Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":May 14, 2026, 6:01 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
227991 10 危険 Matthias Wandel - Matthias Wandel jhead の jhead.c における任意のコマンドを実行される脆弱性 CWE-20
不適切な入力確認 		CVE-2008-4641 2012-12-20 18:52 2008-10-21 Show GitHub Exploit DB Packet Storm
227992 3.6 注意 Matthias Wandel - Matthias Wandel jhead の jhead.c における任意のファイルを削除される脆弱性 CWE-20
不適切な入力確認 		CVE-2008-4640 2012-12-20 18:52 2008-10-21 Show GitHub Exploit DB Packet Storm
227993 4.6 警告 Matthias Wandel - Matthias Wandel jhead の jhead.c における任意のファイルを上書きされる脆弱性 CWE-59
リンク解釈の問題 		CVE-2008-4639 2012-12-20 18:52 2008-10-21 Show GitHub Exploit DB Packet Storm
227994 7.5 危険 rgallery - WBB 用の rGallery プラグインにおける SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2008-4627 2012-12-20 18:52 2008-10-20 Show GitHub Exploit DB Packet Storm
227995 6.8 警告 zirkon box - Fritz Berger yappa-ng の yappa-ng におけるディレクトリトラバーサルの脆弱性 CWE-22
パス・トラバーサル 		CVE-2008-4626 2012-12-20 18:52 2008-10-20 Show GitHub Exploit DB Packet Storm
227996 7.5 危険 shiftthis - WordPress 用の ShiftThis Newsletter プラグインにおける SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2008-4625 2012-12-20 18:52 2008-10-20 Show GitHub Exploit DB Packet Storm
227997 5 警告 Wireshark - Wireshark の Bluetooth ACL 解析子におけるサービス運用妨害 (DoS) の脆弱性 CWE-399
リソース管理の問題 		CVE-2008-4683 2012-12-20 18:52 2007-04-4 Show GitHub Exploit DB Packet Storm
227998 7.5 危険 phpfastnews - phpFastNews の fastnews-code.php における認証を迂回される脆弱性 CWE-287
不適切な認証 		CVE-2008-4622 2012-12-20 18:52 2008-10-20 Show GitHub Exploit DB Packet Storm
227999 7.5 危険 ZeeScripts.com - ZeeScripts Zeeproperty の bannerclick.php における SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2008-4621 2012-12-20 18:52 2008-10-20 Show GitHub Exploit DB Packet Storm
228000 10 危険 サン・マイクロシステムズ - Sun Solaris の RPC サブシステムにおけるサービス運用妨害 (DoS) の脆弱性 CWE-noinfo
情報不足 		CVE-2008-4619 2012-12-20 18:52 2008-10-20 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:May 14, 2026, 4 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
224871 6.1 MEDIUM
Network 		backdropcms backdrop Backdrop CMS 1.12.x before 1.12.8 and 1.13.x before 1.13.3 doesn't sufficiently filter output when displaying certain block labels created by administrators. An attacker could potentially craft a spe… CWE-79
Cross-site Scripting 		CVE-2019-14769 2024-11-21 13:27 2019-08-8 Show GitHub Exploit DB Packet Storm
224872 5.5 MEDIUM
Local 		linux
canonical 		linux_kernel
ubuntu_linux 		In the Linux kernel before 4.16.4, a double-locking error in drivers/usb/dwc3/gadget.c may potentially cause a deadlock with f_hid. CWE-667
 Improper Locking 		CVE-2019-14763 2024-11-21 13:27 2019-08-8 Show GitHub Exploit DB Packet Storm
224873 6.1 MEDIUM
Network 		osticket osticket An issue was discovered in osTicket before 1.10.7 and 1.12.x before 1.12.1. Stored XSS exists in setup/install.php. It was observed that no input sanitization was provided in the firstname and lastna… CWE-79
Cross-site Scripting 		CVE-2019-14750 2024-11-21 13:27 2019-08-8 Show GitHub Exploit DB Packet Storm
224874 9.8 CRITICAL
Network 		backdropcms backdrop_cms Backdrop CMS 1.12.x before 1.12.8 and 1.13.x before 1.13.3 allows the upload of entire-site configuration archives through the user interface or command line. It does not sufficiently check uploaded … CWE-20
 Improper Input Validation  		CVE-2019-14771 2024-11-21 13:27 2019-08-8 Show GitHub Exploit DB Packet Storm
224875 6.1 MEDIUM
Network 		diaowen dwsurvey DWSurvey through 2019-07-22 has stored XSS via the design/my-survey-design!copySurvey.action surveyName parameter. CWE-79
Cross-site Scripting 		CVE-2019-14747 2024-11-21 13:27 2019-08-8 Show GitHub Exploit DB Packet Storm
224876 9.8 CRITICAL
Network 		kuaifan kuaifancms A issue was discovered in KuaiFanCMS 5.0. It allows eval injection by placing PHP code in the install.php db_name parameter and then making a config.php request. CWE-94
Code Injection 		CVE-2019-14746 2024-11-21 13:27 2019-08-8 Show GitHub Exploit DB Packet Storm
224877 7.8 HIGH
Local 		radare
fedoraproject 		radare2
fedora 		In radare2 before 3.7.0, a command injection vulnerability exists in bin_symbols() in libr/core/cbin.c. By using a crafted executable file, it's possible to execute arbitrary shell commands with the … CWE-77
Command Injection 		CVE-2019-14745 2024-11-21 13:27 2019-08-8 Show GitHub Exploit DB Packet Storm
224878 6.6 MEDIUM
Physics 		valvesoftware steam_client In Valve Steam Client for Windows through 2019-08-07, HKLM\SOFTWARE\Wow6432Node\Valve\Steam has explicit "Full control" for the Users group, which allows local users to gain NT AUTHORITY\SYSTEM acces… CWE-732
 Incorrect Permission Assignment for Critical Resource 		CVE-2019-14743 2024-11-21 13:27 2019-08-8 Show GitHub Exploit DB Packet Storm
224879 8.8 HIGH
Network 		osticket osticket An issue was discovered in osTicket before 1.10.7 and 1.12.x before 1.12.1. CSV (aka Formula) injection exists in the export spreadsheets functionality. These spreadsheets are generated dynamically f… CWE-1236
 Improper Neutralization of Formula Elements in a CSV File 		CVE-2019-14749 2024-11-21 13:27 2019-08-8 Show GitHub Exploit DB Packet Storm
224880 5.4 MEDIUM
Network 		osticket osticket An issue was discovered in osTicket before 1.10.7 and 1.12.x before 1.12.1. The Ticket creation form allows users to upload files along with queries. It was found that the file-upload functionality h… CWE-79
CWE-434
Cross-site Scripting
 Unrestricted Upload of File with Dangerous Type  		CVE-2019-14748 2024-11-21 13:27 2019-08-8 Show GitHub Exploit DB Packet Storm