Vulnerability Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":May 15, 2026, 6 p.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
229221	7.5	危険	WordPress.org	-	WordPress 用の Wp-FileManager プラグインにおける任意の PHP コードを実行される脆弱性	CWE-94 コード・インジェクション	CVE-2008-0222	2012-12-20 18:34	2008-01-10	Show	GitHub Exploit DB Packet Storm

229222	6.4	警告	uebimiau	-	Uebimiau Webmail における認証を回避される脆弱性	CWE-287 不適切な認証	CVE-2008-0210	2012-12-20 18:34	2008-01-9	Show	GitHub Exploit DB Packet Storm

229223	5.8	警告	snitz forums 2000	-	Snitz Forums 2000 の Forums/login.asp におけるオープンリダイレクトの脆弱性	CWE-20 不適切な入力確認	CVE-2008-0209	2012-12-20 18:34	2008-01-9	Show	GitHub Exploit DB Packet Storm

229224	4.3	警告	snitz forums 2000	-	Snitz Forums 2000 の login.asp におけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2008-0208	2012-12-20 18:34	2008-01-9	Show	GitHub Exploit DB Packet Storm

229225	4.3	警告	pro search	-	PRO-Search におけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2008-0207	2012-12-20 18:34	2008-01-9	Show	GitHub Exploit DB Packet Storm

229226	4.3	警告	WordPress.org	-	WordPress 用の Captcha! プラグインにおけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2008-0206	2012-12-20 18:34	2008-01-9	Show	GitHub Exploit DB Packet Storm

229227	4.3	警告	WordPress.org	-	WordPress 用の Math Comment Spam Protection プラグインにおけるクロスサイトリクエストフォージェリの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2008-0205	2012-12-20 18:34	2008-01-9	Show	GitHub Exploit DB Packet Storm

229228	4.3	警告	WordPress.org	-	WordPress 用の Math Comment Spam Protection プラグインにおけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2008-0204	2012-12-20 18:34	2008-01-9	Show	GitHub Exploit DB Packet Storm

229229	4.3	警告	WordPress.org	-	WordPress 用の Cryptographp プラグインにおけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2008-0203	2012-12-20 18:34	2008-01-9	Show	GitHub Exploit DB Packet Storm

229230	5	警告	pro search	-	PRO-Search におけるサービス運用妨害 (DoS) の脆弱性	CWE-20 不適切な入力確認	CVE-2008-0199	2012-12-20 18:34	2008-01-9	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:May 15, 2026, 4:28 a.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
224271	9.8	CRITICAL Network	motorola	motorola_firmware	Some Motorola devices include the SIMalliance Toolbox Browser (aka S@T Browser) on the UICC, which might allow remote attackers to retrieve location and IMEI information, or retrieve other data or ex…	NVD-CWE-noinfo	CVE-2019-16257	2024-11-21 13:30	2019-09-12	Show	GitHub Exploit DB Packet Storm

224272	9.8	CRITICAL Network	samsung	samsung_firmware	Some Samsung devices include the SIMalliance Toolbox Browser (aka S@T Browser) on the UICC, which might allow remote attackers to retrieve location and IMEI information, or retrieve other data or exe…	NVD-CWE-noinfo	CVE-2019-16256	2024-11-21 13:30	2019-09-12	Show	GitHub Exploit DB Packet Storm

224273	7.5	HIGH Network	oceanwp	ocean_extra	includes/wizard/wizard.php in the Ocean Extra plugin through 1.5.8 for WordPress allows unauthenticated options changes and injection of a Cascading Style Sheets (CSS) token sequence.	CWE-287 Improper Authentication	CVE-2019-16250	2024-11-21 13:30	2019-09-12	Show	GitHub Exploit DB Packet Storm

224274	5.3	MEDIUM Network	opencv	opencv	OpenCV 4.1.1 has an out-of-bounds read in hal_baseline::v_load in core/hal/intrin_sse.hpp when called from computeSSDMeanNorm in modules/video/src/dis_flow.cpp.	CWE-125 Out-of-bounds Read	CVE-2019-16249	2024-11-21 13:30	2019-09-12	Show	GitHub Exploit DB Packet Storm

224275	5.5	MEDIUM Local	telegram	telegram	The "delete for" feature in Telegram before 5.11 on Android does not delete shared media files from the Telegram Images directory. In other words, there is a potentially misleading UI indication that…	NVD-CWE-noinfo	CVE-2019-16248	2024-11-21 13:30	2019-09-12	Show	GitHub Exploit DB Packet Storm

224276	7.8	HIGH Local	deltaww	dcisoft	Delta DCISoft 1.21 has a User Mode Write AV starting at CommLib!CCommLib::SetSerializeData+0x000000000000001b.	NVD-CWE-noinfo	CVE-2019-16247	2024-11-21 13:30	2019-09-12	Show	GitHub Exploit DB Packet Storm

224277	7.5	HIGH Network	dino canonical fedoraproject debian	dino ubuntu_linux fedora debian_linux	Dino before 2019-09-10 does not properly check the source of an MAM message in module/xep/0313_message_archive_management.vala.	CWE-346 Origin Validation Error	CVE-2019-16237	2024-11-21 13:30	2019-09-12	Show	GitHub Exploit DB Packet Storm

224278	7.5	HIGH Network	dino canonical fedoraproject debian	dino ubuntu_linux fedora debian_linux	Dino before 2019-09-10 does not check roster push authorization in module/roster/module.vala.	CWE-862 Missing Authorization	CVE-2019-16236	2024-11-21 13:30	2019-09-12	Show	GitHub Exploit DB Packet Storm

224279	7.5	HIGH Network	dino canonical fedoraproject debian	dino ubuntu_linux fedora debian_linux	Dino before 2019-09-10 does not properly check the source of a carbons message in module/xep/0280_message_carbons.vala.	CWE-346 Origin Validation Error	CVE-2019-16235	2024-11-21 13:30	2019-09-12	Show	GitHub Exploit DB Packet Storm

224280	7.8	HIGH Local	msi	afterburner	The driver in Micro-Star MSI Afterburner 4.6.2.15658 (aka RTCore64.sys and RTCore32.sys) allows any authenticated user to read and write to arbitrary memory, I/O ports, and MSRs. This can be exploite…	CWE-125 CWE-787 Out-of-bounds Read Out-of-bounds Write	CVE-2019-16098	2024-11-21 13:30	2019-09-12	Show	GitHub Exploit DB Packet Storm

Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed