Vulnerability Search Top

Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

Vulnerability Information Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":May 20, 2026, 6 p.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
229771	6.4	警告	spyce	-	Spyce - PSP の spyce/examples/redirect.spy におけるオープンリダイレクトの脆弱性	CWE-22 パス・トラバーサル	CVE-2008-0981	2012-12-20 18:34	2008-02-25	Show	GitHub Exploit DB Packet Storm

229772	4.3	警告	spyce	-	Spyce - PSP におけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2008-0980	2012-12-20 18:34	2008-02-25	Show	GitHub Exploit DB Packet Storm

229773	4.3	警告	webgui	-	Plain Black WebGUI におけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2008-0940	2012-12-20 18:34	2008-02-25	Show	GitHub Exploit DB Packet Storm

229774	7.5	危険	WordPress.org	-	WordPress 用の WPPA プラグインにおける SQL インジェクションの脆弱性	CWE-89 SQLインジェクション	CVE-2008-0939	2012-12-20 18:34	2008-02-25	Show	GitHub Exploit DB Packet Storm

229775	7.5	危険	the sword project	-	The SWORD Project Diatheke の diatheke.pl における任意のコマンドを実行される脆弱性	CWE-20 不適切な入力確認	CVE-2008-0932	2012-12-20 18:34	2008-02-25	Show	GitHub Exploit DB Packet Storm

229776	6.3	警告	xwine	-	Debian GNU/Linux 上で稼動する XWine の w_export.c における任意のコマンドを実行される脆弱性	CWE-264 認可・権限・アクセス制御	CVE-2008-0931	2012-12-20 18:34	2008-03-3	Show	GitHub Exploit DB Packet Storm

229777	7.5	危険	PHPNUKE	-	PHP-Nuke 用の Manuales モジュールにおける SQL インジェクションの脆弱性	CWE-89 SQLインジェクション	CVE-2008-0922	2012-12-20 18:34	2008-02-22	Show	GitHub Exploit DB Packet Storm

229778	4.3	警告	tendenci	-	Tendenci CMS の search.asp におけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2008-0793	2012-12-20 18:34	2008-02-14	Show	GitHub Exploit DB Packet Storm

229779	4.3	警告	Simple Machines	-	SMF Shoutbox の sboxDB.php におけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2008-0775	2012-12-20 18:34	2008-02-13	Show	GitHub Exploit DB Packet Storm

229780	7.5	危険	site2nite	-	Site2Nite の default.asp における SQL インジェクションの脆弱性	CWE-89 SQLインジェクション	CVE-2008-0771	2012-12-20 18:34	2008-02-13	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:May 20, 2026, 4:14 a.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
223841	5.5	MEDIUM Local	totaldefense	anti-virus	The quarantine restoration function in Total Defense Anti-virus 11.5.2.28 is vulnerable to symbolic link attacks, allowing files to be written to privileged directories.	CWE-59 Link Following	CVE-2019-18645	2024-11-21 13:33	2019-10-31	Show	GitHub Exploit DB Packet Storm

223842	8.8	HIGH Network	xen debian fedoraproject	xen debian_linux fedora	An issue was discovered in Xen through 4.12.x allowing ARM guest OS users to cause a denial of service or gain privileges by leveraging the erroneous enabling of interrupts. Interrupts are unconditio…	CWE-732 Incorrect Permission Assignment for Critical Resource	CVE-2019-18422	2024-11-21 13:33	2019-10-31	Show	GitHub Exploit DB Packet Storm

223843	7.5	HIGH Network	xen debian fedoraproject opensuse	xen debian_linux fedora leap	An issue was discovered in Xen through 4.12.x allowing x86 PV guest OS users to gain host OS privileges by leveraging race conditions in pagetable promotion and demotion operations. There are issues …	CWE-362 Race Condition	CVE-2019-18421	2024-11-21 13:33	2019-10-31	Show	GitHub Exploit DB Packet Storm

223844	6.5	MEDIUM Network	xen debian fedoraproject	xen debian_linux fedora	An issue was discovered in Xen through 4.12.x allowing x86 PV guest OS users to cause a denial of service via a VCPUOP_initialise hypercall. hypercall_create_continuation() is a variadic function whi…	CWE-134 Use of Externally-Controlled Format String	CVE-2019-18420	2024-11-21 13:33	2019-10-31	Show	GitHub Exploit DB Packet Storm

223845	5.9	MEDIUM Network	totaldefense	anti-virus	The malware scan function in Total Defense Anti-virus 11.5.2.28 is vulnerable to a TOCTOU bug; consequently, symbolic link attacks allow privileged files to be deleted.	CWE-367 Time-of-check Time-of-use (TOCTOU) Race Condition	CVE-2019-18644	2024-11-21 13:33	2019-10-31	Show	GitHub Exploit DB Packet Storm

223846	7.5	HIGH Network	themooltipass	moolticute	An issue was discovered in Mooltipass Moolticute through v0.42.1 and v0.42.x-testing through v0.42.5-testing. There is a NULL pointer dereference in MPDevice_win.cpp.	CWE-476 NULL Pointer Dereference	CVE-2019-18635	2024-11-21 13:33	2019-10-31	Show	GitHub Exploit DB Packet Storm

223847	9.8	CRITICAL Network	europa	eidas-node_integration_package	European Commission eIDAS-Node Integration Package before 2.3.1 has Missing Certificate Validation because a certain ExplicitKeyTrustEvaluator return value is not checked. NOTE: only 2.1 is confirmed…	CWE-295 Improper Certificate Validation	CVE-2019-18633	2024-11-21 13:33	2019-10-31	Show	GitHub Exploit DB Packet Storm

223848	9.8	CRITICAL Network	europa	eidas-node_integration_package	European Commission eIDAS-Node Integration Package before 2.3.1 allows Certificate Faking because an attacker can sign a manipulated SAML response with a forged certificate.	CWE-295 Improper Certificate Validation	CVE-2019-18632	2024-11-21 13:33	2019-10-31	Show	GitHub Exploit DB Packet Storm

223849	9.8	CRITICAL Network	opera	mini	Opera Mini for Android allows attackers to bypass intended restrictions on .apk file download/installation via an RTLO (aka Right to Left Override) approach, as demonstrated by misinterpretation of m…	NVD-CWE-noinfo	CVE-2019-18624	2024-11-21 13:33	2019-10-30	Show	GitHub Exploit DB Packet Storm

223850	5.3	MEDIUM Network	mediawiki	abusefilter	An issue was discovered in the AbuseFilter extension through 1.34 for MediaWiki. Previously hidden (restricted) AbuseFilter filters were viewable (or their differences were viewable) to unprivileged …	CWE-200 Information Exposure	CVE-2019-18612	2024-11-21 13:33	2019-10-30	Show	GitHub Exploit DB Packet Storm