Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":May 26, 2026, 2 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
230111 6.8 警告 snarky - VisualPic の index.php における PHP リモートファイルインクルージョンの脆弱性 CWE-94
コード・インジェクション 		CVE-2008-1876 2012-12-20 18:52 2008-04-17 Show GitHub Exploit DB Packet Storm
230112 7.5 危険 terong - Terong PHP Photo Gallery の index.php における SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2008-1875 2012-12-20 18:52 2008-04-17 Show GitHub Exploit DB Packet Storm
230113 6.5 警告 xpoze - Xpoze Pro の account/user/mail.html における SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2008-1874 2012-12-20 18:52 2008-04-17 Show GitHub Exploit DB Packet Storm
230114 4.3 警告 tru-zone - Nuke ET のプライベートメッセージ機能におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2008-1873 2012-12-20 18:52 2008-04-17 Show GitHub Exploit DB Packet Storm
230115 6.5 警告 scriptsagent - Scriptsagent.com Links Directory の links.php における SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2008-1871 2012-12-20 18:52 2008-04-17 Show GitHub Exploit DB Packet Storm
230116 7.5 危険 site sift media - Site Sift Listings における SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2008-1869 2012-12-20 18:52 2008-04-17 Show GitHub Exploit DB Packet Storm
230117 7.5 危険 pixel motion - Blog Pixel Motion の admin/sauvBase.php における重要な情報を含む blogPM.sql ファイルの結果を取得される脆弱性 CWE-287
不適切な認証 		CVE-2008-1868 2012-12-20 18:52 2008-04-17 Show GitHub Exploit DB Packet Storm
230118 7.5 危険 pixel motion - Blog Pixel Motion における SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2008-1867 2012-12-20 18:52 2008-04-17 Show GitHub Exploit DB Packet Storm
230119 9 危険 pixel motion - Blog Pixel Motion の admin/modif_config.php における任意の PHP スクリプトをアップロードされる脆弱性 CWE-94
コード・インジェクション 		CVE-2008-1866 2012-12-20 18:52 2008-04-17 Show GitHub Exploit DB Packet Storm
230120 7.5 危険 prozilla - Prozilla Freelancers の project.php における SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2008-1864 2012-12-20 18:52 2008-04-17 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:May 26, 2026, 4:05 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
223851 5.4 MEDIUM
Network 		alfresco alfresco Alfresco Enterprise before 5.2.5 allows stored XSS via an uploaded HTML document. CWE-79
Cross-site Scripting 		CVE-2019-19496 2024-11-21 13:34 2019-12-2 Show GitHub Exploit DB Packet Storm
223852 5.4 MEDIUM
Network 		kentico kentico Kentico before 12.0.50 allows file uploads in which the Content-Type header is inconsistent with the file extension, leading to XSS. CWE-434
CWE-706
 Unrestricted Upload of File with Dangerous Type 
 Use of Incorrectly-Resolved Name or Reference 		CVE-2019-19493 2024-11-21 13:34 2019-12-2 Show GitHub Exploit DB Packet Storm
223853 6.5 MEDIUM
Network 		teamviewer teamviewer An issue was discovered in the Chat functionality of the TeamViewer desktop application 14.3.4730 on Windows. (The vendor states that it was later fixed.) Upon login, every communication is saved wit… CWE-212
 Improper Removal of Sensitive Information Before Storage or Transfer 		CVE-2019-19362 2024-11-21 13:34 2019-12-2 Show GitHub Exploit DB Packet Storm
223854 6.5 MEDIUM
Network 		djangoproject
fedoraproject 		django
fedora 		Django 2.1 before 2.1.15 and 2.2 before 2.2.8 allows unintended model editing. A Django model admin displaying inline related models, where the user has view-only permissions to a parent model but ed… CWE-276
Incorrect Default Permissions  		CVE-2019-19118 2024-11-21 13:34 2019-12-2 Show GitHub Exploit DB Packet Storm
223855 9.8 CRITICAL
Network 		freeswitch freeswitch FreeSWITCH 1.6.10 through 1.10.1 has a default password in event_socket.conf.xml. CWE-798
 Use of Hard-coded Credentials 		CVE-2019-19492 2024-11-21 13:34 2019-12-2 Show GitHub Exploit DB Packet Storm
223856 6.1 MEDIUM
Network 		testlink testlink TestLink 1.9.19 has XSS via the lib/testcases/archiveData.php edit parameter, the index.php reqURI parameter, or the URI in a lib/testcases/tcEdit.php?doAction=doDeleteStep request. CWE-79
Cross-site Scripting 		CVE-2019-19491 2024-11-21 13:34 2019-12-2 Show GitHub Exploit DB Packet Storm
223857 7.3 HIGH
Local 		litemanager litemanager LiteManager 4.5.0 has weak permissions (Everyone: Full Control) in the "LiteManagerFree - Server" folder, as demonstrated by ROMFUSClient.exe. CWE-276
Incorrect Default Permissions  		CVE-2019-19490 2024-11-21 13:34 2019-12-2 Show GitHub Exploit DB Packet Storm
223858 5.5 MEDIUM
Local 		smplayer smplayer SMPlayer 19.5.0 has a buffer overflow via a long .m3u file. CWE-120
Classic Buffer Overflow 		CVE-2019-19489 2024-11-21 13:34 2019-12-2 Show GitHub Exploit DB Packet Storm
223859 4.6 MEDIUM
Physics 		opensc_project opensc An issue was discovered in OpenSC through 0.19.0 and 0.20.x through 0.20.0-rc3. libopensc/card-cac1.c mishandles buffer limits for CAC certificates. CWE-119
Incorrect Access of Indexable Resource ('Range Error')  		CVE-2019-19481 2024-11-21 13:34 2019-12-2 Show GitHub Exploit DB Packet Storm
223860 4.6 MEDIUM
Physics 		opensc_project opensc An issue was discovered in OpenSC through 0.19.0 and 0.20.x through 0.20.0-rc3. libopensc/pkcs15-prkey.c has an incorrect free operation in sc_pkcs15_decode_prkdf_entry. CWE-672
 Operation on a Resource after Expiration or Release 		CVE-2019-19480 2024-11-21 13:34 2019-12-2 Show GitHub Exploit DB Packet Storm