Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":May 8, 2026, 6 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
228131 7.1 危険 シマンテック - Symantec Scan Engine を含む特定の Symantec アンチウイルス製品で使用される Symantec Decomposer におけるサービス運用妨害 (DoS) の脆弱性 CWE-399
リソース管理の問題 		CVE-2008-0308 2012-12-20 18:34 2008-02-26 Show GitHub Exploit DB Packet Storm
228132 9.3 危険 SAP - SAP MaxDB の vserver における整数符号エラーの脆弱性 CWE-189
数値処理の問題 		CVE-2008-0307 2012-12-20 18:34 2008-03-11 Show GitHub Exploit DB Packet Storm
228133 6.9 警告 SAP - SAP MaxDB の sdbstarter における任意のコマンドを実行される脆弱性 CWE-DesignError
CVE-2008-0306 2012-12-20 18:34 2008-03-11 Show GitHub Exploit DB Packet Storm
228134 4.3 警告 Python Software Foundation - Paramiko の common.py における重要な情報を取得される脆弱性 CWE-DesignError
CVE-2008-0299 2012-12-20 18:34 2008-01-16 Show GitHub Exploit DB Packet Storm
228135 10 危険 VideoLAN - Windows 上で稼動する VideoLAN VLC Media Player の libaccess_realrtsp プラグインにおけるヒープベースのバッファオーバーフローの脆弱性 CWE-119
バッファエラー 		CVE-2008-0296 2012-12-20 18:34 2008-01-16 Show GitHub Exploit DB Packet Storm
228136 8.5 危険 VideoLAN - VideoLAN VLC Media Player で使用される Xine ライブラリにおけるヒープベースのバッファオーバーフローの脆弱性 CWE-119
バッファエラー 		CVE-2008-0295 2012-12-20 18:34 2008-01-16 Show GitHub Exploit DB Packet Storm
228137 6.8 警告 visionburst - VisionBurst vcart における PHP リモートファイルインクルージョンの脆弱性 CWE-94
コード・インジェクション 		CVE-2008-0287 2012-12-20 18:34 2008-01-15 Show GitHub Exploit DB Packet Storm
228138 4.3 警告 Simple Machines - SMF におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2008-0284 2012-12-20 18:34 2008-01-15 Show GitHub Exploit DB Packet Storm
228139 7.5 危険 xforum - Xforum の liretopic.php における SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2008-0279 2012-12-20 18:34 2008-01-15 Show GitHub Exploit DB Packet Storm
228140 6 警告 X7 Group - X7 Chat の index.php における SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2008-0278 2012-12-20 18:34 2008-01-15 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:May 8, 2026, 4:54 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
222131 5.3 MEDIUM
Network 		spip
debian
canonical 		spip
debian_linux
ubuntu_linux 		SPIP before 3.1.11 and 3.2 before 3.2.5 provides different error messages from the password-reminder page depending on whether an e-mail address exists, which might help attackers to enumerate subscr… CWE-203
 Information Exposure Through Discrepancy 		CVE-2019-16394 2024-11-21 13:30 2019-09-18 Show GitHub Exploit DB Packet Storm
222132 6.1 MEDIUM
Network 		spip
debian
canonical 		spip
debian_linux
ubuntu_linux 		SPIP before 3.1.11 and 3.2 before 3.2.5 mishandles redirect URLs in ecrire/inc/headers.php with a %0D, %0A, or %20 character. CWE-601
Open Redirect 		CVE-2019-16393 2024-11-21 13:30 2019-09-18 Show GitHub Exploit DB Packet Storm
222133 6.1 MEDIUM
Network 		spip
debian
canonical 		spip
debian_linux
ubuntu_linux 		SPIP before 3.1.11 and 3.2 before 3.2.5 allows prive/formulaires/login.php XSS via error messages. CWE-79
Cross-site Scripting 		CVE-2019-16392 2024-11-21 13:30 2019-09-18 Show GitHub Exploit DB Packet Storm
222134 6.5 MEDIUM
Network 		spip
debian
canonical 		spip
debian_linux
ubuntu_linux 		SPIP before 3.1.11 and 3.2 before 3.2.5 allows authenticated visitors to modify any published content and execute other modifications in the database. This is related to ecrire/inc/meta.php and ecrir… NVD-CWE-noinfo
CVE-2019-16391 2024-11-21 13:30 2019-09-18 Show GitHub Exploit DB Packet Storm
222135 9.8 CRITICAL
Network 		eq-3 homematic_ccu2_firmware
homematic_ccu3_firmware 		eQ-3 Homematic CCU2 before 2.47.18 and CCU3 before 3.47.18 allow Remote Code Execution by unauthenticated attackers with access to the web interface via an HTTP POST request to certain URLs related t… CWE-306
Missing Authentication for Critical Function 		CVE-2019-16199 2024-11-21 13:30 2019-09-18 Show GitHub Exploit DB Packet Storm
222136 9.8 CRITICAL
Network 		trusteddomain
debian
fedoraproject
canonical 		opendmarc
debian_linux
fedora
ubuntu_linux 		OpenDMARC through 1.3.2 and 1.4.x through 1.4.0-Beta1 is prone to a signature-bypass vulnerability with multiple From: addresses, which might affect applications that consider a domain name to be rel… CWE-290
 Authentication Bypass by Spoofing 		CVE-2019-16378 2024-11-21 13:30 2019-09-17 Show GitHub Exploit DB Packet Storm
222137 9.8 CRITICAL
Network 		infradead
fedoraproject
debian
canonical
opensuse 		openconnect
fedora
debian_linux
ubuntu_linux
leap 		process_http_response in OpenConnect before 8.05 has a Buffer Overflow when a malicious server uses HTTP chunked encoding with crafted chunk sizes. CWE-120
Classic Buffer Overflow 		CVE-2019-16239 2024-11-21 13:30 2019-09-17 Show GitHub Exploit DB Packet Storm
222138 8.2 HIGH
Network 		logmein lastpass LogMeIn LastPass before 4.33.0 allows attackers to construct a crafted web site that captures the credentials for a victim's account on a previously visited web site, because do_popupregister can be … CWE-1021
 Improper Restriction of Rendered UI Layers or Frames 		CVE-2019-16371 2024-11-21 13:30 2019-09-17 Show GitHub Exploit DB Packet Storm
222139 5.9 MEDIUM
Network 		gradle gradle The PGP signing plugin in Gradle before 6.0 relies on the SHA-1 algorithm, which might allow an attacker to replace an artifact with a different one that has the same SHA-1 message digest, a related … CWE-327
 Use of a Broken or Risky Cryptographic Algorithm 		CVE-2019-16370 2024-11-21 13:30 2019-09-17 Show GitHub Exploit DB Packet Storm
222140 9.8 CRITICAL
Network 		moddable xs
moddable 		In XS 9.0.0 in Moddable SDK OS180329, there is a heap-based buffer overflow in fxBeginHost in xsAPI.c when called from fxRunDefine in xsRun.c, as demonstrated by crafted JavaScript code to xst. CWE-787
 Out-of-bounds Write 		CVE-2019-16366 2024-11-21 13:30 2019-09-17 Show GitHub Exploit DB Packet Storm