Vulnerability Search Top

Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

Vulnerability Information Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":May 14, 2026, 6:01 p.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
227391	7.5	危険	phpexplorer	-	phPhotoGallery の index.php における SQL インジェクションの脆弱性	CWE-89 SQLインジェクション	CVE-2008-6802	2012-12-20 19:10	2009-05-7	Show	GitHub Exploit DB Packet Storm

227392	4.4	警告	vivvo	-	Vivvo CMS におけるクロスサイトリクエストフォージェリの脆弱性	CWE-352 同一生成元ポリシー違反	CVE-2008-6801	2012-12-20 19:10	2009-05-7	Show	GitHub Exploit DB Packet Storm

227393	7.5	危険	tufat	-	FlashChat の connection.php におけるロールフィルタメカニズムを回避される脆弱性	CWE-264 認可・権限・アクセス制御	CVE-2008-6799	2012-12-20 19:10	2009-05-7	Show	GitHub Exploit DB Packet Storm

227394	7.5	危険	PreProject.com	-	Pre Projects Pre Real Estate Listings の login.php における SQL インジェクションの脆弱性	CWE-89 SQLインジェクション	CVE-2008-6798	2012-12-20 19:10	2009-05-7	Show	GitHub Exploit DB Packet Storm

227395	7.5	危険	PreProject.com	-	Pre Projects Pre Real Estate Listings の manager/login.php における SQL インジェクションの脆弱性	CWE-89 SQLインジェクション	CVE-2008-6796	2012-12-20 19:10	2009-05-7	Show	GitHub Exploit DB Packet Storm

227396	7.5	危険	sfs ez pub	-	SFS EZ Pub Site の directory.php における SQL インジェクションの脆弱性	CWE-89 SQLインジェクション	CVE-2008-6794	2012-12-20 19:10	2009-05-7	Show	GitHub Exploit DB Packet Storm

227397	7.5	危険	scripts-for-sites	-	SFS EZ Adult Directory の directory.php における SQL インジェクションの脆弱性	CWE-89 SQLインジェクション	CVE-2008-6784	2012-12-20 19:10	2009-05-1	Show	GitHub Exploit DB Packet Storm

227398	7.5	危険	scripts-for-sites	-	SFS EZ Home Business Directory の directory.php における SQL インジェクションの脆弱性	CWE-89 SQLインジェクション	CVE-2008-6783	2012-12-20 19:10	2009-05-1	Show	GitHub Exploit DB Packet Storm

227399	7.5	危険	scripts-for-sites	-	SFS EZ Hosting Directory の directory.php における SQL インジェクションの脆弱性	CWE-89 SQLインジェクション	CVE-2008-6782	2012-12-20 19:10	2009-05-1	Show	GitHub Exploit DB Packet Storm

227400	7.5	危険	scripts-for-sites	-	SFS Gaming Directory の directory.php における SQL インジェクションの脆弱性	CWE-89 SQLインジェクション	CVE-2008-6781	2012-12-20 19:10	2009-05-1	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:May 15, 2026, 4:28 a.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
221961	7.8	HIGH Local	lenovo	ideacentre_510-15ikl_firmware ideacentre_510s-08ikl_firmware ideacentre_300s-11ish_firmware ideacentre_310-15asr_firmware ideacentre_310-15iap_firmware ideacentre_310a-15iap_firmware	Realtek Audio Drivers for Windows, as used on the Lenovo ThinkPad X1 Carbon 20A7, 20A8, 20BS, and 20BT before 6.0.8882.1 and 20KH and 20KG before 6.0.8907.1 (and on many other Lenovo and non-Lenovo p…	CWE-428 Unquoted Search Path or Element	CVE-2019-19705	2024-11-21 13:35	2022-12-27	Show	GitHub Exploit DB Packet Storm

221962	10.0	CRITICAL Network	eleveo	call_recording	Zoom Call Recording 6.3.1 from Eleveo is vulnerable to Java Deserialization attacks targeting the inbuilt RMI service. A remote unauthenticated attacker can exploit this vulnerability by sending craf…	CWE-502 Deserialization of Untrusted Data	CVE-2019-19810	2024-11-21 13:35	2021-10-28	Show	GitHub Exploit DB Packet Storm

221963	7.5	HIGH Network	br-automation	industrial_automation_aprol	An issue was discovered in B&R Industrial Automation APROL before R4.2 V7.08. An attacker can get access to historical data from AprolSqlServer by bypassing authentication, a different vulnerability …	NVD-CWE-noinfo	CVE-2019-19878	2024-11-21 13:35	2020-11-28	Show	GitHub Exploit DB Packet Storm

221964	5.3	MEDIUM Network	br-automation	industrial_automation_aprol	An issue was discovered in B&R Industrial Automation APROL before R4.2 V7.08. An attacker can get access to sensitive information outside the working directory via Directory Traversal attacks against…	CWE-22 Path Traversal	CVE-2019-19877	2024-11-21 13:35	2020-11-28	Show	GitHub Exploit DB Packet Storm

221965	9.8	CRITICAL Network	br-automation	industrial_automation_aprol	An issue was discovered in B&R Industrial Automation APROL before R4.2 V7.08. An EnMon PHP script was vulnerable to SQL injection, a different vulnerability than CVE-2019-10006.	CWE-89 SQL Injection	CVE-2019-19876	2024-11-21 13:35	2020-11-28	Show	GitHub Exploit DB Packet Storm

221966	9.8	CRITICAL Network	br-automation	industrial_automation_aprol	An issue was discovered in B&R Industrial Automation APROL before R4.2 V7.08. Arbitrary commands could be injected (using Python scripts) via the AprolCluster script that is invoked via sudo and thus…	CWE-77 Command Injection	CVE-2019-19875	2024-11-21 13:35	2020-11-28	Show	GitHub Exploit DB Packet Storm

221967	9.8	CRITICAL Network	br-automation	industrial_automation_aprol	An issue was discovered in B&R Industrial Automation APROL before R4.2 V7.08. Some web scripts in the web interface allowed injection and execution of arbitrary unintended commands on the web server,…	CWE-77 Command Injection	CVE-2019-19874	2024-11-21 13:35	2020-11-28	Show	GitHub Exploit DB Packet Storm

221968	7.5	HIGH Network	br-automation	industrial_automation_aprol	An issue was discovered in B&R Industrial Automation APROL before R4.2 V7.08. An attacker can get information from the AprolSqlServer DBMS by bypassing authentication, a different vulnerability than …	NVD-CWE-noinfo	CVE-2019-19873	2024-11-21 13:35	2020-11-28	Show	GitHub Exploit DB Packet Storm

221969	9.8	CRITICAL Network	br-automation	industrial_automation_aprol	An issue was discovered in B&R Industrial Automation APROL before R4.2 V7.08. The AprolLoader could be used to inject and execute arbitrary unintended commands via an unspecified attack scenario, a d…	CWE-77 Command Injection	CVE-2019-19872	2024-11-21 13:35	2020-11-28	Show	GitHub Exploit DB Packet Storm

221970	7.5	HIGH Network	br-automation	industrial_automation_aprol	An issue was discovered in B&R Industrial Automation APROL before R4.2 V7.08. PVs could be changed (unencrypted) by using the IosHttp service and the JSON interface.	NVD-CWE-noinfo	CVE-2019-19869	2024-11-21 13:35	2020-11-28	Show	GitHub Exploit DB Packet Storm