを実行される脆弱性	CWE-264 認可・権限・アクセス制御	CVE-2008-0805	2012-12-20 18:34	2008-02-18	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:May 6, 2026, 4:08 a.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
223171	5.5	MEDIUM Local	nasm	netwide_assembler	In libnasm.a in Netwide Assembler (NASM) 2.14.xx, asm/pragma.c allows a NULL pointer dereference in process_pragma, search_pragma_list, and nasm_set_limit when "%pragma limit" is mishandled.	CWE-476 NULL Pointer Dereference	CVE-2019-14248	2024-11-21 13:26	2019-07-24	Show	GitHub Exploit DB Packet Storm

223172	5.5	MEDIUM Local	mpg321_project	mpg321	The scan() function in mad.c in mpg321 0.3.2 allows remote attackers to trigger an out-of-bounds write via a zero bitrate in an MP3 file.	CWE-787 Out-of-bounds Write	CVE-2019-14247	2024-11-21 13:26	2019-07-24	Show	GitHub Exploit DB Packet Storm

223173	7.5	HIGH Network	haproxy	proxyprotocol	headerv2.go in mastercactapus proxyprotocol before 0.0.2, as used in the mastercactapus caddy-proxyprotocol plugin through 0.0.2 for Caddy, allows remote attackers to cause a denial of service (webse…	CWE-20 Improper Input Validation	CVE-2019-14243	2024-11-21 13:26	2019-07-24	Show	GitHub Exploit DB Packet Storm

223174	7.5	HIGH Network	haproxy	haproxy	HAProxy through 2.0.2 allows attackers to cause a denial of service (ha_panic) via vectors related to htx_manage_client_side_cookies in proto_htx.c.	CWE-835 Loop with Unreachable Exit Condition ('Infinite Loop')	CVE-2019-14241	2024-11-21 13:26	2019-07-23	Show	GitHub Exploit DB Packet Storm

223175	8.1	HIGH Network	wcms	wcms	WCMS v0.3.2 has a CSRF vulnerability, with resultant directory traversal, to modify index.html via the /wex/html.php?finish=../index.html URI.	CWE-352 CWE-22 Origin Validation Error Path Traversal	CVE-2019-14240	2024-11-21 13:26	2019-07-23	Show	GitHub Exploit DB Packet Storm

223176	9.8	CRITICAL Network	onionbuzz	onionbuzz	An issue was discovered in the Viral Quiz Maker - OnionBuzz plugin before 1.2.2 for WordPress. One could exploit the points parameter in the ob_get_results ajax nopriv handler due to there being no s…	CWE-89 SQL Injection	CVE-2019-14231	2024-11-21 13:26	2019-07-22	Show	GitHub Exploit DB Packet Storm

223177	9.8	CRITICAL Network	onionbuzz	onionbuzz	An issue was discovered in the Viral Quiz Maker - OnionBuzz plugin before 1.2.7 for WordPress. One could exploit the id parameter in the set_count ajax nopriv handler due to there being no sanitizati…	CWE-89 SQL Injection	CVE-2019-14230	2024-11-21 13:26	2019-07-22	Show	GitHub Exploit DB Packet Storm

223178	7.5	HIGH Network	foxitsoftware	phantompdf	An issue was discovered in Foxit PhantomPDF before 8.3.11. The application could crash when calling xfa.event.rest XFA JavaScript due to accessing a wild pointer.	CWE-119 Incorrect Access of Indexable Resource ('Range Error')	CVE-2019-14215	2024-11-21 13:26	2019-07-22	Show	GitHub Exploit DB Packet Storm

223179	7.5	HIGH Network	foxitsoftware	phantompdf	An issue was discovered in Foxit PhantomPDF before 8.3.10. The application could be exposed to a JavaScript Denial of Service when deleting pages in a document that contains only one page by calling …	NVD-CWE-noinfo	CVE-2019-14214	2024-11-21 13:26	2019-07-22	Show	GitHub Exploit DB Packet Storm

223180	7.5	HIGH Network	foxitsoftware	phantompdf	An issue was discovered in Foxit PhantomPDF before 8.3.11. The application could crash due to the repeated release of the signature dictionary during CSG_SignatureF and CPDF_Document destruction.	NVD-CWE-noinfo	CVE-2019-14213	2024-11-21 13:26	2019-07-22	Show	GitHub Exploit DB Packet Storm