Vulnerability Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":May 23, 2026, 6 p.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
230111	6.8	警告	quantum game library	-	Quantum Game Library における PHP リモートファイルインクルージョンの脆弱性	CWE-94 コード・インジェクション	CVE-2008-1069	2012-12-20 18:34	2008-02-28	Show	GitHub Exploit DB Packet Storm

230112	6.8	警告	portail web php	-	Portail Web Php における PHP リモートファイルインクルージョンの脆弱性	CWE-94 コード・インジェクション	CVE-2008-1068	2012-12-20 18:34	2008-02-28	Show	GitHub Exploit DB Packet Storm

230113	6.8	警告	phpqladmin	-	phpQLAdmin における PHP リモートファイルインクルージョンの脆弱性	CWE-94 コード・インジェクション	CVE-2008-1067	2012-12-20 18:34	2008-02-28	Show	GitHub Exploit DB Packet Storm

230114	7.5	危険	Smarty	-	S9Y などの製品で使用される Smarty における任意の PHP 関数を呼び出される脆弱性	CWE-20 不適切な入力確認	CVE-2008-1066	2012-12-20 18:34	2008-02-28	Show	GitHub Exploit DB Packet Storm

230115	4.3	警告	WordPress.org	-	WordPress 用の Sniplets プラグインにおけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2008-1061	2012-12-20 18:34	2008-02-28	Show	GitHub Exploit DB Packet Storm

230116	7.5	危険	WordPress.org	-	WordPress 用の Sniplets プラグインにおける任意の PHP コードを実行される脆弱性	CWE-94 コード・インジェクション	CVE-2008-1060	2012-12-20 18:34	2008-02-28	Show	GitHub Exploit DB Packet Storm

230117	7.5	危険	WordPress.org	-	WordPress 用の Sniplets プラグインにおける PHP リモートファイルインクルージョンの脆弱性	CWE-94 コード・インジェクション	CVE-2008-1059	2012-12-20 18:34	2008-02-28	Show	GitHub Exploit DB Packet Storm

230118	6.9	警告	symark	-	Symark PowerBroker におけるスタックベースのバッファオーバーフローの脆弱性	CWE-119 バッファエラー	CVE-2008-1056	2012-12-20 18:34	2008-02-28	Show	GitHub Exploit DB Packet Storm

230119	7.5	危険	PHPNUKE	-	PHP-Nuke 用の Kose_Yazilari モジュールにおける SQL インジェクションの脆弱性	CWE-89 SQLインジェクション	CVE-2008-1053	2012-12-20 18:34	2008-02-27	Show	GitHub Exploit DB Packet Storm

230120	6.8	警告	phpprofiles	-	phpProfiles の include/body_comm.inc.php における PHP リモートファイルインクルージョンの脆弱性	CWE-94 コード・インジェクション	CVE-2008-1051	2012-12-20 18:34	2008-02-27	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:May 23, 2026, 4:08 a.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
223391	9.8	CRITICAL Network	drupal	views_dynamic_field	The Views Dynamic Fields module through 7.x-1.0-alpha4 for Drupal makes insecure unserialize calls in handlers/views_handler_filter_dynamic_fields.inc, as demonstrated by PHP object injection, involv…	CWE-502 Deserialization of Untrusted Data	CVE-2019-19826	2024-11-21 13:35	2019-12-17	Show	GitHub Exploit DB Packet Storm

223392	5.5	MEDIUM Local	gonitro	nitro_free_pdf_reader	The JBIG2Decode library in npdf.dll in Nitro Free PDF Reader 12.0.0.112 has a CAPPDAnnotHandlerUtils::PDAnnotHandlerDestroyData2+0xa08a Out-of-Bounds Read via crafted Unicode content.	CWE-125 Out-of-bounds Read	CVE-2019-19818	2024-11-21 13:35	2019-12-17	Show	GitHub Exploit DB Packet Storm

223393	6.5	MEDIUM Network	dlink	dir-615_t1_firmware	On D-Link DIR-615 devices, a normal user is able to create a root(admin) user from the D-Link portal.	NVD-CWE-noinfo	CVE-2019-19743	2024-11-21 13:35	2019-12-17	Show	GitHub Exploit DB Packet Storm

223394	7.5	HIGH Network	roxyfileman	roxy_fileman	Roxy Fileman 1.4.5 for .NET is vulnerable to path traversal. A remote attacker can write uploaded files to arbitrary locations via the RENAMEFILE action. This can be leveraged for code execution by u…	CWE-22 Path Traversal	CVE-2019-19731	2024-11-21 13:35	2019-12-17	Show	GitHub Exploit DB Packet Storm

223395	6.5	MEDIUM Network	cyrus debian fedoraproject canonical	imap debian_linux fedora ubuntu_linux	An issue was discovered in Cyrus IMAP before 2.5.15, 3.0.x before 3.0.13, and 3.1.x through 3.1.8. If sieve script uploading is allowed (3.x) or certain non-default sieve options are enabled (2.x), a…	CWE-269 Improper Privilege Management	CVE-2019-19783	2024-11-21 13:35	2019-12-16	Show	GitHub Exploit DB Packet Storm

223396	7.8	HIGH Local	linux canonical	linux_kernel ubuntu_linux	In the Linux kernel before 5.3.11, sound/core/timer.c has a use-after-free caused by erroneous code refactoring, aka CID-e7af6307a8a5. This is related to snd_timer_open and snd_timer_close_locked. Th…	CWE-416 Use After Free	CVE-2019-19807	2024-11-21 13:35	2019-12-16	Show	GitHub Exploit DB Packet Storm

223397	5.5	MEDIUM Local	xfig_project fedoraproject debian	fig2dev fedora debian_linux	read_colordef in read.c in Xfig fig2dev 3.2.7b has an out-of-bounds write.	CWE-787 Out-of-bounds Write	CVE-2019-19797	2024-11-21 13:35	2019-12-16	Show	GitHub Exploit DB Packet Storm

223398	7.8	HIGH Local	yabasic	yabasic	Yabasic 2.86.2 has a heap-based buffer overflow in myformat in function.c via a crafted BASIC source file.	CWE-787 Out-of-bounds Write	CVE-2019-19796	2024-11-21 13:35	2019-12-14	Show	GitHub Exploit DB Packet Storm

223399	7.8	HIGH Local	samurai_project	samurai	samurai 0.7 has a heap-based buffer overflow in canonpath in util.c via a crafted build file.	CWE-787 Out-of-bounds Write	CVE-2019-19795	2024-11-21 13:35	2019-12-14	Show	GitHub Exploit DB Packet Storm

223400	5.9	MEDIUM Network	miekg-dns_project	miekg-dns	The miekg Go DNS package before 1.1.25, as used in CoreDNS before 1.6.6 and other products, improperly generates random numbers because math/rand is used. The TXID becomes predictable, leading to res…	CWE-338 Use of Cryptographically Weak Pseudo-Random Number Generator (PRNG)	CVE-2019-19794	2024-11-21 13:35	2019-12-14	Show	GitHub Exploit DB Packet Storm

Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed