Vulnerability Search Top

Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

Vulnerability Information Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":May 5, 2026, 6 p.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
229771	5	警告	the address book	-	The Address Book の users.php におけるディレクトリトラバーサルの脆弱性	-	CVE-2006-4579	2012-12-20 18:02	2006-12-31	Show	GitHub Exploit DB Packet Storm

229772	7.5	危険	the address book	-	The Address Book の export.php における重要な情報を取得される脆弱性	-	CVE-2006-4578	2012-12-20 18:02	2006-12-31	Show	GitHub Exploit DB Packet Storm

229773	6.8	警告	the address book	-	The Address Book におけるクロスサイトスクリプティングの脆弱性	-	CVE-2006-4577	2012-12-20 18:02	2006-12-31	Show	GitHub Exploit DB Packet Storm

229774	6.8	警告	the address book	-	The Address Book におけるクロスサイトスクリプティングの脆弱性	-	CVE-2006-4576	2012-12-20 18:02	2006-12-31	Show	GitHub Exploit DB Packet Storm

229775	7.5	危険	the address book	-	The Address Book における SQL インジェクションの脆弱性	-	CVE-2006-4575	2012-12-20 18:02	2006-12-31	Show	GitHub Exploit DB Packet Storm

229776	5.1	警告	Simple Machines	-	Simple Machines Forum の Sources/ManageBoards.php における SQL インジェクションの脆弱性	CWE-89 SQLインジェクション	CVE-2006-4564	2012-12-20 18:02	2006-09-5	Show	GitHub Exploit DB Packet Storm

229777	6.8	警告	PHPNUKE	-	PHP-Nuke 用の MyHeadlines モジュールにおけるクロスサイトスクリプティングの脆弱性	-	CVE-2006-4563	2012-12-20 18:02	2006-09-5	Show	GitHub Exploit DB Packet Storm

229778	7.5	危険	retro64	-	Retro64 / Miniclip CR64Loader ActiveX コントロールにおけるバッファオーバーフローの脆弱性	-	CVE-2006-4555	2012-12-20 18:02	2006-09-5	Show	GitHub Exploit DB Packet Storm

229779	7.5	危険	Plume CMS	-	Plume CMS における PHP リモートファイルインクルージョンの脆弱性	CWE-94 コード・インジェクション	CVE-2006-4533	2012-12-20 18:02	2006-09-1	Show	GitHub Exploit DB Packet Storm

229780	5	警告	qbik	-	Qbik WinGate におけるサービス運用妨害 (DoS) の脆弱性	-	CVE-2006-4518	2012-12-20 18:02	2006-11-28	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:May 6, 2026, 4:08 a.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
213181	7.2	HIGH Network	magento	magento	A remote code execution vulnerability exists in Magento 2.2 prior to 2.2.10, Magento 2.3 prior to 2.3.3 or 2.3.2-p1. An authenticated user with admin privileges to manipulate shippment settings can e…	CWE-918 Server-Side Request Forgery (SSRF)	CVE-2019-8151	2024-11-21 13:49	2019-11-6	Show	GitHub Exploit DB Packet Storm

213182	8.8	HIGH Network	magento	magento	A remote code execution vulnerability exists in Magento 2.2 prior to 2.2.10, Magento 2.3 prior to 2.3.3 or 2.3.2-p1. An authenticated user with privileges to manipulate layouts and images can insert …	NVD-CWE-noinfo	CVE-2019-8150	2024-11-21 13:49	2019-11-6	Show	GitHub Exploit DB Packet Storm

213183	9.8	CRITICAL Network	magento	magento	Insecure authentication and session management vulnerability exists in Magento 2.2 prior to 2.2.10, Magento 2.3 prior to 2.3.3 or 2.3.2-p1. An unauthenticated user can append arbitrary session id tha…	CWE-613 Insufficient Session Expiration	CVE-2019-8149	2024-11-21 13:49	2019-11-6	Show	GitHub Exploit DB Packet Storm

213184	4.8	MEDIUM Network	magento	magento	A stored cross-site scripting (XSS) vulnerability exists in Magento 2.3 prior to 2.3.3 or 2.3.2-p1. An authenticated admin user can inject arbitrary JavaScript code when creating a content page via p…	CWE-79 Cross-site Scripting	CVE-2019-8148	2024-11-21 13:49	2019-11-6	Show	GitHub Exploit DB Packet Storm

213185	5.4	MEDIUM Network	magento	magento	A stored cross-site scripting (XSS) vulnerability exists in Magento 2.2 prior to 2.2.10, Magento 2.3 prior to 2.3.3 or 2.3.2-p1. An authenticated user can inject arbitrary JavaScript code via custome…	CWE-79 Cross-site Scripting	CVE-2019-8147	2024-11-21 13:49	2019-11-6	Show	GitHub Exploit DB Packet Storm

213186	5.4	MEDIUM Network	magento	magento	A stored cross-site scripting (XSS) vulnerability exists in Magento 2.2 prior to 2.2.10, Magento 2.3 prior to 2.3.3 or 2.3.2-p1. An authenticated user can inject arbitrary JavaScript code when adding…	CWE-79 Cross-site Scripting	CVE-2019-8146	2024-11-21 13:49	2019-11-6	Show	GitHub Exploit DB Packet Storm

213187	9.8	CRITICAL Network	magento	magento	A remote code execution vulnerability exists in Magento 2.3 prior to 2.3.3 or 2.3.2-p1. An unauthenticated user can insert a malicious payload through PageBuilder template methods.	NVD-CWE-noinfo	CVE-2019-8144	2024-11-21 13:49	2019-11-6	Show	GitHub Exploit DB Packet Storm

213188	6.5	MEDIUM Network	magento	magento	A SQL injection vulnerability exists in Magento 2.2 prior to 2.2.10, Magento 2.3 prior to 2.3.3 or 2.3.2-p1. An authenticated user with access to email templates can send malicious SQL queries and ob…	CWE-89 SQL Injection	CVE-2019-8143	2024-11-21 13:49	2019-11-6	Show	GitHub Exploit DB Packet Storm

213189	5.4	MEDIUM Network	magento	magento	A stored cross-site scripting (XSS) vulnerability exists in Magento 2.2 prior to 2.2.10, Magento 2.3 prior to 2.3.3 or 2.3.2-p1. An authenticated user can inject arbitrary JavaScript code via title o…	CWE-79 Cross-site Scripting	CVE-2019-8142	2024-11-21 13:49	2019-11-6	Show	GitHub Exploit DB Packet Storm

213190	7.2	HIGH Network	magento	magento	A remote code execution vulnerability exists in Magento 2.1 prior to 2.1.19, Magento 2.2 prior to 2.2.10, Magento 2.3 prior to 2.3.3. An authenticated user with administrative privileges (system leve…	CWE-502 Deserialization of Untrusted Data	CVE-2019-8141	2024-11-21 13:49	2019-11-6	Show	GitHub Exploit DB Packet Storm