Vulnerability Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":May 10, 2026, 6 p.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
228171	7.5	危険	WordPress.org	-	WordPress の wp-db-backup.php におけるディレクトリトラバーサルの脆弱性	CWE-22 パス・トラバーサル	CVE-2008-0194	2012-12-20 18:34	2008-01-9	Show	GitHub Exploit DB Packet Storm

228172	4.3	警告	WordPress.org	-	WordPress の wp-db-backup.php におけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2008-0193	2012-12-20 18:34	2008-01-9	Show	GitHub Exploit DB Packet Storm

228173	4.3	警告	WordPress.org	-	WordPress におけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2008-0192	2012-12-20 18:34	2008-01-9	Show	GitHub Exploit DB Packet Storm

228174	5	警告	WordPress.org	-	WordPress における重要な情報を取得される脆弱性	CWE-200 情報漏えい	CVE-2008-0191	2012-12-20 18:34	2008-01-9	Show	GitHub Exploit DB Packet Storm

228175	7.5	危険	spacial audio solutions	-	SAM Broadcaster samPHPweb の songinfo.php における SQL インジェクションの脆弱性	CWE-89 SQLインジェクション	CVE-2008-0187	2012-12-20 18:34	2008-01-9	Show	GitHub Exploit DB Packet Storm

228176	4.3	警告	phprisk	-	NetRisk の index.php におけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2008-0186	2012-12-20 18:34	2008-01-9	Show	GitHub Exploit DB Packet Storm

228177	6.4	警告	prenotazioni on line	-	Line System 上で稼動している Sys-Hotel における絶対パストラバーサルの脆弱性	CWE-22 パス・トラバーサル	CVE-2008-0184	2012-12-20 18:34	2008-01-9	Show	GitHub Exploit DB Packet Storm

228178	4.3	警告	Plone Foundation	-	Plone CMS におけるクロスサイトリクエストフォージェリの脆弱性	CWE-352 同一生成元ポリシー違反	CVE-2008-0164	2012-12-20 18:34	2008-03-14	Show	GitHub Exploit DB Packet Storm

228179	7.2	危険	sam lantinga	-	splitvt の misc.c における権限を取得される脆弱性	CWE-264 認可・権限・アクセス制御	CVE-2008-0162	2012-12-20 18:34	2008-02-21	Show	GitHub Exploit DB Packet Storm

228180	5	警告	shop-script	-	Shop-Script の index.php におけるディレクトリトラバーサルの脆弱性	CWE-22 パス・トラバーサル	CVE-2008-0158	2012-12-20 18:34	2008-01-8	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:May 10, 2026, 4:58 a.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
221931	6.5	MEDIUM Network	axiosys	bento4	Bento4 1.5.1.0 has a NULL pointer dereference in AP4_DescriptorListWriter::Action in Core/Ap4Descriptor.h, related to AP4_IodsAtom::WriteFields in Core/Ap4IodsAtom.cpp, as demonstrated by mp4encrypt …	CWE-476 NULL Pointer Dereference	CVE-2019-17453	2024-11-21 13:32	2019-10-11	Show	GitHub Exploit DB Packet Storm

221932	6.5	MEDIUM Network	axiosys	bento4	Bento4 1.5.1.0 has a NULL pointer dereference in AP4_DescriptorListInspector::Action in Core/Ap4Descriptor.h, related to AP4_IodsAtom::InspectFields in Core/Ap4IodsAtom.cpp, as demonstrated by mp4dum…	CWE-476 NULL Pointer Dereference	CVE-2019-17452	2024-11-21 13:32	2019-10-11	Show	GitHub Exploit DB Packet Storm

221933	6.5	MEDIUM Network	gnu opensuse canonical	binutils leap ubuntu_linux	An issue was discovered in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.32. It is an integer overflow leading to a SEGV in _bfd_dwarf2_find_nearest_line in …	CWE-190 Integer Overflow or Wraparound	CVE-2019-17451	2024-11-21 13:32	2019-10-11	Show	GitHub Exploit DB Packet Storm

221934	6.5	MEDIUM Network	gnu opensuse canonical	binutils leap ubuntu_linux	find_abstract_instance in dwarf2.c in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.32, allows remote attackers to cause a denial of service (infinite recurs…	CWE-674 Uncontrolled Recursion	CVE-2019-17450	2024-11-21 13:32	2019-10-11	Show	GitHub Exploit DB Packet Storm

221935	6.7	MEDIUM Local	avira	software_updater	Avira Software Updater before 2.0.6.21094 allows a DLL side-loading attack. NOTE: The vendor thinks that this vulnerability is invalid because exploiting it would require at least administrator privi…	CWE-426 Untrusted Search Path	CVE-2019-17449	2024-11-21 13:32	2019-10-11	Show	GitHub Exploit DB Packet Storm

221936	9.8	CRITICAL Network	netsarang	xftp	NetSarang XFTP Client 6.0149 and earlier version contains a buffer overflow vulnerability caused by improper boundary checks when copying file name from an attacker controlled FTP server. That leads …	CWE-120 Classic Buffer Overflow	CVE-2019-17320	2024-11-21 13:32	2019-10-11	Show	GitHub Exploit DB Packet Storm

221937	5.4	MEDIUM Network	lavalite	lavalite	LavaLite through 5.7 has XSS via a crafted account name that is mishandled on the Manage Clients screen.	CWE-79 Cross-site Scripting	CVE-2019-17434	2024-11-21 13:32	2019-10-10	Show	GitHub Exploit DB Packet Storm

221938	4.8	MEDIUM Network	laravel-admin	laravel-admin	z-song laravel-admin 1.7.3 has XSS via the Slug or Name on the Roles screen, because of mishandling on the "Operation log" screen.	CWE-79 Cross-site Scripting	CVE-2019-17433	2024-11-21 13:32	2019-10-10	Show	GitHub Exploit DB Packet Storm

221939	6.5	MEDIUM Network	fastadmin	fastadmin	An issue was discovered in fastadmin 1.0.0.20190705_beta. There is a public/admin/general.config/edit CSRF vulnerability, as demonstrated by resultant XSS via the row[name] parameter.	CWE-352 CWE-79 Origin Validation Error Cross-site Scripting	CVE-2019-17432	2024-11-21 13:32	2019-10-10	Show	GitHub Exploit DB Packet Storm

221940	8.8	HIGH Network	fastadmin	fastadmin	An issue was discovered in fastadmin 1.0.0.20190705_beta. There is a public/index.php/admin/auth/admin/add CSRF vulnerability.	CWE-352 Origin Validation Error	CVE-2019-17431	2024-11-21 13:32	2019-10-10	Show	GitHub Exploit DB Packet Storm

Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed