Vulnerability Search Top

Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

Vulnerability Information Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":May 12, 2026, 6 p.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
228161	4.3	警告	rgboard	-	Rgboard の rg_search.php におけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2008-2295	2012-12-20 18:52	2008-05-18	Show	GitHub Exploit DB Packet Storm

228162	7.5	危険	tpvgames	-	MPCS の admin.php における認証を回避される脆弱性	CWE-264 認可・権限・アクセス制御	CVE-2008-2293	2012-12-20 18:52	2008-05-18	Show	GitHub Exploit DB Packet Storm

228163	7.5	危険	シマンテック	-	Symantec Altiris Deployment Solution の axengine.exe における暗号化されたドメイン資格情報を推測される脆弱性	CWE-255 証明書・パスワード管理	CVE-2008-2291	2012-12-20 18:52	2008-05-14	Show	GitHub Exploit DB Packet Storm

228164	7.2	危険	シマンテック	-	Symantec Altiris Deployment Solution の Agent ユーザインターフェースにおける権限を取得される脆弱性	CWE-264 認可・権限・アクセス制御	CVE-2008-2290	2012-12-20 18:52	2008-05-14	Show	GitHub Exploit DB Packet Storm

228165	7.2	危険	シマンテック	-	Symantec Altiris Deployment Solution の tooltip 要素における権限を取得される脆弱性	CWE-264 認可・権限・アクセス制御	CVE-2008-2289	2012-12-20 18:52	2008-05-14	Show	GitHub Exploit DB Packet Storm

228166	3.6	注意	シマンテック	-	Symantec Altiris Deployment Solution におけるサービス運用妨害 (DoS) の脆弱性	CWE-264 認可・権限・アクセス制御	CVE-2008-2288	2012-12-20 18:52	2008-05-14	Show	GitHub Exploit DB Packet Storm

228167	7.2	危険	シマンテック	-	Symantec Altiris Deployment Solution における権限を取得される脆弱性	CWE-264 認可・権限・アクセス制御	CVE-2008-2287	2012-12-20 18:52	2008-05-14	Show	GitHub Exploit DB Packet Storm

228168	7.5	危険	シマンテック	-	Symantec Altiris Deployment Solution の axengine.exe における SQL インジェクションの脆弱性	CWE-89 SQLインジェクション	CVE-2008-2286	2012-12-20 18:52	2008-05-14	Show	GitHub Exploit DB Packet Storm

228169	5	警告	Canonical	-	Ubuntu Linux 上で稼動する ssh-vulnkey ツールにおける CVE-2008-0166 を悪用される脆弱性	CWE-310 暗号の問題	CVE-2008-2285	2012-12-20 18:52	2008-05-14	Show	GitHub Exploit DB Packet Storm

228170	7.5	危険	thomas voecking	-	Internet Photoshow および Internet Photoshow SE の admin.php における認証を回避される脆弱性	CWE-287 不適切な認証	CVE-2008-2282	2012-12-20 18:52	2008-05-18	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:May 12, 2026, 5:06 a.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
224741	7.5	HIGH Network	qualcomm	msm8905_firmware msm8909_firmware msm8917_firmware msm8920_firmware msm8937_firmware msm8940_firmware msm8953_firmware nicobar_firmware qcm2150_firmware qm215_firmware r…	Possibility of null pointer deference as the array of video codecs from media info is referenced without null checking while processing SDP messages in Snapdragon Auto, Snapdragon Compute, Snapdragon…	CWE-476 NULL Pointer Dereference	CVE-2019-14012	2024-11-21 13:25	2020-04-16	Show	GitHub Exploit DB Packet Storm

224742	9.1	CRITICAL Network	qualcomm	apq8009_firmware apq8053_firmware apq8096_firmware apq8096au_firmware apq8098_firmware mdm9150_firmware mdm9205_firmware mdm9206_firmware mdm9207c_firmware mdm9607_firmware…	Multiple Read overflows issue due to improper length check while decoding 3G attach accept/ SMS/ pdn connection reject/ esm data transport/ bearer modify context reject in Snapdragon Auto, Snapdragon…	CWE-125 Out-of-bounds Read	CVE-2019-14011	2024-11-21 13:25	2020-04-16	Show	GitHub Exploit DB Packet Storm

224743	7.8	HIGH Local	qualcomm	apq8009_firmware apq8098_firmware mdm9150_firmware mdm9607_firmware mdm9650_firmware msm8905_firmware msm8909_firmware msm8998_firmware sda660_firmware sda845_firmware s…	Out of bound memory access while processing TZ command handler due to improper input validation on response length received from user in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, …	CWE-119 Incorrect Access of Indexable Resource ('Range Error')	CVE-2019-14009	2024-11-21 13:25	2020-04-16	Show	GitHub Exploit DB Packet Storm

224744	5.5	MEDIUM Local	qualcomm	apq8009_firmware apq8017_firmware apq8053_firmware apq8096_firmware apq8096au_firmware apq8098_firmware mdm9150_firmware mdm9205_firmware mdm9206_firmware mdm9607_firmware<…	Due to the use of non-time-constant comparison functions there is issue in timing side channels which can be used as a potential side channel for SUI corruption in Snapdragon Auto, Snapdragon Compute…	CWE-203 Information Exposure Through Discrepancy	CVE-2019-14007	2024-11-21 13:25	2020-04-16	Show	GitHub Exploit DB Packet Storm

224745	7.8	HIGH Local	qualcomm	apq8009_firmware apq8017_firmware apq8053_firmware apq8096au_firmware mdm9206_firmware mdm9207c_firmware mdm9607_firmware mdm9650_firmware msm8905_firmware msm8909w_firmwar…	Wrong public key usage from existing oem_keystore for hash generation in Snapdragon Auto, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon W…	CWE-327 Use of a Broken or Risky Cryptographic Algorithm	CVE-2019-14001	2024-11-21 13:25	2020-04-16	Show	GitHub Exploit DB Packet Storm

224746	8.8	HIGH Adjacent	cypress	wiced_studio	An issue was discovered in Cypress (formerly Broadcom) WICED Studio 6.2 CYW20735B1 and CYW20819A1. As a Bluetooth Low Energy (BLE) packet is received, it is copied into a Heap (ThreadX Block) buffer.…	CWE-787 Out-of-bounds Write	CVE-2019-13916	2024-11-21 13:25	2020-04-14	Show	GitHub Exploit DB Packet Storm

224747	7.8	HIGH Local	ge	mark_vie_controll_system	GE Mark VIe Controller is shipped with pre-configured hard-coded credentials that may allow root-user access to the controller. A limited application of the affected product may ship without setup an…	CWE-798 Use of Hard-coded Credentials	CVE-2019-13559	2024-11-21 13:25	2020-04-8	Show	GitHub Exploit DB Packet Storm

224748	8.8	HIGH Network	ge	mark_vie_control_system	GE Mark VIe Controller has an unsecured Telnet protocol that may allow a user to create an authenticated session using generic default credentials. GE recommends that users disable the Telnet service.	NVD-CWE-Other	CVE-2019-13554	2024-11-21 13:25	2020-04-8	Show	GitHub Exploit DB Packet Storm

224749	5.4	MEDIUM Network	zyxel	xgs2210-52hp_firmware	In firmware version 4.50 of Zyxel XGS2210-52HP, multiple stored cross-site scripting (XSS) issues allows remote authenticated users to inject arbitrary web script via an rpSys.html Name or Location f…	CWE-79 Cross-site Scripting	CVE-2019-13495	2024-11-21 13:25	2020-04-1	Show	GitHub Exploit DB Packet Storm

224750	7.8	HIGH Local	qualcomm	sm8150_firmware	Possible out of bound memory access while playing a crafted clip in media player in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdra…	CWE-125 Out-of-bounds Read	CVE-2019-14048	2024-11-21 13:25	2020-03-5	Show	GitHub Exploit DB Packet Storm