Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":May 28, 2026, noon

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
229491 4.6 警告 Matthias Wandel - Matthias Wandel jhead の jhead.c における任意のファイルを上書きされる脆弱性 CWE-59
リンク解釈の問題 		CVE-2008-4639 2012-12-20 18:52 2008-10-21 Show GitHub Exploit DB Packet Storm
229492 7.5 危険 rgallery - WBB 用の rGallery プラグインにおける SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2008-4627 2012-12-20 18:52 2008-10-20 Show GitHub Exploit DB Packet Storm
229493 6.8 警告 zirkon box - Fritz Berger yappa-ng の yappa-ng におけるディレクトリトラバーサルの脆弱性 CWE-22
パス・トラバーサル 		CVE-2008-4626 2012-12-20 18:52 2008-10-20 Show GitHub Exploit DB Packet Storm
229494 7.5 危険 shiftthis - WordPress 用の ShiftThis Newsletter プラグインにおける SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2008-4625 2012-12-20 18:52 2008-10-20 Show GitHub Exploit DB Packet Storm
229495 5 警告 Wireshark - Wireshark の Bluetooth ACL 解析子におけるサービス運用妨害 (DoS) の脆弱性 CWE-399
リソース管理の問題 		CVE-2008-4683 2012-12-20 18:52 2007-04-4 Show GitHub Exploit DB Packet Storm
229496 7.5 危険 phpfastnews - phpFastNews の fastnews-code.php における認証を迂回される脆弱性 CWE-287
不適切な認証 		CVE-2008-4622 2012-12-20 18:52 2008-10-20 Show GitHub Exploit DB Packet Storm
229497 7.5 危険 ZeeScripts.com - ZeeScripts Zeeproperty の bannerclick.php における SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2008-4621 2012-12-20 18:52 2008-10-20 Show GitHub Exploit DB Packet Storm
229498 10 危険 サン・マイクロシステムズ - Sun Solaris の RPC サブシステムにおけるサービス運用妨害 (DoS) の脆弱性 CWE-noinfo
情報不足 		CVE-2008-4619 2012-12-20 18:52 2008-10-20 Show GitHub Exploit DB Packet Storm
229499 7.5 危険 pyxicom - Joomla! 用の actualite モジュールにおける SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2008-4617 2012-12-20 18:52 2008-10-20 Show GitHub Exploit DB Packet Storm
229500 5 警告 the spanner
WordPress.org		 - WordPress の SpamBam プラグインにおける制限を回避される脆弱性 CWE-20
不適切な入力確認 		CVE-2008-4616 2012-12-20 18:52 2008-10-20 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:May 28, 2026, 4:16 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
224921 2.4 LOW
Physics 		harman hermes A misconfiguration in the debug interface in Mercedes-Benz HERMES 1 allows an attacker with direct physical access to device hardware to obtain cellular modem information. CWE-922
 Insecure Storage of Sensitive Information 		CVE-2019-19557 2024-11-21 13:34 2020-11-16 Show GitHub Exploit DB Packet Storm
224922 4.6 MEDIUM
Physics 		harman hermes An authentication bypass in the debug interface in Mercedes-Benz HERMES 1 allows an attacker with physical access to device hardware to obtain system information. NVD-CWE-noinfo
CVE-2019-19556 2024-11-21 13:34 2020-11-16 Show GitHub Exploit DB Packet Storm
224923 9.8 CRITICAL
Network 		un4seen bassmidi The BASSMIDI plugin 2.4.12.1 for Un4seen BASS Audio Library on Windows is prone to an out of bounds write vulnerability. An attacker may exploit this to execute code on the target machine. A failure … CWE-787
 Out-of-bounds Write 		CVE-2019-19513 2024-11-21 13:34 2020-10-16 Show GitHub Exploit DB Packet Storm
224924 7.8 HIGH
Local 		nahimic apo_software_component An escalation of privilege vulnerability in Nahimic APO Software Component Driver 1.4.2, 1.5.0, 1.5.1, 1.6.1 and 1.6.2 allows an attacker to execute code with SYSTEM privileges. CWE-427
 Uncontrolled Search Path Element 		CVE-2019-19115 2024-11-21 13:34 2020-10-9 Show GitHub Exploit DB Packet Storm
224925 8.8 HIGH
Network 		reddoxx maildepot REDDOXX MailDepot 2032 2.2.1242 allows authenticated users to access the mailboxes of other users. CWE-863
 Incorrect Authorization 		CVE-2019-19200 2024-11-21 13:34 2020-10-7 Show GitHub Exploit DB Packet Storm
224926 7.4 HIGH
Network 		reddoxx maildepot REDDOXX MailDepot 2032 SP2 2.2.1242 has Insufficient Session Expiration because tokens are not invalidated upon a logout. CWE-613
 Insufficient Session Expiration 		CVE-2019-19199 2024-11-21 13:34 2020-10-2 Show GitHub Exploit DB Packet Storm
224927 6.1 MEDIUM
Network 		rittal cmc_pu_iii_7030.000_firmware The Web application on Rittal CMC PU III 7030.000 V3.00 V3.11.00_2 to V3.15.70_4 devices fails to sanitize user input on the system configurations page. This allows an attacker to backdoor the device… CWE-79
Cross-site Scripting 		CVE-2019-19393 2024-11-21 13:34 2020-10-2 Show GitHub Exploit DB Packet Storm
224928 6.5 MEDIUM
Network 		grafana grafana Grafana <= 6.4.3 has an Arbitrary File Read vulnerability, which could be exploited by an authenticated attacker that has privileges to modify the data source configurations. CWE-89
SQL Injection 		CVE-2019-19499 2024-11-21 13:34 2020-08-29 Show GitHub Exploit DB Packet Storm
224929 7.8 HIGH
Local 		wowza streaming_engine Wowza Streaming Engine before 4.8.5 has Insecure Permissions which may allow a local attacker to escalate privileges in / usr / local / WowzaStreamingEngine / manager / bin / in the Linux version of … CWE-732
 Incorrect Permission Assignment for Critical Resource 		CVE-2019-19455 2024-11-21 13:34 2020-08-3 Show GitHub Exploit DB Packet Storm
224930 5.4 MEDIUM
Network 		wowza streaming_engine Wowza Streaming Engine before 4.8.5 allows XSS (issue 1 of 2). An authenticated user, with access to the proxy license editing is able to insert a malicious payload that will be triggered in the main… CWE-79
Cross-site Scripting 		CVE-2019-19453 2024-11-21 13:34 2020-08-3 Show GitHub Exploit DB Packet Storm