Vulnerability Search Top

Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

Vulnerability Information Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":May 27, 2026, 6 p.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
228881	4.3	警告	XOOPS	-	XOOPS の pmlite.php におけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2008-6885	2012-12-20 19:10	2008-12-7	Show	GitHub Exploit DB Packet Storm

228882	6.8	警告	XOOPS	-	XOOPS におけるディレクトリトラバーサルの脆弱性	CWE-22 パス・トラバーサル	CVE-2008-6884	2012-12-20 19:10	2008-12-7	Show	GitHub Exploit DB Packet Storm

228883	4.3	警告	シマンテック	-	Symantec Altiris Deployment Solution における権限を取得される脆弱性	CWE-310 暗号の問題	CVE-2008-6828	2012-12-20 19:10	2008-10-20	Show	GitHub Exploit DB Packet Storm

228884	6.8	警告	シマンテック	-	Symantec Altiris Deployment Solution の ListView コントロールにおけるシステム権限を取得される脆弱性	CWE-264 認可・権限・アクセス制御	CVE-2008-6827	2012-12-20 19:10	2008-10-20	Show	GitHub Exploit DB Packet Storm

228885	7.5	危険	surat kabar	-	phpWebNews の index.php における SQL インジェクションの脆弱性	CWE-89 SQLインジェクション	CVE-2008-6813	2012-12-20 19:10	2009-05-22	Show	GitHub Exploit DB Packet Storm

228886	7.5	危険	surat kabar	-	phpWebNews の bukutamu.php における SQL インジェクションの脆弱性	CWE-89 SQLインジェクション	CVE-2008-6812	2012-12-20 19:10	2009-05-22	Show	GitHub Exploit DB Packet Storm

228887	7.5	危険	scripts-for-sites	-	SFS EZ Link Directory の links.php における SQL インジェクションの脆弱性	CWE-89 SQLインジェクション	CVE-2008-6808	2012-12-20 19:10	2009-05-12	Show	GitHub Exploit DB Packet Storm

228888	7.5	危険	yigit aybuga	-	Yigit Aybuga Dizi Portali の diziler.asp における SQL インジェクションの脆弱性	CWE-89 SQLインジェクション	CVE-2008-6803	2012-12-20 19:10	2009-05-11	Show	GitHub Exploit DB Packet Storm

228889	7.5	危険	phpexplorer	-	phPhotoGallery の index.php における SQL インジェクションの脆弱性	CWE-89 SQLインジェクション	CVE-2008-6802	2012-12-20 19:10	2009-05-7	Show	GitHub Exploit DB Packet Storm

228890	4.4	警告	vivvo	-	Vivvo CMS におけるクロスサイトリクエストフォージェリの脆弱性	CWE-352 同一生成元ポリシー違反	CVE-2008-6801	2012-12-20 19:10	2009-05-7	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:May 28, 2026, 4:16 a.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
221061	3.7	LOW Network	haxx	curl	An integer overflow in curl's URL API results in a buffer overflow in libcurl 7.62.0 to and including 7.64.1.	CWE-190 Integer Overflow or Wraparound	CVE-2019-5435	2024-11-21 13:44	2019-05-29	Show	GitHub Exploit DB Packet Storm

221062	5.3	MEDIUM Network	harpjs	harp	Path traversal using symlink in npm harp module versions <= 0.29.0.	CWE-59 Link Following	CVE-2019-5438	2024-11-21 13:44	2019-05-11	Show	GitHub Exploit DB Packet Storm

221063	5.3	MEDIUM Network	harpjs	harp	Information exposure through the directory listing in npm's harp module allows to access files that are supposed to be ignored according to the harp server rules.Vulnerable versions are <= 0.29.0 and…	CWE-200 Information Exposure	CVE-2019-5437	2024-11-21 13:44	2019-05-11	Show	GitHub Exploit DB Packet Storm

221064	8.1	HIGH Network	sqlite canonical	sqlite ubuntu_linux	An exploitable use after free vulnerability exists in the window function functionality of Sqlite3 3.26.0. A specially crafted SQL command can cause a use after free vulnerability, potentially result…	CWE-416 Use After Free	CVE-2019-5018	2024-11-21 13:44	2019-05-11	Show	GitHub Exploit DB Packet Storm

221065	9.8	CRITICAL Network	gliderlabs opensuse f5	docker-alpine leap big-ip_controller	Versions of the Official Alpine Linux Docker images (since v3.3) contain a NULL password for the `root` user. This vulnerability appears to be the result of a regression introduced in December of 201…	NVD-CWE-Other	CVE-2019-5021	2024-11-21 13:44	2019-05-9	Show	GitHub Exploit DB Packet Storm

221066	6.5	MEDIUM Adjacent	wincofireworks	fw-1007_firmware	An exploitable improper access control vulnerability exists in the bluetooth low energy functionality of Winco Fireworks FireFly FW-1007 V2.0. An attacker can connect to the device to trigger this vu…	CWE-306 Missing Authentication for Critical Function	CVE-2019-5014	2024-11-21 13:44	2019-05-9	Show	GitHub Exploit DB Packet Storm

221067	5.4	MEDIUM Network	revive-adserver	revive_adserver	A user having access to the UI of a Revive Adserver instance could be tricked into clicking on a specifically crafted admin account-switch.php URL that would eventually lead them to another (unsafe) …	CWE-601 Open Redirect	CVE-2019-5433	2024-11-21 13:44	2019-05-7	Show	GitHub Exploit DB Packet Storm

221068	7.5	HIGH Network	mqtt-packet_project	mqtt-packet	A specifically malformed MQTT Subscribe packet crashes MQTT Brokers using the mqtt-packet module versions < 3.5.1, 4.0.0 - 4.1.3, 5.0.0 - 5.6.1, 6.0.0 - 6.1.2 for decoding.	CWE-125 Out-of-bounds Read	CVE-2019-5432	2024-11-21 13:44	2019-05-7	Show	GitHub Exploit DB Packet Storm

221069	8.8	HIGH Network	ui	unifi_video	In UniFi Video 3.10.0 and prior, due to the lack of CSRF protection, it is possible to abuse the Web API to make changes on the server configuration without the user consent, requiring the attacker t…	CWE-352 Origin Validation Error	CVE-2019-5430	2024-11-21 13:44	2019-05-7	Show	GitHub Exploit DB Packet Storm

221070	9.8	CRITICAL Network	revive-sas	revive_adserver	An attacker could send a specifically crafted payload to the XML-RPC invocation script and trigger the unserialize() call on the "what" parameter in the "openads.spc" RPC method. Such vulnerability c…	CWE-502 Deserialization of Untrusted Data	CVE-2019-5434	2024-11-21 13:44	2019-05-7	Show	GitHub Exploit DB Packet Storm