Vulnerability Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":May 27, 2026, 6 p.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
229231	10	危険	sandbox	-	Sandbox の lib/jpgraph/jpgraph_errhandler.inc.php における PHP リモートファイルインクルージョンの脆弱性	CWE-94 コード・インジェクション	CVE-2008-5694	2012-12-20 19:10	2008-12-19	Show	GitHub Exploit DB Packet Storm

229232	6.5	警告	phparanoid	-	PHParanoid における脆弱性	CWE-264 認可・権限・アクセス制御	CVE-2008-5673	2012-12-20 19:10	2008-12-18	Show	GitHub Exploit DB Packet Storm

229233	6.8	警告	phparanoid	-	PHParanoid におけるクロスサイトリクエストフォージェリの脆弱性	CWE-352 同一生成元ポリシー違反	CVE-2008-5672	2012-12-20 19:10	2008-12-18	Show	GitHub Exploit DB Packet Storm

229234	6.8	警告	Textpattern	-	Textpattern におけるセッションのハイジャック後パスワードを変更される脆弱性	CWE-255 証明書・パスワード管理	CVE-2008-5670	2012-12-20 19:10	2008-12-18	Show	GitHub Exploit DB Packet Storm

229235	5	警告	Textpattern	-	Textpattern のコメントプレビューセクションにおけるサービス運用妨害 (DoS) の脆弱性	CWE-20 不適切な入力確認	CVE-2008-5669	2012-12-20 19:10	2008-12-18	Show	GitHub Exploit DB Packet Storm

229236	4.3	警告	Textpattern	-	Textpattern におけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2008-5668	2012-12-20 19:10	2008-12-18	Show	GitHub Exploit DB Packet Storm

229237	5	警告	VirusBlokAda Ltd.	-	VirusBlokAda VBA32 Personal Antivirus のスキャンエンジンにおけるサービス運用妨害 (DoS) の脆弱性	CWE-399 リソース管理の問題	CVE-2008-5667	2012-12-20 19:10	2008-12-18	Show	GitHub Exploit DB Packet Storm

229238	3.5	注意	WING FTP software	-	WinFTP FTP Server におけるサービス運用妨害 (DoS) の脆弱性	CWE-399 リソース管理の問題	CVE-2008-5666	2012-12-20 18:52	2008-12-18	Show	GitHub Exploit DB Packet Storm

229239	7.5	危険	XOOPS	-	XOOPS の xhresim モジュールにおける SQL インジェクションの脆弱性	CWE-89 SQLインジェクション	CVE-2008-5665	2012-12-20 18:52	2008-12-18	Show	GitHub Exploit DB Packet Storm

229240	9.3	危険	Realtek Semiconductor Corp	-	Realtek Media Player におけるスタックベースのバッファオーバーフローの脆弱性	CWE-119 バッファエラー	CVE-2008-5664	2012-12-20 18:52	2008-12-18	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:May 28, 2026, 4:16 a.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
225061	8.8	HIGH Network	sagemcom netgear technicolor compal	f\@st_3890_firmware f\@st_3686_firmware cg3700emr_firmware c6250emr_firmware tc7230_steb_firmware 7284e_firmware 7486e_firmware	Broadcom based cable modems across multiple vendors are vulnerable to a buffer overflow, which allows a remote attacker to execute arbitrary code at the kernel level via JavaScript run in a victim's …	CWE-120 Classic Buffer Overflow	CVE-2019-19494	2024-11-21 13:34	2020-01-9	Show	GitHub Exploit DB Packet Storm

225062	9.8	CRITICAL Network	technicolor	tc7230_steb_firmware	The web interface on the Technicolor TC7230 STEB 01.25 is vulnerable to DNS rebinding, which allows a remote attacker to configure the cable modem via JavaScript in a victim's browser. The attacker c…	CWE-20 Improper Input Validation	CVE-2019-19495	2024-11-21 13:34	2020-01-9	Show	GitHub Exploit DB Packet Storm

225063	7.8	HIGH Local	broadcom	ca_automic_dollar_universe	CA Automic Dollar Universe 5.3.3 contains a vulnerability, related to the uxdqmsrv binary being setuid root, that allows local attackers to elevate privileges. This vulnerability was reported to CA s…	CWE-269 Improper Privilege Management	CVE-2019-19544	2024-11-21 13:34	2020-01-9	Show	GitHub Exploit DB Packet Storm

225064	9.8	CRITICAL Network	broadcom	ca_automic_sysload	CA Automic Sysload 5.6.0 through 6.1.2 contains a vulnerability, related to a lack of authentication on the File Server port, that potentially allows remote attackers to execute arbitrary commands.	CWE-287 Improper Authentication	CVE-2019-19518	2024-11-21 13:34	2020-01-9	Show	GitHub Exploit DB Packet Storm

225065	7.8	HIGH Local	rconfig	rconfig	An issue was discovered in rConfig 3.9.3. The install script updates the /etc/sudoers file for rconfig specific tasks. After an "rConfig specific Apache configuration" update, apache has high privile…	CWE-269 Improper Privilege Management	CVE-2019-19585	2024-11-21 13:34	2020-01-7	Show	GitHub Exploit DB Packet Storm

225066	8.8	HIGH Network	rconfig	rconfig	An issue was discovered in rConfig 3.9.3. A remote authenticated user can directly execute system commands by sending a GET request to ajaxArchiveFiles.php because the path parameter is passed to the…	CWE-78 OS Command	CVE-2019-19509	2024-11-21 13:34	2020-01-7	Show	GitHub Exploit DB Packet Storm

225067	6.1	MEDIUM Network	icewarp	mail_server	IceWarp WebMail Server 12.2.0 and 12.1.x before 12.2.1.1 (and probably earlier versions) allows XSS (issue 1 of 2) in notes for contacts.	CWE-79 Cross-site Scripting	CVE-2019-19265	2024-11-21 13:34	2020-01-6	Show	GitHub Exploit DB Packet Storm

225068	5.4	MEDIUM Network	icewarp	mail_server	IceWarp WebMail Server 12.2.0 and 12.1.x before 12.2.1.1 (and probably earlier versions) allows XSS (issue 2 of 2) in notes for objects.	CWE-79 Cross-site Scripting	CVE-2019-19266	2024-11-21 13:34	2020-01-6	Show	GitHub Exploit DB Packet Storm

225069	7.5	HIGH Network	gitlab	gitlab	GitLab EE 8.4 through 12.5, 12.4.3, and 12.3.6 stored several tokens in plaintext.	CWE-312 Cleartext Storage of Sensitive Information	CVE-2019-19314	2024-11-21 13:34	2020-01-6	Show	GitHub Exploit DB Packet Storm

225070	7.5	HIGH Network	gitlab	gitlab	GitLab EE 12.3 through 12.5, 12.4.3, and 12.3.6 allows Denial of Service. Certain characters were making it impossible to create, edit, or view issues and commits.	CWE-755 Improper Handling of Exceptional Conditions	CVE-2019-19313	2024-11-21 13:34	2020-01-6	Show	GitHub Exploit DB Packet Storm

Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed