Vulnerability Search Top

Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

Vulnerability Information Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":May 31, 2026, 2 p.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
228911	7.8	危険	Rhino Software	-	Rhino Software Serv-U File Server の FTP サーバにおけるディレクトリトラバーサルの脆弱性	CWE-22 パス・トラバーサル	CVE-2009-1031	2012-12-20 19:10	2009-03-19	Show	GitHub Exploit DB Packet Storm

228912	9.3	危険	poppeeper	-	POP Peeper におけるスタックベースのバッファオーバーフローの脆弱性	CWE-119 バッファエラー	CVE-2009-1029	2012-12-20 19:10	2009-03-19	Show	GitHub Exploit DB Packet Storm

228913	7.5	危険	phpComasy	-	phpComasy の index.php における SQL インジェクションの脆弱性	CWE-89 SQLインジェクション	CVE-2009-1023	2012-12-20 19:10	2009-03-19	Show	GitHub Exploit DB Packet Storm

228914	6.8	警告	phpprobid	-	PHP Pro Bid の includes/class_image.php における PHP リモートファイルインクルージョンの脆弱性	CWE-94 コード・インジェクション	CVE-2009-0970	2012-12-20 19:10	2009-03-19	Show	GitHub Exploit DB Packet Storm

228915	6.8	警告	Moxi9	-	phpFoX の account/settings/account/index.php におけるクロスサイトリクエストフォージェリの脆弱性	CWE-352 同一生成元ポリシー違反	CVE-2009-0969	2012-12-20 19:10	2009-03-19	Show	GitHub Exploit DB Packet Storm

228916	4	警告	Rhino Software	-	Serv-U の FTP サーバにおけるサービス運用妨害 (DoS) の脆弱性	CWE-399 リソース管理の問題	CVE-2009-0967	2012-12-20 19:10	2009-03-19	Show	GitHub Exploit DB Packet Storm

228917	7.5	危険	YABSoft	-	YABSoft Mega File Hosting の cross.php における PHP リモートファイルインクルージョンの脆弱性	CWE-94 コード・インジェクション	CVE-2009-0966	2012-12-20 19:10	2009-03-19	Show	GitHub Exploit DB Packet Storm

228918	5	警告	xlinesoft	-	PHPRunner の UserView_list.php における権限を取得される脆弱性	CWE-255 証明書・パスワード管理	CVE-2009-0964	2012-12-20 19:10	2009-03-19	Show	GitHub Exploit DB Packet Storm

228919	7.5	危険	xlinesoft	-	PHPRunner における SQL インジェクションの脆弱性	CWE-89 SQLインジェクション	CVE-2009-0963	2012-12-20 19:10	2009-03-19	Show	GitHub Exploit DB Packet Storm

228920	10	危険	The Tor Project	-	Tor における脆弱性	CWE-noinfo 情報不足	CVE-2009-0939	2012-12-20 19:10	2009-03-17	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:May 31, 2026, 4:16 a.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
225491	5.4	MEDIUM Network	pandorafms	pandora_fms	PandoraFMS 742 suffers from multiple XSS vulnerabilities, affecting the Agent Management, Report Builder, and Graph Builder components. An authenticated user can inject dangerous content into a data …	CWE-79 Cross-site Scripting	CVE-2019-19968	2024-11-21 13:35	2020-02-5	Show	GitHub Exploit DB Packet Storm

225492	8.8	HIGH Network	totolink	a3002ru_firmware a702r_firmware n301rt_firmware n302r_firmware n300rt_firmware n200re_firmware n150rt_firmware n100re_firmware	On certain TOTOLINK Realtek SDK based routers, an authenticated attacker may execute arbitrary OS commands via the sysCmd parameter to the boafrm/formSysCmd URI, even if the GUI (syscmd.htm) is not a…	CWE-78 OS Command	CVE-2019-19824	2024-11-21 13:35	2020-01-28	Show	GitHub Exploit DB Packet Storm

225493	7.5	HIGH Network	totolink realtek sapido ciktel kctvjeju fg-products hiwifi tbroad coship iodata hcn_max-c300n_project	a3002ru_firmware a702r_firmware n302r_firmware n300rt_firmware n200re_firmware n150rt_firmware n100re_firmware rtk_11n_ap_firmware gr297n_firmware mesh_router_firmware w…	A certain router administration interface (that includes Realtek APMIB 0.11f for Boa 0.94.14rc21) stores cleartext administrative passwords in flash memory and in a file. This affects TOTOLINK A3002R…	CWE-522 Insufficiently Protected Credentials	CVE-2019-19823	2024-11-21 13:35	2020-01-28	Show	GitHub Exploit DB Packet Storm

225494	7.5	HIGH Network	totolink realtek sapido ciktel kctvjeju fg-products hiwifi tbroad coship iodata hcn_max-c300n_project	a3002ru_firmware a702r_firmware n302r_firmware n300rt_firmware n200re_firmware n150rt_firmware n100re_firmware rtk_11n_ap_firmware gr297n_firmware mesh_router_firmware w…	A certain router administration interface (that includes Realtek APMIB 0.11f for Boa 0.94.14rc21) allows remote attackers to retrieve the configuration, including sensitive data (usernames and passwo…	CWE-306 Missing Authentication for Critical Function	CVE-2019-19822	2024-11-21 13:35	2020-01-28	Show	GitHub Exploit DB Packet Storm

225495	9.8	CRITICAL Network	totolink	a3002ru_firmware a702r_firmware n301rt_firmware n302r_firmware n300rt_firmware n200re_firmware n150rt_firmware n100re_firmware	On certain TOTOLINK Realtek SDK based routers, the CAPTCHA text can be retrieved via an {"topicurl":"setting/getSanvas"} POST to the boafrm/formLogin URI, leading to a CAPTCHA bypass. (Also, the CAPT…	CWE-287 Improper Authentication	CVE-2019-19825	2024-11-21 13:35	2020-01-28	Show	GitHub Exploit DB Packet Storm

225496	8.8	HIGH Network	bigswitch	big_cloud_fabric big_monitoring_fabric multi-cloud_director	An issue was discovered in Big Switch Big Monitoring Fabric 6.2 through 6.2.4, 6.3 through 6.3.9, 7.0 through 7.0.3, and 7.1 through 7.1.3; Big Cloud Fabric 4.5 through 4.5.5, 4.7 through 4.7.7, 5.0 …	CWE-200 Information Exposure	CVE-2019-19631	2024-11-21 13:35	2020-01-25	Show	GitHub Exploit DB Packet Storm

225497	6.1	MEDIUM Network	bigswitch	big_cloud_fabric big_monitoring_fabric multi-cloud_director	An issue was discovered in Big Switch Big Monitoring Fabric 6.2 through 6.2.4, 6.3 through 6.3.9, 7.0 through 7.0.3, and 7.1 through 7.1.3; Big Cloud Fabric 4.5 through 4.5.5, 4.7 through 4.7.7, 5.0 …	CWE-79 Cross-site Scripting	CVE-2019-19632	2024-11-21 13:35	2020-01-25	Show	GitHub Exploit DB Packet Storm

225498	7.5	HIGH Network	ixpdata	easyinstall	In IXP EasyInstall 6.2.13723, there are cleartext credentials in network communication on TCP port 20050 when using the Administrator console remotely.	CWE-319 CWE-522 Cleartext Transmission of Sensitive Information Insufficiently Protected Credentials	CVE-2019-19898	2024-11-21 13:35	2020-01-24	Show	GitHub Exploit DB Packet Storm

225499	9.8	CRITICAL Network	ixpdata	easyinstall	In IXP EasyInstall 6.2.13723, there is Remote Code Execution via the Agent Service. An unauthenticated attacker can communicate with the Agent Service over TCP port 20051, and execute code in the NT …	CWE-78 OS Command	CVE-2019-19897	2024-11-21 13:35	2020-01-24	Show	GitHub Exploit DB Packet Storm

225500	9.9	CRITICAL Network	ixpdata	easyinstall	In IXP EasyInstall 6.2.13723, there is Remote Code Execution via weak permissions on the Engine Service share. The default file permissions of the IXP$ share on the server allows modification of dire…	CWE-276 Incorrect Default Permissions	CVE-2019-19896	2024-11-21 13:35	2020-01-24	Show	GitHub Exploit DB Packet Storm