Vulnerability Search Top

Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

Vulnerability Information Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":May 7, 2026, 6 p.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
227281	6.5	警告	xigla	-	Xigla Absolute News Manager XE の search.asp における SQL インジェクションの脆弱性	CWE-89 SQLインジェクション	CVE-2008-2757	2012-12-20 18:52	2008-06-18	Show	GitHub Exploit DB Packet Storm

227282	4.3	警告	xigla	-	Xigla Absolute Control Panel XE の admin/users.asp におけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2008-2756	2012-12-20 18:52	2008-06-18	Show	GitHub Exploit DB Packet Storm

227283	7.1	危険	サン・マイクロシステムズ	-	Sun Java System Calendar Server などの cshttpd におけるサービス運用妨害 (DoS) の脆弱性	CWE-noinfo 情報不足	CVE-2008-2749	2012-12-20 18:52	2008-06-13	Show	GitHub Exploit DB Packet Storm

227284	5	警告	skulltag team	-	Skulltag におけるサービス運用妨害 (DoS) の脆弱性	CWE-20 不適切な入力確認	CVE-2008-2748	2012-12-20 18:52	2008-06-18	Show	GitHub Exploit DB Packet Storm

227285	4.3	警告	vBulletin Solutions, Inc.	-	vBulletin におけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2008-2744	2012-12-20 18:52	2008-06-9	Show	GitHub Exploit DB Packet Storm

227286	4.3	警告	Xerox	-	Xerox 4110 などの Copier/Printers の組み込み Web サーバにおけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2008-2743	2012-12-20 18:52	2008-06-12	Show	GitHub Exploit DB Packet Storm

227287	4.3	警告	TYPO3 Association	-	TYPO3 の fe_adminlib.inc におけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2008-2718	2012-12-20 18:52	2008-06-16	Show	GitHub Exploit DB Packet Storm

227288	9.3	危険	サン・マイクロシステムズ	-	Sun Java System AM における認証を回避される脆弱性	CWE-287 不適切な認証	CVE-2008-2705	2012-12-20 18:52	2008-06-11	Show	GitHub Exploit DB Packet Storm

227289	4.3	警告	web-album	-	WEBalbum の photo_add-c.php におけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2008-2698	2012-12-20 18:52	2008-06-13	Show	GitHub Exploit DB Packet Storm

227290	7.5	危険	phpinv	-	phpInv の entry.php におけるディレクトリトラバーサルの脆弱性	CWE-22 パス・トラバーサル	CVE-2008-2695	2012-12-20 18:52	2008-06-13	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:May 7, 2026, 4:22 a.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
222891	7.8	HIGH Local	intel	nuc_8_mainstream_game_kit_firmware nuc_8_mainstream_game_mini_computer_firmware nuc8i7bek_firmware cd1p64gk_firmware nuc8i3cysm_firmware nuc8i7hnk_firmware nuc7i7dnke_firmware nu…	Improper access control in firmware for Intel(R) NUC(R) may allow an authenticated user to potentially enable escalation of privilege via local access.	NVD-CWE-Other	CVE-2019-14610	2024-11-21 13:27	2019-12-17	Show	GitHub Exploit DB Packet Storm

222892	6.7	MEDIUM Local	intel	nuc_8_mainstream_game_kit_firmware nuc_8_mainstream_game_mini_computer_firmware nuc8i7bek_firmware cd1p64gk_firmware nuc8i3cysm_firmware nuc8i7hnk_firmware nuc7i7dnke_firmware nu…	Improper input validation in firmware for Intel(R) NUC(R) may allow a privileged user to potentially enable escalation of privilege via local access.	CWE-20 Improper Input Validation	CVE-2019-14609	2024-11-21 13:27	2019-12-17	Show	GitHub Exploit DB Packet Storm

222893	7.8	HIGH Local	intel	nuc_8_mainstream_game_kit_firmware nuc_8_mainstream_game_mini_computer_firmware nuc8i7bek_firmware cd1p64gk_firmware nuc8i3cysm_firmware nuc8i7hnk_firmware nuc7i7dnke_firmware nu…	Improper buffer restrictions in firmware for Intel(R) NUC(R) may allow an authenticated user to potentially enable escalation of privilege via local access.	CWE-119 Incorrect Access of Indexable Resource ('Range Error')	CVE-2019-14608	2024-11-21 13:27	2019-12-17	Show	GitHub Exploit DB Packet Storm

222894	7.8	HIGH Local	intel	setup_and_configuration_software_platform_discovery_utility	Improper permissions in the installer for the Intel(R) SCS Platform Discovery Utility, all versions, may allow an authenticated user to potentially enable escalation of privilege via local attack.	CWE-276 Incorrect Default Permissions	CVE-2019-14605	2024-11-21 13:27	2019-12-17	Show	GitHub Exploit DB Packet Storm

222895	5.5	MEDIUM Local	intel	quartus_prime	Null pointer dereference in the FPGA kernel driver for Intel(R) Quartus(R) Prime Pro Edition before version 19.3 may allow an authenticated user to potentially enable denial of service via local acce…	CWE-476 NULL Pointer Dereference	CVE-2019-14604	2024-11-21 13:27	2019-12-17	Show	GitHub Exploit DB Packet Storm

222896	7.8	HIGH Local	intel	quartus_prime	Improper permissions in the installer for the License Server software for Intel® Quartus® Prime Pro Edition before version 19.3 may allow an authenticated user to potentially enable escalation of pri…	CWE-276 Incorrect Default Permissions	CVE-2019-14603	2024-11-21 13:27	2019-12-17	Show	GitHub Exploit DB Packet Storm

222897	7.8	HIGH Local	intel	control_center-i	Unquoted service path in Control Center-I version 2.1.0.0 and earlier may allow an authenticated user to potentially enable escalation of privilege via local access.	CWE-426 Untrusted Search Path	CVE-2019-14599	2024-11-21 13:27	2019-12-17	Show	GitHub Exploit DB Packet Storm

222898	5.4	MEDIUM Network	redhat	3scale	A vulnerability was found in 3scale before version 2.6, did not set the HTTPOnly attribute on the user session cookie. An attacker could use this to conduct cross site scripting attacks and gain acce…	-	CVE-2019-14849	2024-11-21 13:27	2019-12-12	Show	GitHub Exploit DB Packet Storm

222899	4.3	MEDIUM Network	atlassian	crucible fisheye	The /json/profile/removeStarAjax.do resource in Atlassian Fisheye and Crucible before version 4.8.0 allows remote attackers to remove another user's favourite setting for a project via an improper au…	NVD-CWE-noinfo	CVE-2019-15009	2024-11-21 13:27	2019-12-12	Show	GitHub Exploit DB Packet Storm

222900	6.1	MEDIUM Network	atlassian	crucible fisheye	The /plugins/servlet/branchreview resource in Atlassian Fisheye and Crucible before version 4.7.3 allows remote attackers to inject arbitrary HTML or JavaScript via a cross site scripting (XSS) vulne…	CWE-79 Cross-site Scripting	CVE-2019-15008	2024-11-21 13:27	2019-12-12	Show	GitHub Exploit DB Packet Storm