Vulnerability Search Top

Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

Vulnerability Information Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":May 7, 2026, 6 p.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
227281	6.5	警告	xigla	-	Xigla Absolute News Manager XE の search.asp における SQL インジェクションの脆弱性	CWE-89 SQLインジェクション	CVE-2008-2757	2012-12-20 18:52	2008-06-18	Show	GitHub Exploit DB Packet Storm

227282	4.3	警告	xigla	-	Xigla Absolute Control Panel XE の admin/users.asp におけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2008-2756	2012-12-20 18:52	2008-06-18	Show	GitHub Exploit DB Packet Storm

227283	7.1	危険	サン・マイクロシステムズ	-	Sun Java System Calendar Server などの cshttpd におけるサービス運用妨害 (DoS) の脆弱性	CWE-noinfo 情報不足	CVE-2008-2749	2012-12-20 18:52	2008-06-13	Show	GitHub Exploit DB Packet Storm

227284	5	警告	skulltag team	-	Skulltag におけるサービス運用妨害 (DoS) の脆弱性	CWE-20 不適切な入力確認	CVE-2008-2748	2012-12-20 18:52	2008-06-18	Show	GitHub Exploit DB Packet Storm

227285	4.3	警告	vBulletin Solutions, Inc.	-	vBulletin におけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2008-2744	2012-12-20 18:52	2008-06-9	Show	GitHub Exploit DB Packet Storm

227286	4.3	警告	Xerox	-	Xerox 4110 などの Copier/Printers の組み込み Web サーバにおけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2008-2743	2012-12-20 18:52	2008-06-12	Show	GitHub Exploit DB Packet Storm

227287	4.3	警告	TYPO3 Association	-	TYPO3 の fe_adminlib.inc におけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2008-2718	2012-12-20 18:52	2008-06-16	Show	GitHub Exploit DB Packet Storm

227288	9.3	危険	サン・マイクロシステムズ	-	Sun Java System AM における認証を回避される脆弱性	CWE-287 不適切な認証	CVE-2008-2705	2012-12-20 18:52	2008-06-11	Show	GitHub Exploit DB Packet Storm

227289	4.3	警告	web-album	-	WEBalbum の photo_add-c.php におけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2008-2698	2012-12-20 18:52	2008-06-13	Show	GitHub Exploit DB Packet Storm

227290	7.5	危険	phpinv	-	phpInv の entry.php におけるディレクトリトラバーサルの脆弱性	CWE-22 パス・トラバーサル	CVE-2008-2695	2012-12-20 18:52	2008-06-13	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:May 8, 2026, 4:54 a.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
223831	9.8	CRITICAL Network	datagrid_project	datagrid	The datagrid gem 1.0.6 for Ruby, as distributed on RubyGems.org, included a code-execution backdoor inserted by a third party.	CWE-94 Code Injection	CVE-2019-14281	2024-11-21 13:26	2019-07-26	Show	GitHub Exploit DB Packet Storm

223832	5.3	MEDIUM Network	craftcms	craft_cms	In some circumstances, Craft 2 before 2.7.10 and 3 before 3.2.6 wasn't stripping EXIF data from user-uploaded images when it was configured to do so, potentially exposing personal/geolocation data to…	CWE-200 Information Exposure	CVE-2019-14280	2024-11-21 13:26	2019-07-26	Show	GitHub Exploit DB Packet Storm

223833	9.8	CRITICAL Network	axway	securetransport	Axway SecureTransport 5.x through 5.3 (or 5.x through 5.5 with certain API configuration) is vulnerable to unauthenticated blind XML injection (and XXE) in the resetPassword functionality via the RES…	CWE-91 Blind XPath Injection	CVE-2019-14277	2024-11-21 13:26	2019-07-26	Show	GitHub Exploit DB Packet Storm

223834	5.5	MEDIUM Local	xfig_project debian opensuse	fig2dev debian_linux leap	Xfig fig2dev 3.2.7a has a stack-based buffer overflow in the calc_arrow function in bound.c.	CWE-787 Out-of-bounds Write	CVE-2019-14275	2024-11-21 13:26	2019-07-26	Show	GitHub Exploit DB Packet Storm

223835	5.5	MEDIUM Local	mcpp_project opensuse	mcpp leap backports_sle	MCPP 2.7.2 has a heap-based buffer overflow in the do_msg() function in support.c.	CWE-787 Out-of-bounds Write	CVE-2019-14274	2024-11-21 13:26	2019-07-26	Show	GitHub Exploit DB Packet Storm

223836	7.1	HIGH Local	comodo	firewall internet_security antivirus	Comodo Antivirus through 12.0.0.6870, Comodo Firewall through 12.0.0.6870, and Comodo Internet Security Premium through 12.0.0.6870, with the Comodo Container feature, are vulnerable to Sandbox Escap…	NVD-CWE-noinfo	CVE-2019-14270	2024-11-21 13:26	2019-07-26	Show	GitHub Exploit DB Packet Storm

223837	6.5	MEDIUM Network	octopus	octopus_deploy	In Octopus Deploy versions 3.0.19 to 2019.7.2, when a web request proxy is configured, an authenticated user (in certain limited circumstances) could trigger a deployment that writes the web request …	CWE-532 Inclusion of Sensitive Information in Log Files	CVE-2019-14268	2024-11-21 13:26	2019-07-26	Show	GitHub Exploit DB Packet Storm

223838	8.8	HIGH Network	opensns	opensns	OpenSNS v6.1.0 allows SQL Injection via the index.php?s=/ucenter/Config/ uid parameter because of the getNeedQueryData function in Application/Common/Model/UserModel.class.php.	CWE-89 SQL Injection	CVE-2019-14266	2024-11-21 13:26	2019-07-26	Show	GitHub Exploit DB Packet Storm

223839	7.5	HIGH Network	metadataextractor_project	metadataextractor	MetadataExtractor 2.1.0 allows stack consumption.	CWE-400 Uncontrolled Resource Consumption	CVE-2019-14262	2024-11-21 13:26	2019-07-25	Show	GitHub Exploit DB Packet Storm

223840	5.5	MEDIUM Local	gnu canonical opensuse	binutils ubuntu_linux leap	An issue was discovered in GNU libiberty, as distributed in GNU Binutils 2.32. simple_object_elf_match in simple-object-elf.c does not check for a zero shstrndx value, leading to an integer overflow …	CWE-787 CWE-190 Out-of-bounds Write Integer Overflow or Wraparound	CVE-2019-14250	2024-11-21 13:26	2019-07-24	Show	GitHub Exploit DB Packet Storm