Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":May 24, 2026, 10 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
228701 4.3 警告 シマンテック - Symantec Altiris Deployment Solution における権限を取得される脆弱性 CWE-310
暗号の問題 		CVE-2008-6828 2012-12-20 19:10 2008-10-20 Show GitHub Exploit DB Packet Storm
228702 6.8 警告 シマンテック - Symantec Altiris Deployment Solution の ListView コントロールにおけるシステム権限を取得される脆弱性 CWE-264
認可・権限・アクセス制御 		CVE-2008-6827 2012-12-20 19:10 2008-10-20 Show GitHub Exploit DB Packet Storm
228703 7.5 危険 surat kabar - phpWebNews の index.php における SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2008-6813 2012-12-20 19:10 2009-05-22 Show GitHub Exploit DB Packet Storm
228704 7.5 危険 surat kabar - phpWebNews の bukutamu.php における SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2008-6812 2012-12-20 19:10 2009-05-22 Show GitHub Exploit DB Packet Storm
228705 7.5 危険 scripts-for-sites - SFS EZ Link Directory の links.php における SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2008-6808 2012-12-20 19:10 2009-05-12 Show GitHub Exploit DB Packet Storm
228706 7.5 危険 yigit aybuga - Yigit Aybuga Dizi Portali の diziler.asp における SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2008-6803 2012-12-20 19:10 2009-05-11 Show GitHub Exploit DB Packet Storm
228707 7.5 危険 phpexplorer - phPhotoGallery の index.php における SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2008-6802 2012-12-20 19:10 2009-05-7 Show GitHub Exploit DB Packet Storm
228708 4.4 警告 vivvo - Vivvo CMS におけるクロスサイトリクエストフォージェリの脆弱性 CWE-352
同一生成元ポリシー違反 		CVE-2008-6801 2012-12-20 19:10 2009-05-7 Show GitHub Exploit DB Packet Storm
228709 7.5 危険 tufat - FlashChat の connection.php におけるロールフィルタメカニズムを回避される脆弱性 CWE-264
認可・権限・アクセス制御 		CVE-2008-6799 2012-12-20 19:10 2009-05-7 Show GitHub Exploit DB Packet Storm
228710 7.5 危険 PreProject.com - Pre Projects Pre Real Estate Listings の login.php における SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2008-6798 2012-12-20 19:10 2009-05-7 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:May 24, 2026, 4:05 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
225431 5.4 MEDIUM
Network 		zulip zulip_server Zulip server before 2.0.5 incompletely validated the MIME types of uploaded files. A user who is logged into the server could upload files of certain types to mount a stored cross-site scripting atta… CWE-79
Cross-site Scripting 		CVE-2019-16216 2024-11-21 13:30 2019-09-18 Show GitHub Exploit DB Packet Storm
225432 6.5 MEDIUM
Network 		zulip zulip_server The Markdown parser in Zulip server before 2.0.5 used a regular expression vulnerable to exponential backtracking. A user who is logged into the server could send a crafted message causing the server… CWE-1333
 Inefficient Regular Expression Complexity 		CVE-2019-16215 2024-11-21 13:30 2019-09-18 Show GitHub Exploit DB Packet Storm
225433 7.8 HIGH
Local 		gnucobol_project gnucobol GnuCOBOL 2.2 has a use-after-free in the end_scope_of_program_name() function in cobc/parser.y via crafted COBOL source code. CWE-416
 Use After Free 		CVE-2019-16396 2024-11-21 13:30 2019-09-18 Show GitHub Exploit DB Packet Storm
225434 7.8 HIGH
Local 		gnucobol_project gnucobol GnuCOBOL 2.2 has a stack-based buffer overflow in the cb_name() function in cobc/tree.c via crafted COBOL source code. CWE-787
 Out-of-bounds Write 		CVE-2019-16395 2024-11-21 13:30 2019-09-18 Show GitHub Exploit DB Packet Storm
225435 5.3 MEDIUM
Network 		spip
debian
canonical 		spip
debian_linux
ubuntu_linux 		SPIP before 3.1.11 and 3.2 before 3.2.5 provides different error messages from the password-reminder page depending on whether an e-mail address exists, which might help attackers to enumerate subscr… CWE-203
 Information Exposure Through Discrepancy 		CVE-2019-16394 2024-11-21 13:30 2019-09-18 Show GitHub Exploit DB Packet Storm
225436 6.1 MEDIUM
Network 		spip
debian
canonical 		spip
debian_linux
ubuntu_linux 		SPIP before 3.1.11 and 3.2 before 3.2.5 mishandles redirect URLs in ecrire/inc/headers.php with a %0D, %0A, or %20 character. CWE-601
Open Redirect 		CVE-2019-16393 2024-11-21 13:30 2019-09-18 Show GitHub Exploit DB Packet Storm
225437 6.1 MEDIUM
Network 		spip
debian
canonical 		spip
debian_linux
ubuntu_linux 		SPIP before 3.1.11 and 3.2 before 3.2.5 allows prive/formulaires/login.php XSS via error messages. CWE-79
Cross-site Scripting 		CVE-2019-16392 2024-11-21 13:30 2019-09-18 Show GitHub Exploit DB Packet Storm
225438 6.5 MEDIUM
Network 		spip
debian
canonical 		spip
debian_linux
ubuntu_linux 		SPIP before 3.1.11 and 3.2 before 3.2.5 allows authenticated visitors to modify any published content and execute other modifications in the database. This is related to ecrire/inc/meta.php and ecrir… NVD-CWE-noinfo
CVE-2019-16391 2024-11-21 13:30 2019-09-18 Show GitHub Exploit DB Packet Storm
225439 9.8 CRITICAL
Network 		eq-3 homematic_ccu2_firmware
homematic_ccu3_firmware 		eQ-3 Homematic CCU2 before 2.47.18 and CCU3 before 3.47.18 allow Remote Code Execution by unauthenticated attackers with access to the web interface via an HTTP POST request to certain URLs related t… CWE-306
Missing Authentication for Critical Function 		CVE-2019-16199 2024-11-21 13:30 2019-09-18 Show GitHub Exploit DB Packet Storm
225440 9.8 CRITICAL
Network 		trusteddomain
debian
fedoraproject
canonical 		opendmarc
debian_linux
fedora
ubuntu_linux 		OpenDMARC through 1.3.2 and 1.4.x through 1.4.0-Beta1 is prone to a signature-bypass vulnerability with multiple From: addresses, which might affect applications that consider a domain name to be rel… CWE-290
 Authentication Bypass by Spoofing 		CVE-2019-16378 2024-11-21 13:30 2019-09-17 Show GitHub Exploit DB Packet Storm