Vulnerability Search Top

Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

Vulnerability Information Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":May 27, 2026, 6 p.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
229441	7.5	危険	php-daily	-	PHP-Daily における SQL インジェクションの脆弱性	CWE-89 SQLインジェクション	CVE-2008-4757	2012-12-20 18:52	2008-10-27	Show	GitHub Exploit DB Packet Storm

229442	4.3	警告	php-daily	-	PHP-Daily の add_prest_date.php におけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2008-4756	2012-12-20 18:52	2008-10-27	Show	GitHub Exploit DB Packet Storm

229443	7.5	危険	pozscripts	-	PozScripts Classified Auctions Script の gotourl.php における SQL インジェクションの脆弱性	CWE-89 SQLインジェクション	CVE-2008-4755	2012-12-20 18:52	2008-10-27	Show	GitHub Exploit DB Packet Storm

229444	5.8	警告	scripts-for-sites	-	SFS Ez Forum の forum.php における SQL インジェクションの脆弱性	CWE-89 SQLインジェクション	CVE-2008-4754	2012-12-20 18:52	2008-10-27	Show	GitHub Exploit DB Packet Storm

229445	7.5	危険	tech logic	-	TlNews における認証を回避される脆弱性	CWE-287 不適切な認証	CVE-2008-4752	2012-12-20 18:52	2008-10-27	Show	GitHub Exploit DB Packet Storm

229446	7.5	危険	uniwin	-	Uniwin eCart Professional における SQL インジェクションの脆弱性	CWE-89 SQLインジェクション	CVE-2008-4746	2012-12-20 18:52	2008-10-27	Show	GitHub Exploit DB Packet Storm

229447	4.3	警告	uniwin	-	Uniwin eCart Professional の emailFriend.asp におけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2008-4745	2012-12-20 18:52	2008-10-27	Show	GitHub Exploit DB Packet Storm

229448	7.5	危険	quidascript	-	QuidaScript FAQ Management Script の index.php における SQL インジェクションの脆弱性	CWE-89 SQLインジェクション	CVE-2008-4743	2012-12-20 18:52	2008-10-27	Show	GitHub Exploit DB Packet Storm

229449	4.3	警告	timetrex	-	TimeTrex の interface/Login.php におけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2008-4742	2012-12-20 18:52	2008-10-27	Show	GitHub Exploit DB Packet Storm

229450	5.1	警告	tinycms	-	TinyCMS 内の ZZ_Templater モジュール内におけるディレクトリトラバーサルの脆弱性	CWE-22 パス・トラバーサル	CVE-2008-4740	2012-12-20 18:52	2008-10-27	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:May 27, 2026, 4:52 a.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
224991	7.5	HIGH Network	apache oracle	netbeans graalvm	The "Apache NetBeans" autoupdate system does not fully validate code signatures. An attacker could modify the downloaded nbm and include additional code. "Apache NetBeans" versions up to and includin…	CWE-347 Improper Verification of Cryptographic Signature	CVE-2019-17561	2024-11-21 13:32	2020-03-31	Show	GitHub Exploit DB Packet Storm

224992	9.1	CRITICAL Network	apache oracle	netbeans graalvm	The "Apache NetBeans" autoupdate system does not validate SSL certificates and hostnames for https based downloads. This allows an attacker to intercept downloads of autoupdates and modify the downlo…	CWE-295 Improper Certificate Validation	CVE-2019-17560	2024-11-21 13:32	2020-03-31	Show	GitHub Exploit DB Packet Storm

224993	5.4	MEDIUM Network	netapp	oncommand_system_manager	OnCommand System Manager versions 9.3 prior to 9.3P18 and 9.4 prior to 9.4P2 are susceptible to a cross site scripting vulnerability that could allow an authenticated attacker to inject arbitrary scr…	CWE-79 Cross-site Scripting	CVE-2019-17276	2024-11-21 13:32	2020-03-25	Show	GitHub Exploit DB Packet Storm

224994	7.5	HIGH Network	moxa	iologik_2512_firmware iologik_2512-t_firmware iologik_2512-hspa_firmware iologik_2512-hspa-t_firmware iologik_2512-wl1-eu_firmware iologik_2512-wl1-eu-t_firmware iologik_2512-wl1-us…	In Moxa ioLogik 2500 series firmware, Version 3.0 or lower, and IOxpress configuration utility, Version 2.3.0 or lower, frequent and multiple requests for short-term use may cause the web server to f…	NVD-CWE-noinfo	CVE-2019-18242	2024-11-21 13:32	2020-03-25	Show	GitHub Exploit DB Packet Storm

224995	9.8	CRITICAL Network	apache debian	traffic_server debian_linux	There is a vulnerability in Apache Traffic Server 6.0.0 to 6.2.3, 7.0.0 to 7.1.8, and 8.0.0 to 8.0.5 with a smuggling attack and chunked encoding. Upgrade to versions 7.1.9 and 8.0.6 or later version…	CWE-444 HTTP Request Smuggling	CVE-2019-17565	2024-11-21 13:32	2020-03-24	Show	GitHub Exploit DB Packet Storm

224996	9.8	CRITICAL Network	apache debian	traffic_server debian_linux	There is a vulnerability in Apache Traffic Server 6.0.0 to 6.2.3, 7.0.0 to 7.1.8, and 8.0.0 to 8.0.5 with a smuggling attack and scheme parsing. Upgrade to versions 7.1.9 and 8.0.6 or later versions.	CWE-444 HTTP Request Smuggling	CVE-2019-17559	2024-11-21 13:32	2020-03-24	Show	GitHub Exploit DB Packet Storm

224997	8.8	HIGH Network	fortinet	fortimanager	An Insufficient Verification of Data Authenticity vulnerability in FortiManager 6.2.1, 6.2.0, 6.0.6 and below may allow an unauthenticated attacker to perform a Cross-Site WebSocket Hijacking (CSWSH)…	CWE-345 Insufficient Verification of Data Authenticity	CVE-2019-17654	2024-11-21 13:32	2020-03-16	Show	GitHub Exploit DB Packet Storm

224998	8.8	HIGH Network	fortinet	fortisiem	A Cross-Site Request Forgery (CSRF) vulnerability in the user interface of Fortinet FortiSIEM 5.2.5 could allow a remote, unauthenticated attacker to perform arbitrary actions using an authenticated …	CWE-352 Origin Validation Error	CVE-2019-17653	2024-11-21 13:32	2020-03-13	Show	GitHub Exploit DB Packet Storm

224999	9.8	CRITICAL Network	fortinet	forticlient	An unquoted service path vulnerability in the FortiClient FortiTray component of FortiClientWindows v6.2.2 and prior allow an attacker to gain elevated privileges via the FortiClientConsole executabl…	CWE-428 Unquoted Search Path or Element	CVE-2019-17658	2024-11-21 13:32	2020-03-13	Show	GitHub Exploit DB Packet Storm

225000	8.1	HIGH Network	eclipse	theia	In Eclipse Theia versions 0.3.9 through 0.15.0, one of the default pre-packaged Theia extensions is "Mini-Browser", published as "@theia/mini-browser" on npmjs.com. This extension, for its own needs,…	CWE-345 Insufficient Verification of Data Authenticity	CVE-2019-17636	2024-11-21 13:32	2020-03-11	Show	GitHub Exploit DB Packet Storm