Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":May 29, 2026, 6 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
230011 7.5 危険 phparcadescript - PHPArcadeScript の index.php における SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2008-3711 2012-12-20 18:52 2008-08-19 Show GitHub Exploit DB Packet Storm
230012 7.5 危険 zeeways - ZEEJOBSITE の bannerclick.php における SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2008-3706 2012-12-20 18:52 2008-08-19 Show GitHub Exploit DB Packet Storm
230013 10 危険 シマンテック - Windows 用の SFW における任意のコードを実行される脆弱性 CWE-287
不適切な認証 		CVE-2008-3703 2012-12-20 18:52 2008-08-14 Show GitHub Exploit DB Packet Storm
230014 6.8 警告 Xen プロジェクト - Xen の flask_security_label 関数におけるヒープベースのバッファオーバーフローの脆弱性 CWE-119
バッファエラー 		CVE-2008-3687 2012-12-20 18:52 2008-08-14 Show GitHub Exploit DB Packet Storm
230015 5 警告 サン・マイクロシステムズ - Sun Java System Web Proxy Server の FTP サブシステムにおけるサービス運用妨害 (DoS) の脆弱性 CWE-noinfo
情報不足 		CVE-2008-3683 2012-12-20 18:52 2008-08-12 Show GitHub Exploit DB Packet Storm
230016 6.8 警告 YPNinc - YPN PHP Realty の dpage.php における SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2008-3682 2012-12-20 18:52 2008-08-14 Show GitHub Exploit DB Packet Storm
230017 7.5 危険 pozscripts - PozScripts TubeGuru Video Sharing Script の ugroups.php における SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2008-3674 2012-12-20 18:52 2008-08-13 Show GitHub Exploit DB Packet Storm
230018 7.5 危険 pozscripts - PozScripts Classified Ads の browsecats.php における SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2008-3673 2012-12-20 18:52 2008-08-13 Show GitHub Exploit DB Packet Storm
230019 7.5 危険 pozscripts - PozScripts Classified Ads の showcategory.php における SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2008-3672 2012-12-20 18:52 2008-08-13 Show GitHub Exploit DB Packet Storm
230020 7.5 危険 ZeeScripts.com - ZeeScripts Reviews Opinions Rating Posting Engine Web-Site PHP Script の comments.php における SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2008-3669 2012-12-20 18:52 2008-08-13 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:May 29, 2026, 4:16 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
223981 7.5 HIGH
Network 		kind-of_project kind-of ctorName in index.js in kind-of v6.0.2 allows external user input to overwrite certain internal attributes via a conflicting name, as demonstrated by 'constructor': {'name':'Symbol'}. Hence, a crafte… CWE-668
 Exposure of Resource to Wrong Sphere 		CVE-2019-20149 2024-11-21 13:38 2019-12-31 Show GitHub Exploit DB Packet Storm
223982 6.1 MEDIUM
Network 		laborator neon An XSS issue was discovered in the Laborator Neon theme 2.0 for WordPress via the data/autosuggest-remote.php q parameter. CWE-79
Cross-site Scripting 		CVE-2019-20141 2024-11-21 13:38 2019-12-31 Show GitHub Exploit DB Packet Storm
223983 5.4 MEDIUM
Network 		nagios nagios_xi In Nagios XI 5.6.9, XSS exists via the nocscreenapi.php host, hostgroup, or servicegroup parameter, or the schedulereport.php hour or frequency parameter. Any authenticated user can attack the admin … CWE-79
Cross-site Scripting 		CVE-2019-20139 2024-11-21 13:38 2019-12-31 Show GitHub Exploit DB Packet Storm
223984 7.5 HIGH
Network 		http_authentication_library_project http_authentication_library The HTTP Authentication library before 2019-12-27 for Nim has weak password hashing because the default algorithm for libsodium's crypto_pwhash_str is not used. CWE-327
CWE-916
 Use of a Broken or Risky Cryptographic Algorithm
 Use of Password Hash With Insufficient Computational Effort 		CVE-2019-20138 2024-11-21 13:38 2019-12-30 Show GitHub Exploit DB Packet Storm
223985 5.5 MEDIUM
Local 		linux
debian
canonical 		linux_kernel
debian_linux
ubuntu_linux 		In the Linux kernel before 5.1, there is a memory leak in __feat_register_sp() in net/dccp/feat.c, which may cause denial of service, aka CID-1d3ff0950e2b. CWE-401
 Missing Release of Memory after Effective Lifetime 		CVE-2019-20096 2024-11-21 13:38 2019-12-30 Show GitHub Exploit DB Packet Storm
223986 5.5 MEDIUM
Local 		linux
opensuse
netapp 		linux_kernel
leap
cloud_backup
steelstore_cloud_integrated_storage
data_availability_services
solidfire
hci_management_node
active_iq_unified_manager
e-series_santricity_os_co… 		mwifiex_tm_cmd in drivers/net/wireless/marvell/mwifiex/cfg80211.c in the Linux kernel before 5.1.6 has some error-handling cases that did not free allocated hostcmd memory, aka CID-003b686ace82. This… CWE-401
 Missing Release of Memory after Effective Lifetime 		CVE-2019-20095 2024-11-21 13:38 2019-12-30 Show GitHub Exploit DB Packet Storm
223987 5.5 MEDIUM
Local 		podofo_project
fedoraproject 		podofo
fedora 		The PoDoFo::PdfVariant::DelayedLoad function in PdfVariant.h in PoDoFo 0.9.6 allows remote attackers to cause a denial of service (NULL pointer dereference) via a crafted file, because of ImageExtrac… CWE-476
 NULL Pointer Dereference 		CVE-2019-20093 2024-11-21 13:38 2019-12-30 Show GitHub Exploit DB Packet Storm
223988 5.5 MEDIUM
Local 		axiosys bento4 An issue was discovered in Bento4 1.5.1.0. There is a NULL pointer dereference in AP4_Descriptor::GetTag in mp42ts when called from AP4_EsDescriptor::GetDecoderConfigDescriptor in Ap4EsDescriptor.cpp. CWE-476
 NULL Pointer Dereference 		CVE-2019-20092 2024-11-21 13:38 2019-12-30 Show GitHub Exploit DB Packet Storm
223989 5.5 MEDIUM
Local 		axiosys bento4 An issue was discovered in Bento4 1.5.1.0. There is a NULL pointer dereference in AP4_Descriptor::GetTag in mp42ts when called from AP4_DecoderConfigDescriptor::GetDecoderSpecificInfoDescriptor in Ap… CWE-476
 NULL Pointer Dereference 		CVE-2019-20091 2024-11-21 13:38 2019-12-30 Show GitHub Exploit DB Packet Storm
223990 7.8 HIGH
Local 		axiosys bento4 An issue was discovered in Bento4 1.5.1.0. There is a use-after-free in AP4_Sample::GetOffset in Core/Ap4Sample.h when called from Ap4LinearReader.cpp. CWE-416
 Use After Free 		CVE-2019-20090 2024-11-21 13:38 2019-12-30 Show GitHub Exploit DB Packet Storm