Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":May 15, 2026, 6 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
228101 6.8 警告 poweraward - PowerAward におけるディレクトリトラバーサルの脆弱性 CWE-22
パス・トラバーサル 		CVE-2008-5204 2012-12-20 18:52 2008-11-21 Show GitHub Exploit DB Packet Storm
228102 4.3 警告 poweraward - PowerAward の external_vote.php におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2008-5203 2012-12-20 18:52 2008-11-21 Show GitHub Exploit DB Packet Storm
228103 7.5 危険 phpoutsourcing - PHPOutsourcing IdeaBox の include.php における PHP リモートファイルインクルージョンの脆弱性 CWE-94
コード・インジェクション 		CVE-2008-5199 2012-12-20 18:52 2008-11-21 Show GitHub Exploit DB Packet Storm
228104 7.5 危険 vizzed - Acmlmboard の memberlist.php における SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2008-5198 2012-12-20 18:52 2008-11-21 Show GitHub Exploit DB Packet Storm
228105 7.5 危険 PHP-Fusion - PHP-Fusion の classifieds.php における SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2008-5197 2012-12-20 18:52 2008-11-21 Show GitHub Exploit DB Packet Storm
228106 7.5 危険 PHP-Fusion - PHP-Fusion 用の Kroax モジュールにおける SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2008-5196 2012-12-20 18:52 2008-11-21 Show GitHub Exploit DB Packet Storm
228107 7.5 危険 sebrac - SebracCMS における SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2008-5195 2012-12-20 18:52 2008-11-21 Show GitHub Exploit DB Packet Storm
228108 7.5 危険 softvisions software - SoftVisions Software obm の checkavail.php における SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2008-5194 2012-12-20 18:52 2008-11-21 Show GitHub Exploit DB Packet Storm
228109 7.5 危険 seportal - SePortal における SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2008-5191 2012-12-20 18:52 2008-11-21 Show GitHub Exploit DB Packet Storm
228110 5 警告 Ruby on Rails project - Ruby on Rails における CRLF インジェクションの脆弱性 CWE-352
同一生成元ポリシー違反 		CVE-2008-5189 2012-12-20 18:52 2008-10-19 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:May 15, 2026, 4:28 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
225071 8.8 HIGH
Network 		dlink dir-823g_firmware An issue was discovered on D-Link DIR-823G devices with firmware V1.0.2B05. There is a command injection in HNAP1 (exploitable with Authentication) via shell metacharacters in the Type field to SetWa… CWE-78
OS Command  		CVE-2019-15526 2024-11-21 13:28 2019-08-24 Show GitHub Exploit DB Packet Storm
225072 8.1 HIGH
Network 		pw3270_project pw3270 There is Missing SSL Certificate Validation in the pw3270 terminal emulator before version 5.1. CWE-295
Improper Certificate Validation  		CVE-2019-15525 2024-11-21 13:28 2019-08-24 Show GitHub Exploit DB Packet Storm
225073 5.3 MEDIUM
Network 		comelz quark comelz Quark before 2019-03-26 allows directory traversal to locations outside of the project directory. CWE-22
Path Traversal 		CVE-2019-15520 2024-11-21 13:28 2019-08-24 Show GitHub Exploit DB Packet Storm
225074 9.8 CRITICAL
Network 		power-response_project power-response Power-Response before 2019-02-02 allows directory traversal (up to the application's main directory) via a plugin. CWE-22
Path Traversal 		CVE-2019-15519 2024-11-21 13:28 2019-08-24 Show GitHub Exploit DB Packet Storm
225075 5.3 MEDIUM
Network 		swoole swoole Swoole before 4.2.13 allows directory traversal in swPort_http_static_handler. CWE-22
Path Traversal 		CVE-2019-15518 2024-11-21 13:28 2019-08-24 Show GitHub Exploit DB Packet Storm
225076 5.5 MEDIUM
Local 		jc21 nginx_proxy_manager jc21 Nginx Proxy Manager before 2.0.13 allows %2e%2e%2f directory traversal. CWE-22
Path Traversal 		CVE-2019-15517 2024-11-21 13:28 2019-08-24 Show GitHub Exploit DB Packet Storm
225077 7.5 HIGH
Network 		cuberite cuberite Cuberite before 2019-06-11 allows webadmin directory traversal via ....// because the protection mechanism simply removes one ../ substring. CWE-22
Path Traversal 		CVE-2019-15516 2024-11-21 13:28 2019-08-24 Show GitHub Exploit DB Packet Storm
225078 5.3 MEDIUM
Network 		telegram telegram The Privacy > Phone Number feature in the Telegram app 5.10 for Android and iOS provides an incorrect indication that the access level is Nobody, because attackers can find these numbers via the Grou… NVD-CWE-noinfo
CVE-2019-15514 2024-11-21 13:28 2019-08-23 Show GitHub Exploit DB Packet Storm
225079 9.8 CRITICAL
Network 		it-novum openitcockpit openITCOCKPIT before 3.7.1 allows SSRF, aka RVID 5-445b21. CWE-918
Server-Side Request Forgery (SSRF)  		CVE-2019-15494 2024-11-21 13:28 2019-08-23 Show GitHub Exploit DB Packet Storm
225080 7.5 HIGH
Network 		it-novum openitcockpit openITCOCKPIT before 3.7.1 allows deletion of files, aka RVID 4-445b21. NVD-CWE-noinfo
CVE-2019-15493 2024-11-21 13:28 2019-08-23 Show GitHub Exploit DB Packet Storm