Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":May 11, 2026, 6:01 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
228581 7.2 危険 sam lantinga - splitvt の misc.c における権限を取得される脆弱性 CWE-264
認可・権限・アクセス制御 		CVE-2008-0162 2012-12-20 18:34 2008-02-21 Show GitHub Exploit DB Packet Storm
228582 5 警告 shop-script - Shop-Script の index.php におけるディレクトリトラバーサルの脆弱性 CWE-22
パス・トラバーサル 		CVE-2008-0158 2012-12-20 18:34 2008-01-8 Show GitHub Exploit DB Packet Storm
228583 5 警告 pragma systems - Pragma TelnetServer の telnetd.exe におけるサービス運用妨害 (DoS) の脆弱性 CWE-399
リソース管理の問題 		CVE-2008-0153 2012-12-20 18:34 2008-01-8 Show GitHub Exploit DB Packet Storm
228584 4.3 警告 seattle lab software - SLnet.exe の SeattleLab SLNet RF Telnet Server におけるサービス運用妨害 (DoS) の脆弱性 CWE-119
バッファエラー 		CVE-2008-0152 2012-12-20 18:34 2008-01-8 Show GitHub Exploit DB Packet Storm
228585 5 警告 tutos - TUTOS におけるシステム情報を読み取られる脆弱性 CWE-DesignError
CVE-2008-0149 2012-12-20 18:34 2008-01-8 Show GitHub Exploit DB Packet Storm
228586 10 危険 tutos - TUTOS における任意のシェルコマンドを実行される脆弱性 CWE-264
認可・権限・アクセス制御 		CVE-2008-0148 2012-12-20 18:34 2008-01-8 Show GitHub Exploit DB Packet Storm
228587 6.8 警告 smallnuke - SmallNuke の index.php における SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2008-0147 2012-12-20 18:34 2008-01-8 Show GitHub Exploit DB Packet Storm
228588 7.5 危険 phprisk - NetRisk の index.php における PHP リモートファイルインクルージョンの脆弱性 CWE-89
SQLインジェクション 		CVE-2008-0144 2012-12-20 18:34 2008-01-8 Show GitHub Exploit DB Packet Storm
228589 7.5 危険 spacial audio solutions - samPHPweb の common/db.php における PHP リモートファイルインクルージョンの脆弱性 CWE-94
コード・インジェクション 		CVE-2008-0143 2012-12-20 18:34 2008-01-8 Show GitHub Exploit DB Packet Storm
228590 9.3 危険 ZyXEL - ZyXEL P-330W ルータの Web 管理インターフェースにおけるクロスサイトリクエストフォージェリの脆弱性 CWE-352
同一生成元ポリシー違反 		CVE-2007-6730 2012-12-20 18:34 2009-09-10 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:May 12, 2026, 5:06 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
221941 5.3 MEDIUM
Network 		apache rocketmq In Apache RocketMQ 4.2.0 to 4.6.0, when the automatic topic creation in the broker is turned on by default, an evil topic like “../../../../topic2020” is sent from rocketmq-client to the broker, a to… CWE-22
Path Traversal 		CVE-2019-17572 2024-11-21 13:32 2020-05-15 Show GitHub Exploit DB Packet Storm
221942 9.8 CRITICAL
Network 		apache cloudstack A buffer overflow vulnerability has been found in the baremetal component of Apache CloudStack. This applies to all versions prior to 4.13.1. The vulnerability is due to the lack of validation of the… CWE-119
Incorrect Access of Indexable Resource ('Range Error')  		CVE-2019-17562 2024-11-21 13:32 2020-05-15 Show GitHub Exploit DB Packet Storm
221943 5.4 MEDIUM
Network 		apache syncope It was found that the Apache Syncope EndUser UI login page prio to 2.0.15 and 2.1.6 reflects the successMessage parameters. By this mean, a user accessing the Enduser UI could execute javascript code… CWE-79
Cross-site Scripting 		CVE-2019-17557 2024-11-21 13:32 2020-05-4 Show GitHub Exploit DB Packet Storm
221944 5.4 MEDIUM
Network 		eleveo call_recording ZOOM International Call Recording 6.3.1 suffers from multiple authenticated stored XSS vulnerabilities via the phoneNumber field in the (1) User Edit or (2) User Add form, (3) name field in the Role … CWE-79
Cross-site Scripting 		CVE-2019-18223 2024-11-21 13:32 2020-04-27 Show GitHub Exploit DB Packet Storm
221945 8.8 HIGH
Network 		dlink dir-615_firmware The login page on D-Link DIR-615 T1 20.10 devices allows remote attackers to bypass the CAPTCHA protection mechanism and conduct brute-force attacks. CWE-307
mproper Restriction of Excessive Authentication Attempts 		CVE-2019-17525 2024-11-21 13:32 2020-04-22 Show GitHub Exploit DB Packet Storm
221946 7.5 HIGH
Network 		fortinet fortiap-w2
fortiap-s
fortiswitch
fortianalyzer
fortimanager 		An Uncontrolled Resource Consumption vulnerability in Fortinet FortiSwitch below 3.6.11, 6.0.6 and 6.2.2, FortiAnalyzer below 6.2.3, FortiManager below 6.2.3 and FortiAP-S/W2 below 6.2.2 may allow an… CWE-400
 Uncontrolled Resource Consumption 		CVE-2019-17657 2024-11-21 13:32 2020-04-8 Show GitHub Exploit DB Packet Storm
221947 9.8 CRITICAL
Network 		apache dubbo Unsafe deserialization occurs within a Dubbo application which has HTTP remoting enabled. An attacker may submit a POST request with a Java object in it to completely compromise a Provider instance o… CWE-502
 Deserialization of Untrusted Data 		CVE-2019-17564 2024-11-21 13:32 2020-04-2 Show GitHub Exploit DB Packet Storm
221948 7.5 HIGH
Network 		apache
oracle 		netbeans
graalvm 		The "Apache NetBeans" autoupdate system does not fully validate code signatures. An attacker could modify the downloaded nbm and include additional code. "Apache NetBeans" versions up to and includin… CWE-347
 Improper Verification of Cryptographic Signature 		CVE-2019-17561 2024-11-21 13:32 2020-03-31 Show GitHub Exploit DB Packet Storm
221949 9.1 CRITICAL
Network 		apache
oracle 		netbeans
graalvm 		The "Apache NetBeans" autoupdate system does not validate SSL certificates and hostnames for https based downloads. This allows an attacker to intercept downloads of autoupdates and modify the downlo… CWE-295
Improper Certificate Validation  		CVE-2019-17560 2024-11-21 13:32 2020-03-31 Show GitHub Exploit DB Packet Storm
221950 5.4 MEDIUM
Network 		netapp oncommand_system_manager OnCommand System Manager versions 9.3 prior to 9.3P18 and 9.4 prior to 9.4P2 are susceptible to a cross site scripting vulnerability that could allow an authenticated attacker to inject arbitrary scr… CWE-79
Cross-site Scripting 		CVE-2019-17276 2024-11-21 13:32 2020-03-25 Show GitHub Exploit DB Packet Storm