Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":May 18, 2026, 6 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
229721 5 警告 WordPress.org - WordPress における重要な情報を取得される脆弱性 CWE-200
情報漏えい 		CVE-2008-0191 2012-12-20 18:34 2008-01-9 Show GitHub Exploit DB Packet Storm
229722 7.5 危険 spacial audio solutions - SAM Broadcaster samPHPweb の songinfo.php における SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2008-0187 2012-12-20 18:34 2008-01-9 Show GitHub Exploit DB Packet Storm
229723 4.3 警告 phprisk - NetRisk の index.php におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2008-0186 2012-12-20 18:34 2008-01-9 Show GitHub Exploit DB Packet Storm
229724 6.4 警告 prenotazioni on line - Line System 上で稼動している Sys-Hotel における絶対パストラバーサルの脆弱性 CWE-22
パス・トラバーサル 		CVE-2008-0184 2012-12-20 18:34 2008-01-9 Show GitHub Exploit DB Packet Storm
229725 4.3 警告 Plone Foundation - Plone CMS におけるクロスサイトリクエストフォージェリの脆弱性 CWE-352
同一生成元ポリシー違反 		CVE-2008-0164 2012-12-20 18:34 2008-03-14 Show GitHub Exploit DB Packet Storm
229726 7.2 危険 sam lantinga - splitvt の misc.c における権限を取得される脆弱性 CWE-264
認可・権限・アクセス制御 		CVE-2008-0162 2012-12-20 18:34 2008-02-21 Show GitHub Exploit DB Packet Storm
229727 5 警告 shop-script - Shop-Script の index.php におけるディレクトリトラバーサルの脆弱性 CWE-22
パス・トラバーサル 		CVE-2008-0158 2012-12-20 18:34 2008-01-8 Show GitHub Exploit DB Packet Storm
229728 5 警告 pragma systems - Pragma TelnetServer の telnetd.exe におけるサービス運用妨害 (DoS) の脆弱性 CWE-399
リソース管理の問題 		CVE-2008-0153 2012-12-20 18:34 2008-01-8 Show GitHub Exploit DB Packet Storm
229729 4.3 警告 seattle lab software - SLnet.exe の SeattleLab SLNet RF Telnet Server におけるサービス運用妨害 (DoS) の脆弱性 CWE-119
バッファエラー 		CVE-2008-0152 2012-12-20 18:34 2008-01-8 Show GitHub Exploit DB Packet Storm
229730 5 警告 tutos - TUTOS におけるシステム情報を読み取られる脆弱性 CWE-DesignError
CVE-2008-0149 2012-12-20 18:34 2008-01-8 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:May 19, 2026, 4:16 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
223831 7.8 HIGH
Local 		gnu
netapp
oracle 		bash
solidfire
hci_management_node
oncommand_unified_manager
communications_cloud_native_core_policy 		An issue was discovered in disable_priv_mode in shell.c in GNU Bash through 5.0 patch 11. By default, if Bash is run with its effective UID not equal to its real UID, it will drop privileges by setti… CWE-273
 Improper Check for Dropped Privileges 		CVE-2019-18276 2024-11-21 13:32 2019-11-28 Show GitHub Exploit DB Packet Storm
223832 10.0 CRITICAL
Network 		hitachienergy relion_670_firmware An attacker could use specially crafted paths in a specific request to read or delete files from Relion 670 Series (versions 1p1r26, 1.2.3.17, 2.0.0.10, RES670 2.0.0.4, 2.1.0.1, and prior) outside th… CWE-22
Path Traversal 		CVE-2019-18253 2024-11-21 13:32 2019-11-28 Show GitHub Exploit DB Packet Storm
223833 7.5 HIGH
Network 		hitachienergy relion_650_firmware
relion_670_firmware 		An attacker may use a specially crafted message to force Relion 650 series (versions 1.3.0.5 and prior) or Relion 670 series (versions 1.2.3.18, 2.0.0.11, 2.1.0.1 and prior) to reboot, which could ca… CWE-20
 Improper Input Validation  		CVE-2019-18247 2024-11-21 13:32 2019-11-28 Show GitHub Exploit DB Packet Storm
223834 9.8 CRITICAL
Network 		crestron dmc-stro_firmware Crestron DMC-STRO 1.0 devices allow remote command execution as root via shell metacharacters to the ping function. CWE-78
OS Command  		CVE-2019-18184 2024-11-21 13:32 2019-11-28 Show GitHub Exploit DB Packet Storm
223835 8.8 HIGH
Network 		csrf_magic_project csrf_magic The csrf_callback function in the CSRF Magic library through 2016-03-27 is vulnerable to CSRF protection bypass as it allows one to tamper with the csrf token values. A remote attacker can exploit th… CWE-352
 Origin Validation Error 		CVE-2019-17590 2024-11-21 13:32 2019-11-27 Show GitHub Exploit DB Packet Storm
223836 9.8 CRITICAL
Network 		progress sitefinity Progress Sitefinity 12.1 has a Weak Password Recovery Mechanism for a Forgotten Password because the HTTP Host header is mishandled. CWE-640
 Weak Password Recovery Mechanism for Forgotten Password 		CVE-2019-17392 2024-11-21 13:32 2019-11-27 Show GitHub Exploit DB Packet Storm
223837 8.8 HIGH
Network 		- - In Omron CX-Supervisor, Versions 3.5 (12) and prior, Omron CX-Supervisor ships with Teamviewer Version 5.0.8703 QS. This version of Teamviewer is vulnerable to an obsolete function vulnerability requ… NVD-CWE-noinfo
CVE-2019-18251 2024-11-21 13:32 2019-11-26 Show GitHub Exploit DB Packet Storm
223838 9.8 CRITICAL
Network 		abb plant_connect
power_generation_information_manager 		In all versions of ABB Power Generation Information Manager (PGIM) and Plant Connect, the affected product is vulnerable to authentication bypass, which may allow an attacker to remotely bypass authe… CWE-287
Improper Authentication 		CVE-2019-18250 2024-11-21 13:32 2019-11-26 Show GitHub Exploit DB Packet Storm
223839 6.5 MEDIUM
Adjacent 		philips intellibridge_ec40_firmware
intellibridge_ec80_firmware 		In Philips IntelliBridge EC40 and EC80, IntelliBridge EC40 Hub all versions, and IntelliBridge EC80 Hub all versions, the SSH server running on the affected products is configured to allow weak ciphe… CWE-326
Inadequate Encryption Strength 		CVE-2019-18241 2024-11-21 13:32 2019-11-26 Show GitHub Exploit DB Packet Storm
223840 6.1 MEDIUM
Network 		eclipse jetty In Eclipse Jetty versions 9.4.21.v20190926, 9.4.22.v20191022, and 9.4.23.v20191118, the generation of default unhandled Error response content (in text/html and text/json Content-Type) does not escap… CWE-79
Cross-site Scripting 		CVE-2019-17632 2024-11-21 13:32 2019-11-26 Show GitHub Exploit DB Packet Storm