Vulnerability Search Top

Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

Vulnerability Information Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":May 24, 2026, 6 p.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
228671	9.3	危険	SaschArt	-	SaschArt SasCam Webcam Server 用の ActiveX コントロールにおけるバッファオーバーフローの脆弱性	CWE-119 バッファエラー	CVE-2008-6898	2012-12-20 19:10	2009-08-5	Show	GitHub Exploit DB Packet Storm

228672	4.3	警告	PreProject.com	-	Pre Classified Listings の signup.asp におけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2008-6888	2012-12-20 19:10	2009-08-3	Show	GitHub Exploit DB Packet Storm

228673	7.5	危険	PreProject.com	-	Pre Classified Listings の detailad.asp における SQL インジェクションの脆弱性	CWE-89 SQLインジェクション	CVE-2008-6887	2012-12-20 19:10	2009-08-3	Show	GitHub Exploit DB Packet Storm

228674	5	警告	RSAセキュリティ	-	RSA EnVision における管理者のパスワードハッシュを取得される脆弱性	CWE-264 認可・権限・アクセス制御	CVE-2008-6886	2012-12-20 19:10	2009-08-3	Show	GitHub Exploit DB Packet Storm

228675	7.5	危険	scripts-for-sites	-	SFS EZ Career の content.php における SQL インジェクションの脆弱性	CWE-89 SQLインジェクション	CVE-2008-6867	2012-12-20 19:10	2009-07-14	Show	GitHub Exploit DB Packet Storm

228676	7.5	危険	PHPNUKE	-	PHP-Nuke 用の Current_Issue モジュールにおける SQL インジェクションの脆弱性	CWE-89 SQLインジェクション	CVE-2008-6866	2012-12-20 19:10	2009-07-14	Show	GitHub Exploit DB Packet Storm

228677	7.5	危険	PHPNUKE	-	PHP-Nuke 用の Sectionsnew モジュールにおける SQL インジェクションの脆弱性	CWE-89 SQLインジェクション	CVE-2008-6865	2012-12-20 19:10	2009-07-14	Show	GitHub Exploit DB Packet Storm

228678	7.5	危険	xigla	-	Xigla Software Absolute Live Support .NET における認証を回避される脆弱性	CWE-287 不適切な認証	CVE-2008-6864	2012-12-20 19:10	2009-07-14	Show	GitHub Exploit DB Packet Storm

228679	7.5	危険	xigla	-	Xigla Software Absolute Form Processor .NET における認証を回避される脆弱性	CWE-287 不適切な認証	CVE-2008-6863	2012-12-20 19:10	2009-07-14	Show	GitHub Exploit DB Packet Storm

228680	7.5	危険	xigla	-	Absolute Content Rotator における認証を回避される脆弱性	CWE-287 不適切な認証	CVE-2008-6862	2012-12-20 19:10	2009-07-14	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:May 24, 2026, 4:05 a.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
225481	6.5	MEDIUM Adjacent	w1.fi debian canonical	hostapd wpa_supplicant debian_linux ubuntu_linux	hostapd before 2.10 and wpa_supplicant before 2.10 allow an incorrect indication of disconnection in certain situations because source address validation is mishandled. This is a denial of service th…	CWE-346 Origin Validation Error	CVE-2019-16275	2024-11-21 13:30	2019-09-13	Show	GitHub Exploit DB Packet Storm

225482	6.1	MEDIUM Network	afterlogic	aurora	Afterlogic Aurora through 8.3.9-build-a3 has XSS that can be leveraged for session hijacking by retrieving the session cookie from the administrator login.	CWE-79 Cross-site Scripting	CVE-2019-16238	2024-11-21 13:30	2019-09-13	Show	GitHub Exploit DB Packet Storm

225483	9.1	CRITICAL Network	tripplite	pdumh15at_firmware	Tripp Lite PDUMH15AT 12.04.0053 devices allow unauthenticated POST requests to the /Forms/ directory, as demonstrated by changing the manager or admin password, or shutting off power to an outlet. NO…	CWE-287 Improper Authentication	CVE-2019-16261	2024-11-21 13:30	2019-09-13	Show	GitHub Exploit DB Packet Storm

225484	9.8	CRITICAL Network	motorola	motorola_firmware	Some Motorola devices include the SIMalliance Toolbox Browser (aka S@T Browser) on the UICC, which might allow remote attackers to retrieve location and IMEI information, or retrieve other data or ex…	NVD-CWE-noinfo	CVE-2019-16257	2024-11-21 13:30	2019-09-12	Show	GitHub Exploit DB Packet Storm

225485	9.8	CRITICAL Network	samsung	samsung_firmware	Some Samsung devices include the SIMalliance Toolbox Browser (aka S@T Browser) on the UICC, which might allow remote attackers to retrieve location and IMEI information, or retrieve other data or exe…	NVD-CWE-noinfo	CVE-2019-16256	2024-11-21 13:30	2019-09-12	Show	GitHub Exploit DB Packet Storm

225486	7.5	HIGH Network	oceanwp	ocean_extra	includes/wizard/wizard.php in the Ocean Extra plugin through 1.5.8 for WordPress allows unauthenticated options changes and injection of a Cascading Style Sheets (CSS) token sequence.	CWE-287 Improper Authentication	CVE-2019-16250	2024-11-21 13:30	2019-09-12	Show	GitHub Exploit DB Packet Storm

225487	5.3	MEDIUM Network	opencv	opencv	OpenCV 4.1.1 has an out-of-bounds read in hal_baseline::v_load in core/hal/intrin_sse.hpp when called from computeSSDMeanNorm in modules/video/src/dis_flow.cpp.	CWE-125 Out-of-bounds Read	CVE-2019-16249	2024-11-21 13:30	2019-09-12	Show	GitHub Exploit DB Packet Storm

225488	5.5	MEDIUM Local	telegram	telegram	The "delete for" feature in Telegram before 5.11 on Android does not delete shared media files from the Telegram Images directory. In other words, there is a potentially misleading UI indication that…	NVD-CWE-noinfo	CVE-2019-16248	2024-11-21 13:30	2019-09-12	Show	GitHub Exploit DB Packet Storm

225489	7.8	HIGH Local	deltaww	dcisoft	Delta DCISoft 1.21 has a User Mode Write AV starting at CommLib!CCommLib::SetSerializeData+0x000000000000001b.	NVD-CWE-noinfo	CVE-2019-16247	2024-11-21 13:30	2019-09-12	Show	GitHub Exploit DB Packet Storm

225490	7.5	HIGH Network	dino canonical fedoraproject debian	dino ubuntu_linux fedora debian_linux	Dino before 2019-09-10 does not properly check the source of an MAM message in module/xep/0313_message_archive_management.vala.	CWE-346 Origin Validation Error	CVE-2019-16237	2024-11-21 13:30	2019-09-12	Show	GitHub Exploit DB Packet Storm