Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":May 11, 2026, 6:01 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
227491 7.5 危険 w1n78 - e107 用の Lyrics プラグインにおける SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2008-4906 2012-12-20 18:52 2008-11-3 Show GitHub Exploit DB Packet Storm
227492 5 警告 typosphere - Typo におけるパスワードを推測される脆弱性 CWE-310
暗号の問題 		CVE-2008-4905 2012-12-20 18:52 2008-11-3 Show GitHub Exploit DB Packet Storm
227493 6 警告 typosphere - Typo の "ページを管理する" 機能における SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2008-4904 2012-12-20 18:52 2008-11-3 Show GitHub Exploit DB Packet Storm
227494 4.3 警告 typosphere - Typo のコメントを残す機能におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2008-4903 2012-12-20 18:52 2008-11-3 Show GitHub Exploit DB Packet Storm
227495 7.5 危険 scripts frenzy - Article Publisher Pro の contact_author.php における SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2008-4902 2012-12-20 18:52 2008-11-3 Show GitHub Exploit DB Packet Storm
227496 7.5 危険 scripts frenzy - Article Publisher Pro の admin/admin.php における SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2008-4901 2012-12-20 18:52 2008-11-3 Show GitHub Exploit DB Packet Storm
227497 9.3 危険 SAP - SAP GUI の KWEdit ActiveX コントロールにおける任意のファイルを上書きされる脆弱性 CWE-Other
その他 		CVE-2008-4830 2012-12-20 18:52 2009-04-16 Show GitHub Exploit DB Packet Storm
227498 7.5 危険 YourFreeWorld.com - YourFreeWorld Classifieds Blaster Script の tr.php における SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2008-4900 2012-12-20 18:52 2008-11-3 Show GitHub Exploit DB Packet Storm
227499 6.8 警告 planetluc - Planetluc RateMe におけるクロスサイトリクエストフォージェリの脆弱性 CWE-352
同一生成元ポリシー違反 		CVE-2008-4899 2012-12-20 18:52 2008-11-3 Show GitHub Exploit DB Packet Storm
227500 4.3 警告 planetluc - planetluc RateMe におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2008-4898 2012-12-20 18:52 2008-11-3 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:May 12, 2026, 5:06 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
224311 6.6 MEDIUM
Physics 		valvesoftware steam_client In Valve Steam Client for Windows through 2019-08-07, HKLM\SOFTWARE\Wow6432Node\Valve\Steam has explicit "Full control" for the Users group, which allows local users to gain NT AUTHORITY\SYSTEM acces… CWE-732
 Incorrect Permission Assignment for Critical Resource 		CVE-2019-14743 2024-11-21 13:27 2019-08-8 Show GitHub Exploit DB Packet Storm
224312 8.8 HIGH
Network 		osticket osticket An issue was discovered in osTicket before 1.10.7 and 1.12.x before 1.12.1. CSV (aka Formula) injection exists in the export spreadsheets functionality. These spreadsheets are generated dynamically f… CWE-1236
 Improper Neutralization of Formula Elements in a CSV File 		CVE-2019-14749 2024-11-21 13:27 2019-08-8 Show GitHub Exploit DB Packet Storm
224313 5.4 MEDIUM
Network 		osticket osticket An issue was discovered in osTicket before 1.10.7 and 1.12.x before 1.12.1. The Ticket creation form allows users to upload files along with queries. It was found that the file-upload functionality h… CWE-79
CWE-434
Cross-site Scripting
 Unrestricted Upload of File with Dangerous Type  		CVE-2019-14748 2024-11-21 13:27 2019-08-8 Show GitHub Exploit DB Packet Storm
224314 7.8 HIGH
Local 		kde
debian
fedoraproject
opensuse
canonical
redhat 		kconfig
debian_linux
fedora
backports_sle
ubuntu_linux
enterprise_linux_desktop
enterprise_linux_workstation
enterprise_linux_server 		In KDE Frameworks KConfig before 5.61.0, malicious desktop files and configuration files lead to code execution with minimal user interaction. This relates to libKF5ConfigCore.so, and the mishandling… CWE-78
OS Command  		CVE-2019-14744 2024-11-21 13:27 2019-08-8 Show GitHub Exploit DB Packet Storm
224315 8.8 HIGH
Network 		adplug_project
fedoraproject 		adplug
fedora 		AdPlug 2.3.1 has multiple heap-based buffer overflows in CmtkLoader::load() in mtk.cpp. CWE-787
 Out-of-bounds Write 		CVE-2019-14734 2024-11-21 13:27 2019-08-7 Show GitHub Exploit DB Packet Storm
224316 8.8 HIGH
Network 		adplug_project
fedoraproject 		adplug
fedora 		AdPlug 2.3.1 has multiple heap-based buffer overflows in CradLoader::load() in rad.cpp. CWE-787
 Out-of-bounds Write 		CVE-2019-14733 2024-11-21 13:27 2019-08-7 Show GitHub Exploit DB Packet Storm
224317 8.8 HIGH
Network 		adplug_project
fedoraproject 		adplug
fedora 		AdPlug 2.3.1 has multiple heap-based buffer overflows in Ca2mLoader::load() in a2m.cpp. CWE-787
 Out-of-bounds Write 		CVE-2019-14732 2024-11-21 13:27 2019-08-7 Show GitHub Exploit DB Packet Storm
224318 5.4 MEDIUM
Network 		cnezsoft zentao An issue was discovered in ZenTao 11.5.1. There is an XSS (stored) vulnerability that leads to the capture of other people's cookies via the Rich Text Box. CWE-79
Cross-site Scripting 		CVE-2019-14731 2024-11-21 13:27 2019-08-7 Show GitHub Exploit DB Packet Storm
224319 9.8 CRITICAL
Network 		microdigital mdc-n4090_firmware
mdc-n4090w_firmware
mdc-n2190v_firmware 		A cleartext password storage issue was discovered on MicroDigital N-series cameras with firmware through 6400.0.8.5. The file in question is /usr/local/ipsca/mipsca.db. If a camera is compromised, th… CWE-522
 Insufficiently Protected Credentials 		CVE-2019-14709 2024-11-21 13:27 2019-08-7 Show GitHub Exploit DB Packet Storm
224320 9.8 CRITICAL
Network 		microdigital mdc-n4090_firmware
mdc-n4090w_firmware
mdc-n2190v_firmware 		An issue was discovered on MicroDigital N-series cameras with firmware through 6400.0.8.5. A buffer overflow in the action parameter leads to remote code execution in the context of the nobody accoun… CWE-119
Incorrect Access of Indexable Resource ('Range Error')  		CVE-2019-14708 2024-11-21 13:27 2019-08-7 Show GitHub Exploit DB Packet Storm