Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":May 13, 2026, 10 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
228431 6.8 警告 sitebuilder - SiteBuilder Elite における PHP リモートファイルインクルージョンの脆弱性 CWE-94
コード・インジェクション 		CVE-2008-1123 2012-12-20 18:34 2008-03-3 Show GitHub Exploit DB Packet Storm
228432 9.3 危険 rising antivirus international - Rising Antivirus Online Scanner の Web Scan Object ActiveX コントロール における任意のコードを強制的にダウンロードされる脆弱性 CWE-DesignError
CVE-2008-1116 2012-12-20 18:34 2008-03-3 Show GitHub Exploit DB Packet Storm
228433 7.8 危険 Vocera - Cisco Unified Wireless IP Phone 7921 におけるハッシュされたパスワードを盗まれる脆弱性 CWE-200
情報漏えい 		CVE-2008-1113 2012-12-20 18:34 2008-03-3 Show GitHub Exploit DB Packet Storm
228434 6.8 警告 Xine - xine-lib の xineplug_dmx_asf.so プラグイン におけるバッファオーバーフローの脆弱性 CWE-119
バッファエラー 		CVE-2008-1110 2012-12-20 18:34 2008-02-29 Show GitHub Exploit DB Packet Storm
228435 6.8 警告 quantum game library - Quantum Game Library における PHP リモートファイルインクルージョンの脆弱性 CWE-94
コード・インジェクション 		CVE-2008-1069 2012-12-20 18:34 2008-02-28 Show GitHub Exploit DB Packet Storm
228436 6.8 警告 portail web php - Portail Web Php における PHP リモートファイルインクルージョンの脆弱性 CWE-94
コード・インジェクション 		CVE-2008-1068 2012-12-20 18:34 2008-02-28 Show GitHub Exploit DB Packet Storm
228437 6.8 警告 phpqladmin - phpQLAdmin における PHP リモートファイルインクルージョンの脆弱性 CWE-94
コード・インジェクション 		CVE-2008-1067 2012-12-20 18:34 2008-02-28 Show GitHub Exploit DB Packet Storm
228438 7.5 危険 Smarty - S9Y などの製品で使用される Smarty における任意の PHP 関数を呼び出される脆弱性 CWE-20
不適切な入力確認 		CVE-2008-1066 2012-12-20 18:34 2008-02-28 Show GitHub Exploit DB Packet Storm
228439 4.3 警告 WordPress.org - WordPress 用の Sniplets プラグインにおけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2008-1061 2012-12-20 18:34 2008-02-28 Show GitHub Exploit DB Packet Storm
228440 7.5 危険 WordPress.org - WordPress 用の Sniplets プラグインにおける任意の PHP コードを実行される脆弱性 CWE-94
コード・インジェクション 		CVE-2008-1060 2012-12-20 18:34 2008-02-28 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:May 13, 2026, 5:05 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
221761 7.0 HIGH
Local 		redhat openshift An insecure modification vulnerability in the /etc/passwd file was found in the container openshift/mariadb-apb, affecting versions before the following 4.3.5, 4.2.21, 4.1.37, and 3.11.188-4 . An att… CWE-269
 Improper Privilege Management 		CVE-2019-19346 2024-11-21 13:34 2020-04-3 Show GitHub Exploit DB Packet Storm
221762 7.5 HIGH
Network 		hitachienergy esoms ABB eSOMS versions 4.0 to 6.0.3 accept connections using medium strength ciphers. If a connection is enabled using such a cipher, an attacker might be able to eavesdrop and/or intercept the connectio… CWE-326
Inadequate Encryption Strength 		CVE-2019-19097 2024-11-21 13:34 2020-04-3 Show GitHub Exploit DB Packet Storm
221763 6.1 MEDIUM
Local 		hitachienergy esoms The Redis data structure component used in ABB eSOMS versions 6.0 to 6.0.2 stores credentials in clear text. If an attacker has file system access, this can potentially compromise the credentials' co… CWE-522
 Insufficiently Protected Credentials 		CVE-2019-19096 2024-11-21 13:34 2020-04-3 Show GitHub Exploit DB Packet Storm
221764 5.4 MEDIUM
Network 		hitachienergy esoms Lack of adequate input/output validation for ABB eSOMS versions 4.0 to 6.0.2 might allow an attacker to attack such as stored cross-site scripting by storing malicious content in the database. CWE-79
Cross-site Scripting 		CVE-2019-19095 2024-11-21 13:34 2020-04-3 Show GitHub Exploit DB Packet Storm
221765 7.6 HIGH
Network 		hitachienergy esoms Lack of input checks for SQL queries in ABB eSOMS versions 3.9 to 6.0.3 might allow an attacker SQL injection attacks against the backend database. CWE-89
SQL Injection 		CVE-2019-19094 2024-11-21 13:34 2020-04-3 Show GitHub Exploit DB Packet Storm
221766 6.5 MEDIUM
Network 		hitachienergy esoms eSOMS versions 4.0 to 6.0.3 do not enforce password complexity settings, potentially resulting in lower access security due to insecure user passwords. CWE-521
Weak Password Requirements  		CVE-2019-19093 2024-11-21 13:34 2020-04-3 Show GitHub Exploit DB Packet Storm
221767 3.5 LOW
Network 		hitachienergy esoms ABB eSOMS versions 4.0 to 6.0.3 use ASP.NET Viewstate without Message Authentication Code (MAC). Alterations to Viewstate might thus not be noticed. CWE-306
Missing Authentication for Critical Function 		CVE-2019-19092 2024-11-21 13:34 2020-04-3 Show GitHub Exploit DB Packet Storm
221768 4.3 MEDIUM
Network 		hitachienergy esoms For ABB eSOMS versions 4.0 to 6.0.3, HTTPS responses contain comments with sensitive information about the application. An attacker might use this detail information to specifically craft the attack. CWE-200
Information Exposure 		CVE-2019-19091 2024-11-21 13:34 2020-04-3 Show GitHub Exploit DB Packet Storm
221769 3.5 LOW
Network 		hitachienergy esoms For ABB eSOMS versions 4.0 to 6.0.2, the Secure Flag is not set in the HTTP response header. Unencrypted connections might access the cookie information, thus making it susceptible to eavesdropping. CWE-311
Missing Encryption of Sensitive Data 		CVE-2019-19090 2024-11-21 13:34 2020-04-3 Show GitHub Exploit DB Packet Storm
221770 6.1 MEDIUM
Network 		hitachienergy esoms For ABB eSOMS versions 4.0 to 6.0.3, the X-Content-Type-Options Header is missing in the HTTP response, potentially causing the response body to be interpreted and displayed as different content type… CWE-94
CWE-436
Code Injection
 Interpretation Conflict 		CVE-2019-19089 2024-11-21 13:34 2020-04-3 Show GitHub Exploit DB Packet Storm