Vulnerability Search Top

Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

Vulnerability Information Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":May 23, 2026, 6 p.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
230111	6.8	警告	quantum game library	-	Quantum Game Library における PHP リモートファイルインクルージョンの脆弱性	CWE-94 コード・インジェクション	CVE-2008-1069	2012-12-20 18:34	2008-02-28	Show	GitHub Exploit DB Packet Storm

230112	6.8	警告	portail web php	-	Portail Web Php における PHP リモートファイルインクルージョンの脆弱性	CWE-94 コード・インジェクション	CVE-2008-1068	2012-12-20 18:34	2008-02-28	Show	GitHub Exploit DB Packet Storm

230113	6.8	警告	phpqladmin	-	phpQLAdmin における PHP リモートファイルインクルージョンの脆弱性	CWE-94 コード・インジェクション	CVE-2008-1067	2012-12-20 18:34	2008-02-28	Show	GitHub Exploit DB Packet Storm

230114	7.5	危険	Smarty	-	S9Y などの製品で使用される Smarty における任意の PHP 関数を呼び出される脆弱性	CWE-20 不適切な入力確認	CVE-2008-1066	2012-12-20 18:34	2008-02-28	Show	GitHub Exploit DB Packet Storm

230115	4.3	警告	WordPress.org	-	WordPress 用の Sniplets プラグインにおけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2008-1061	2012-12-20 18:34	2008-02-28	Show	GitHub Exploit DB Packet Storm

230116	7.5	危険	WordPress.org	-	WordPress 用の Sniplets プラグインにおける任意の PHP コードを実行される脆弱性	CWE-94 コード・インジェクション	CVE-2008-1060	2012-12-20 18:34	2008-02-28	Show	GitHub Exploit DB Packet Storm

230117	7.5	危険	WordPress.org	-	WordPress 用の Sniplets プラグインにおける PHP リモートファイルインクルージョンの脆弱性	CWE-94 コード・インジェクション	CVE-2008-1059	2012-12-20 18:34	2008-02-28	Show	GitHub Exploit DB Packet Storm

230118	6.9	警告	symark	-	Symark PowerBroker におけるスタックベースのバッファオーバーフローの脆弱性	CWE-119 バッファエラー	CVE-2008-1056	2012-12-20 18:34	2008-02-28	Show	GitHub Exploit DB Packet Storm

230119	7.5	危険	PHPNUKE	-	PHP-Nuke 用の Kose_Yazilari モジュールにおける SQL インジェクションの脆弱性	CWE-89 SQLインジェクション	CVE-2008-1053	2012-12-20 18:34	2008-02-27	Show	GitHub Exploit DB Packet Storm

230120	6.8	警告	phpprofiles	-	phpProfiles の include/body_comm.inc.php における PHP リモートファイルインクルージョンの脆弱性	CWE-94 コード・インジェクション	CVE-2008-1051	2012-12-20 18:34	2008-02-27	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:May 23, 2026, 4:08 a.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
223341	6.1	MEDIUM Network	midori-browser	midori	In Midori Browser 0.5.11 (on Windows 10), Content Security Policy (CSP) is not applied correctly to all parts of multipart content sent with the multipart/x-mixed-replace MIME type. This could result…	CWE-79 Cross-site Scripting	CVE-2019-19916	2024-11-21 13:35	2019-12-21	Show	GitHub Exploit DB Packet Storm

223342	7.1	HIGH Local	trendmicro	antivirus\+_security_2020 internet_security_2020 maximum_security_2020 premium_security_2020	The Trend Micro Security 2020 consumer family of products contains a vulnerability that could allow a local attacker to disclose sensitive information or to create a denial-of-service condition on af…	CWE-59 Link Following	CVE-2019-19693	2024-11-21 13:35	2019-12-21	Show	GitHub Exploit DB Packet Storm

223343	6.1	MEDIUM Network	trendmicro	apex_one	Trend Micro Apex One (2019) is affected by a cross-site scripting (XSS) vulnerability on the product console. Note that the Japanese version of the product is NOT affected.	CWE-79 Cross-site Scripting	CVE-2019-19692	2024-11-21 13:35	2019-12-21	Show	GitHub Exploit DB Packet Storm

223344	4.9	MEDIUM Network	trendmicro	apex_one officescan	A vulnerability in Trend Micro Apex One and OfficeScan XG could allow an attacker to expose a masked credential key by manipulating page elements using development tools. Note that the attacker must …	NVD-CWE-noinfo	CVE-2019-19691	2024-11-21 13:35	2019-12-21	Show	GitHub Exploit DB Packet Storm

223345	6.1	MEDIUM Network	ciprianmp	phpmychat-plus	phpMyChat-Plus 1.98 is vulnerable to reflected XSS via JavaScript injection into the password reset URL. In the URL, the pmc_username parameter to pass_reset.php is vulnerable.	CWE-79 Cross-site Scripting	CVE-2019-19908	2024-11-21 13:35	2019-12-20	Show	GitHub Exploit DB Packet Storm

223346	6.5	MEDIUM Network	codesys	sp_realtime_nt plcwinnt runtime_toolkit	3S-Smart CODESYS SP Realtime NT before V2.3.7.28, CODESYS Runtime Toolkit 32 bit full before V2.4.7.54, and CODESYS PLCWinNT before V2.4.7.54 allow a NULL pointer dereference.	CWE-476 NULL Pointer Dereference	CVE-2019-19789	2024-11-21 13:35	2019-12-20	Show	GitHub Exploit DB Packet Storm

223347	9.0	CRITICAL Network	webfactoryltd	301_redirects	The "301 Redirects - Easy Redirect Manager" plugin before 2.45 for WordPress allows users (with subscriber or greater access) to modify, delete, or inject redirect rules, and exploit XSS, with the /a…	CWE-352 CWE-732 Origin Validation Error Incorrect Permission Assignment for Critical Resource	CVE-2019-19915	2024-11-21 13:35	2019-12-20	Show	GitHub Exploit DB Packet Storm

223348	6.1	MEDIUM Network	mediawiki	mediawiki	The MinervaNeue Skin in MediaWiki from 2019-11-05 to 2019-12-13 (1.35 and/or 1.34) mishandles certain HTML attributes, as demonstrated by IMG onmouseover= (impact is XSS) and IMG src=http (impact is …	CWE-79 Cross-site Scripting	CVE-2019-19910	2024-11-21 13:35	2019-12-20	Show	GitHub Exploit DB Packet Storm

223349	8.8	HIGH Network	sfu	open_journal_system	An issue was discovered in Public Knowledge Project (PKP) pkp-lib before 3.1.2-2, as used in Open Journal Systems (OJS) before 3.1.2-2. Code injection can occur in the OJS report generator if an auth…	CWE-94 CWE-502 Code Injection Deserialization of Untrusted Data	CVE-2019-19909	2024-11-21 13:35	2019-12-20	Show	GitHub Exploit DB Packet Storm

223350	9.8	CRITICAL Network	kopano	groupware_core	HrAddFBBlock in libfreebusy/freebusyutil.cpp in Kopano Groupware Core before 8.7.7 allows out-of-bounds access, as demonstrated by mishandling of an array copy during parsing of ICal data.	CWE-120 Classic Buffer Overflow	CVE-2019-19907	2024-11-21 13:35	2019-12-20	Show	GitHub Exploit DB Packet Storm