Vulnerability Search Top

Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

Vulnerability Information Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":May 24, 2026, 4 p.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
230151	4.3	警告	SmarterTools Inc.	-	SmarterTools SmarterMail Enterprise におけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2008-0872	2012-12-20 18:34	2008-02-21	Show	GitHub Exploit DB Packet Storm

230152	7.5	危険	woltlab	-	WoltLab Burning Board の index.php における SQL インジェクションの脆弱性	CWE-89 SQLインジェクション	CVE-2008-0857	2012-12-20 18:34	2008-02-20	Show	GitHub Exploit DB Packet Storm

230153	7.5	危険	WordPress.org	-	WordPress 用の Dean Logan WP-People プラグインにおける SQL インジェクションの脆弱性	CWE-89 SQLインジェクション	CVE-2008-0845	2012-12-20 18:34	2008-02-20	Show	GitHub Exploit DB Packet Storm

230154	6.4	警告	statcountex	-	StatCounteX における重要な情報を取得される脆弱性	CWE-264 認可・権限・アクセス制御	CVE-2008-0843	2012-12-20 18:34	2008-02-20	Show	GitHub Exploit DB Packet Storm

230155	4.4	警告	publicwarehouse	-	Public Warehouse LightBlog の view_member.php におけるディレクトリトラバーサルの脆弱性	CWE-22 パス・トラバーサル	CVE-2008-0840	2012-12-20 18:34	2008-02-20	Show	GitHub Exploit DB Packet Storm

230156	4.3	警告	ソフォス	-	Sophos ES1000 および ES4000 Email Security Appliance の Web の管理インターフェースにおけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2008-0838	2012-12-20 18:34	2008-02-20	Show	GitHub Exploit DB Packet Storm

230157	7.5	危険	simple cms	-	Simple CMS の indexen.php における SQL インジェクションの脆弱性	CWE-89 SQLインジェクション	CVE-2008-0835	2012-12-20 18:34	2008-02-20	Show	GitHub Exploit DB Packet Storm

230158	7.5	危険	PHPNUKE	-	PHP-Nuke の Books モジュールにおける SQL インジェクションの脆弱性	CWE-89 SQLインジェクション	CVE-2008-0827	2012-12-20 18:34	2008-02-19	Show	GitHub Exploit DB Packet Storm

230159	3.6	注意	scribe	-	Scribe の index.php におけるディレクトリトラバーサルの脆弱性	CWE-22 パス・トラバーサル	CVE-2008-0822	2012-12-20 18:34	2008-02-19	Show	GitHub Exploit DB Packet Storm

230160	3.6	注意	plutostatus	-	PlutoStatus Locator の index.php におけるディレクトリトラバーサルの脆弱性	CWE-22 パス・トラバーサル	CVE-2008-0819	2012-12-20 18:34	2008-02-19	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:May 24, 2026, 4:05 a.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
223631	5.9	MEDIUM Network	br-automation	automation_studio	A missing secure communication definition and an incomplete TLS validation in the upgrade service in B&R Automation Studio versions 4.0.x, 4.1.x, 4.2.x, < 4.3.11SP, < 4.4.9SP, < 4.5.5SP, < 4.6.4 and …	CWE-295 Improper Certificate Validation	CVE-2019-19101	2024-11-21 13:34	2020-04-29	Show	GitHub Exploit DB Packet Storm

223632	7.1	HIGH Local	br-automation	automation_studio	A privilege escalation vulnerability in the upgrade service in B&R Automation Studio versions 4.0.x, 4.1.x, 4.2.x, < 4.3.11SP, < 4.4.9SP, < 4.5.4SP, <. 4.6.3SP, < 4.7.2 and < 4.8.1 allow authenticate…	NVD-CWE-Other	CVE-2019-19100	2024-11-21 13:34	2020-04-29	Show	GitHub Exploit DB Packet Storm

223633	5.5	MEDIUM Local	abb busch-jaeger	tg\/s3.2_firmware 6186\/11_firmware	The Configuration pages in ABB Telephone Gateway TG/S 3.2 and Busch-Jaeger 6186/11 Telefon-Gateway for user profiles and services transfer the password in plaintext (although hidden when displayed).	CWE-319 Cleartext Transmission of Sensitive Information	CVE-2019-19107	2024-11-21 13:34	2020-04-23	Show	GitHub Exploit DB Packet Storm

223634	9.1	CRITICAL Network	abb busch-jaeger	tg\/s3.2_firmware 6186\/11_firmware	Improper implementation of Access Control in ABB Telephone Gateway TG/S 3.2 and Busch-Jaeger 6186/11 Telefon-Gateway allows an unauthorized user to access data marked as restricted, such as viewing o…	NVD-CWE-Other	CVE-2019-19106	2024-11-21 13:34	2020-04-23	Show	GitHub Exploit DB Packet Storm

223635	5.5	MEDIUM Local	abb busch-jaeger	tg\/s3.2_firmware 6186\/11_firmware	The backup function in ABB Telephone Gateway TG/S 3.2 and Busch-Jaeger 6186/11 Telefon-Gateway saves the current settings and configuration of the application, including credentials of existing user …	CWE-522 Insufficiently Protected Credentials	CVE-2019-19105	2024-11-21 13:34	2020-04-23	Show	GitHub Exploit DB Packet Storm

223636	9.8	CRITICAL Network	abb busch-jaeger	tg\/s3.2_firmware 6186\/11_firmware	The web server in ABB Telephone Gateway TG/S 3.2 and Busch-Jaeger 6186/11 Telefon-Gateway allows access to different endpoints of the application without authenticating by accessing a specific unifor…	CWE-306 Missing Authentication for Critical Function	CVE-2019-19104	2024-11-21 13:34	2020-04-23	Show	GitHub Exploit DB Packet Storm

223637	9.4	CRITICAL Network	br-automation	automation_studio automation_runtime	An authentication weakness in the SNMP service in B&R Automation Runtime versions 2.96, 3.00, 3.01, 3.06 to 3.10, 4.00 to 4.63, 4.72 and above allows unauthenticated users to modify the configuration…	CWE-798 Use of Hard-coded Credentials	CVE-2019-19108	2024-11-21 13:34	2020-04-21	Show	GitHub Exploit DB Packet Storm

223638	6.1	MEDIUM Network	northern.tech	cfengine	Northern.tech CFEngine Enterprise before 3.10.7, 3.11.x and 3.12.x before 3.12.3, 3.13.x, and 3.14.x allows XSS. This is fixed in 3.10.7, 3.12.3, and 3.15.0.	CWE-79 Cross-site Scripting	CVE-2019-19394	2024-11-21 13:34	2020-04-17	Show	GitHub Exploit DB Packet Storm

223639	5.4	MEDIUM Network	matrix42	workspace_management	The Search parameter of the Software Catalogue section of Matrix42 Workspace Management 9.1.2.2765 and below accepts unfiltered parameters that lead to multiple reflected XSS issues.	CWE-79 Cross-site Scripting	CVE-2019-19390	2024-11-21 13:34	2020-04-16	Show	GitHub Exploit DB Packet Storm

223640	5.4	MEDIUM Network	matrix42	workspace_management	Matrix42 Workspace Management 9.1.2.2765 and below allows stored XSS via unfiltered description parameters, as demonstrated by the comment field of a special order for individual software.	CWE-79 Cross-site Scripting	CVE-2019-19500	2024-11-21 13:34	2020-04-15	Show	GitHub Exploit DB Packet Storm