Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":May 26, 2026, 6 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
230241 7.5 危険 sudirman angriawan - PHP-Nuke 用の Sudirman Angriawan NukeC30 モジュールにおける SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2008-1308 2012-12-20 18:34 2008-03-12 Show GitHub Exploit DB Packet Storm
230242 4.3 警告 WordPress.org - WordPress におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2008-1304 2012-12-20 18:34 2008-03-12 Show GitHub Exploit DB Packet Storm
230243 4.3 警告 ViewVC - ViewVC における重要な情報を取得される脆弱性 CWE-200
情報漏えい 		CVE-2008-1292 2012-12-20 18:34 2008-03-24 Show GitHub Exploit DB Packet Storm
230244 4.3 警告 ViewVC - ViewVC における CVSROOT 隠しフォルダ配下のファイルおよびフォルダの一覧を読み取られる脆弱性 CWE-200
情報漏えい 		CVE-2008-1291 2012-12-20 18:34 2008-03-24 Show GitHub Exploit DB Packet Storm
230245 4.3 警告 ViewVC - ViewVC における重要な情報を取得される脆弱性 CWE-200
情報漏えい 		CVE-2008-1290 2012-12-20 18:34 2008-03-24 Show GitHub Exploit DB Packet Storm
230246 4.3 警告 サン・マイクロシステムズ - Sun JSF におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2008-1285 2012-12-20 18:34 2008-02-27 Show GitHub Exploit DB Packet Storm
230247 4.3 警告 silver-forge - Neptune Web Server におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2008-1283 2012-12-20 18:34 2008-03-10 Show GitHub Exploit DB Packet Storm
230248 5 警告 remotelyanywhere - Remotely Anywhere Server および Workstation の RemotelyAnywhere.exe サービスにおけるサービス運用妨害 (DoS) の脆弱性 CWE-20
不適切な入力確認 		CVE-2008-1278 2012-12-20 18:34 2008-03-10 Show GitHub Exploit DB Packet Storm
230249 7.8 危険 シーメンス - Siemens SpeedStream 6520 ルータにおけるサービス運用妨害 (DoS) の脆弱性 CWE-189
数値処理の問題 		CVE-2008-1267 2012-12-20 18:34 2008-03-10 Show GitHub Exploit DB Packet Storm
230250 5 警告 ZyXEL - Zyxel P-2602HW-D1A ルータにおける現在のログインステータスを取得される脆弱性 CWE-DesignError
CVE-2008-1261 2012-12-20 18:34 2008-03-10 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:May 26, 2026, 4:05 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
223631 5.9 MEDIUM
Network 		br-automation automation_studio A missing secure communication definition and an incomplete TLS validation in the upgrade service in B&R Automation Studio versions 4.0.x, 4.1.x, 4.2.x, < 4.3.11SP, < 4.4.9SP, < 4.5.5SP, < 4.6.4 and … CWE-295
Improper Certificate Validation  		CVE-2019-19101 2024-11-21 13:34 2020-04-29 Show GitHub Exploit DB Packet Storm
223632 7.1 HIGH
Local 		br-automation automation_studio A privilege escalation vulnerability in the upgrade service in B&R Automation Studio versions 4.0.x, 4.1.x, 4.2.x, < 4.3.11SP, < 4.4.9SP, < 4.5.4SP, <. 4.6.3SP, < 4.7.2 and < 4.8.1 allow authenticate… NVD-CWE-Other
CVE-2019-19100 2024-11-21 13:34 2020-04-29 Show GitHub Exploit DB Packet Storm
223633 5.5 MEDIUM
Local 		abb
busch-jaeger 		tg\/s3.2_firmware
6186\/11_firmware 		The Configuration pages in ABB Telephone Gateway TG/S 3.2 and Busch-Jaeger 6186/11 Telefon-Gateway for user profiles and services transfer the password in plaintext (although hidden when displayed). CWE-319
Cleartext Transmission of Sensitive Information 		CVE-2019-19107 2024-11-21 13:34 2020-04-23 Show GitHub Exploit DB Packet Storm
223634 9.1 CRITICAL
Network 		abb
busch-jaeger 		tg\/s3.2_firmware
6186\/11_firmware 		Improper implementation of Access Control in ABB Telephone Gateway TG/S 3.2 and Busch-Jaeger 6186/11 Telefon-Gateway allows an unauthorized user to access data marked as restricted, such as viewing o… NVD-CWE-Other
CVE-2019-19106 2024-11-21 13:34 2020-04-23 Show GitHub Exploit DB Packet Storm
223635 5.5 MEDIUM
Local 		abb
busch-jaeger 		tg\/s3.2_firmware
6186\/11_firmware 		The backup function in ABB Telephone Gateway TG/S 3.2 and Busch-Jaeger 6186/11 Telefon-Gateway saves the current settings and configuration of the application, including credentials of existing user … CWE-522
 Insufficiently Protected Credentials 		CVE-2019-19105 2024-11-21 13:34 2020-04-23 Show GitHub Exploit DB Packet Storm
223636 9.8 CRITICAL
Network 		abb
busch-jaeger 		tg\/s3.2_firmware
6186\/11_firmware 		The web server in ABB Telephone Gateway TG/S 3.2 and Busch-Jaeger 6186/11 Telefon-Gateway allows access to different endpoints of the application without authenticating by accessing a specific unifor… CWE-306
Missing Authentication for Critical Function 		CVE-2019-19104 2024-11-21 13:34 2020-04-23 Show GitHub Exploit DB Packet Storm
223637 9.4 CRITICAL
Network 		br-automation automation_studio
automation_runtime 		An authentication weakness in the SNMP service in B&R Automation Runtime versions 2.96, 3.00, 3.01, 3.06 to 3.10, 4.00 to 4.63, 4.72 and above allows unauthenticated users to modify the configuration… CWE-798
 Use of Hard-coded Credentials 		CVE-2019-19108 2024-11-21 13:34 2020-04-21 Show GitHub Exploit DB Packet Storm
223638 6.1 MEDIUM
Network 		northern.tech cfengine Northern.tech CFEngine Enterprise before 3.10.7, 3.11.x and 3.12.x before 3.12.3, 3.13.x, and 3.14.x allows XSS. This is fixed in 3.10.7, 3.12.3, and 3.15.0. CWE-79
Cross-site Scripting 		CVE-2019-19394 2024-11-21 13:34 2020-04-17 Show GitHub Exploit DB Packet Storm
223639 5.4 MEDIUM
Network 		matrix42 workspace_management The Search parameter of the Software Catalogue section of Matrix42 Workspace Management 9.1.2.2765 and below accepts unfiltered parameters that lead to multiple reflected XSS issues. CWE-79
Cross-site Scripting 		CVE-2019-19390 2024-11-21 13:34 2020-04-16 Show GitHub Exploit DB Packet Storm
223640 5.4 MEDIUM
Network 		matrix42 workspace_management Matrix42 Workspace Management 9.1.2.2765 and below allows stored XSS via unfiltered description parameters, as demonstrated by the comment field of a special order for individual software. CWE-79
Cross-site Scripting 		CVE-2019-19500 2024-11-21 13:34 2020-04-15 Show GitHub Exploit DB Packet Storm