Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":May 18, 2026, 6 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
228821 7.5 危険 rfaah - Cars & Vehicle の page.php における SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2008-4172 2012-12-20 18:52 2008-09-22 Show GitHub Exploit DB Packet Storm
228822 4.3 警告 pro2col - Pro2col Stingray FTS の verify_login.jsp におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2008-4168 2012-12-20 18:52 2008-09-22 Show GitHub Exploit DB Packet Storm
228823 7.5 危険 zanfi solutions - Zanfi CMS lite および Jaw Portal の index.php における SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2008-4159 2012-12-20 18:52 2008-09-22 Show GitHub Exploit DB Packet Storm
228824 6.8 警告 zanfi solutions - Zanfi CMS lite の index.php におけるディレクトリトラバーサルの脆弱性 CWE-22
パス・トラバーサル 		CVE-2008-4158 2012-12-20 18:52 2008-09-22 Show GitHub Exploit DB Packet Storm
228825 7.5 危険 Vastal I-Tech & Co. - Vastal I-Tech phpVID の groups.php における SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2008-4157 2012-12-20 18:52 2008-09-22 Show GitHub Exploit DB Packet Storm
228826 7.5 危険 razorecommerce - RazorCommerce Shopping Cart の category_search.php における SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2008-4143 2012-12-20 18:52 2008-09-24 Show GitHub Exploit DB Packet Storm
228827 7.5 危険 x10media - x10Media x10 Automatic MP3 Script における PHP リモートファイルインクルージョンの脆弱性 CWE-94
コード・インジェクション 		CVE-2008-4141 2012-12-20 18:52 2008-09-24 Show GitHub Exploit DB Packet Storm
228828 10 危険 technote - Technote の skin_shop/standard/3_plugin_twindow/twindow_notice.php における PHP リモートファイルインクルージョンの脆弱性 CWE-94
コード・インジェクション 		CVE-2008-4138 2012-12-20 18:52 2008-09-24 Show GitHub Exploit DB Packet Storm
228829 7.8 危険 s60 - Nokia E90 Communicator および Nseries N82 上で稼動している Symbian OS におけるサービス運用妨害 (DoS) の脆弱性 CWE-399
リソース管理の問題 		CVE-2008-4135 2012-12-20 18:52 2008-09-19 Show GitHub Exploit DB Packet Storm
228830 7.5 危険 phprealty - phpRealty の manager/static/view.php における PHP リモートファイルインクルージョンの脆弱性 CWE-94
コード・インジェクション 		CVE-2008-4134 2012-12-20 18:52 2008-09-19 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:May 19, 2026, 4:16 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
225001 5.3 MEDIUM
Network 		gitlab gitlab An IDOR was discovered in < 12.3.2, < 12.2.6, and < 12.1.12 for GitLab Community Edition (CE) and Enterprise Edition (EE) that allowed a maintainer to add any private group to a protected environment. CWE-639
 Authorization Bypass Through User-Controlled Key 		CVE-2019-15582 2024-11-21 13:29 2020-01-28 Show GitHub Exploit DB Packet Storm
225002 5.3 MEDIUM
Network 		gitlab gitlab An IDOR exists in < 12.3.2, < 12.2.6, and < 12.1.12 for GitLab Community Edition (CE) and Enterprise Edition (EE) that allowed a project owner or maintainer to see the members of any private group vi… CWE-639
 Authorization Bypass Through User-Controlled Key 		CVE-2019-15581 2024-11-21 13:29 2020-01-28 Show GitHub Exploit DB Packet Storm
225003 5.3 MEDIUM
Network 		gitlab gitlab An information disclosure exists in < 12.3.2, < 12.2.6, and < 12.1.12 for GitLab Community Edition (CE) and Enterprise Edition (EE) where the assignee(s) of a confidential issue in a private project … NVD-CWE-noinfo
CVE-2019-15579 2024-11-21 13:29 2020-01-28 Show GitHub Exploit DB Packet Storm
225004 5.3 MEDIUM
Network 		gitlab gitlab An information disclosure exists in < 12.3.2, < 12.2.6, and < 12.1.12 for GitLab Community Edition (CE) and Enterprise Edition (EE). The path of a private project, that used to be public, would be di… CWE-200
Information Exposure 		CVE-2019-15578 2024-11-21 13:29 2020-01-28 Show GitHub Exploit DB Packet Storm
225005 9.1 CRITICAL
Network 		cisco smart_software_manager_on-prem A vulnerability in the application programming interface (API) of Cisco Smart Software Manager On-Prem could allow an unauthenticated, remote attacker to change user account information which can pre… CWE-20
 Improper Input Validation  		CVE-2019-16029 2024-11-21 13:29 2020-01-26 Show GitHub Exploit DB Packet Storm
225006 6.5 MEDIUM
Network 		cisco ios_xr A vulnerability in the implementation of the Intermediate System&ndash;to&ndash;Intermediate System (IS&ndash;IS) routing protocol functionality in Cisco IOS XR Software could allow an authenticated,… CWE-20
 Improper Input Validation  		CVE-2019-16027 2024-11-21 13:29 2020-01-26 Show GitHub Exploit DB Packet Storm
225007 5.9 MEDIUM
Network 		cisco staros A vulnerability in the implementation of the Stream Control Transmission Protocol (SCTP) on Cisco Mobility Management Entity (MME) could allow an unauthenticated, remote attacker to cause a denial of… CWE-20
 Improper Input Validation  		CVE-2019-16026 2024-11-21 13:29 2020-01-26 Show GitHub Exploit DB Packet Storm
225008 6.1 MEDIUM
Network 		cisco crosswork_change_automation
crosswork_network_automation 		A vulnerability in the web-based management interface of Cisco Crosswork Change Automation could allow an unauthenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a use… CWE-79
Cross-site Scripting 		CVE-2019-16024 2024-11-21 13:29 2020-01-26 Show GitHub Exploit DB Packet Storm
225009 8.6 HIGH
Network 		cisco ios_xr Multiple vulnerabilities in the implementation of Border Gateway Protocol (BGP) Ethernet VPN (EVPN) functionality in Cisco IOS XR Software could allow an unauthenticated, remote attacker to cause a d… CWE-400
 Uncontrolled Resource Consumption 		CVE-2019-16022 2024-11-21 13:29 2020-01-26 Show GitHub Exploit DB Packet Storm
225010 8.6 HIGH
Network 		cisco ios_xr Multiple vulnerabilities in the implementation of Border Gateway Protocol (BGP) Ethernet VPN (EVPN) functionality in Cisco IOS XR Software could allow an unauthenticated, remote attacker to cause a d… CWE-400
 Uncontrolled Resource Consumption 		CVE-2019-16020 2024-11-21 13:29 2020-01-26 Show GitHub Exploit DB Packet Storm