Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":May 28, 2026, 4:09 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
230341 7.5 危険 xplodphp - XplodPHP AutoTutorials の viewcat.php における SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2008-1889 2012-12-20 18:52 2008-04-18 Show GitHub Exploit DB Packet Storm
230342 5 警告 wikepage - Wikepage Opus の index.php におけるディレクトリトラバーサルの脆弱性 CWE-22
パス・トラバーサル 		CVE-2008-1884 2012-12-20 18:52 2008-04-18 Show GitHub Exploit DB Packet Storm
230343 6.8 警告 VideoLAN - VLC の ParseSSA 関数 におけるスタックベースのバッファオーバーフローの脆弱性 CWE-119
バッファエラー 		CVE-2008-1881 2012-12-20 18:52 2008-04-17 Show GitHub Exploit DB Packet Storm
230344 7.5 危険 Xine - xine-lib の src/demuxers/demux_nsf.c におけるスタックベースのバッファオーバーフローの脆弱性 CWE-119
バッファエラー 		CVE-2008-1878 2012-12-20 18:52 2008-04-17 Show GitHub Exploit DB Packet Storm
230345 6.8 警告 snarky - VisualPic の index.php における PHP リモートファイルインクルージョンの脆弱性 CWE-94
コード・インジェクション 		CVE-2008-1876 2012-12-20 18:52 2008-04-17 Show GitHub Exploit DB Packet Storm
230346 7.5 危険 terong - Terong PHP Photo Gallery の index.php における SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2008-1875 2012-12-20 18:52 2008-04-17 Show GitHub Exploit DB Packet Storm
230347 6.5 警告 xpoze - Xpoze Pro の account/user/mail.html における SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2008-1874 2012-12-20 18:52 2008-04-17 Show GitHub Exploit DB Packet Storm
230348 4.3 警告 tru-zone - Nuke ET のプライベートメッセージ機能におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2008-1873 2012-12-20 18:52 2008-04-17 Show GitHub Exploit DB Packet Storm
230349 6.5 警告 scriptsagent - Scriptsagent.com Links Directory の links.php における SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2008-1871 2012-12-20 18:52 2008-04-17 Show GitHub Exploit DB Packet Storm
230350 7.5 危険 site sift media - Site Sift Listings における SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2008-1869 2012-12-20 18:52 2008-04-17 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:May 28, 2026, 4:16 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
223471 7.8 HIGH
Local 		dlink dwl-2600ap_firmware D-Link DWL-2600AP 4.2.0.15 Rev A devices have an authenticated OS command injection vulnerability via the Upgrade Firmware functionality in the Web interface, using shell metacharacters in the admin.… CWE-78
OS Command  		CVE-2019-20501 2024-11-21 13:38 2020-03-6 Show GitHub Exploit DB Packet Storm
223472 7.8 HIGH
Local 		dlink dwl-2600ap_firmware D-Link DWL-2600AP 4.2.0.15 Rev A devices have an authenticated OS command injection vulnerability via the Save Configuration functionality in the Web interface, using shell metacharacters in the admi… CWE-78
OS Command  		CVE-2019-20500 2024-11-21 13:38 2020-03-6 Show GitHub Exploit DB Packet Storm
223473 7.8 HIGH
Local 		dlink dwl-2600ap_firmware D-Link DWL-2600AP 4.2.0.15 Rev A devices have an authenticated OS command injection vulnerability via the Restore Configuration functionality in the Web interface, using shell metacharacters in the a… CWE-78
OS Command  		CVE-2019-20499 2024-11-21 13:38 2020-03-6 Show GitHub Exploit DB Packet Storm
223474 8.8 HIGH
Network 		testlink testlink Multiple SQL injection vulnerabilities in TestLink through 1.9.19 allows remote authenticated users to execute arbitrary SQL commands via the (1) tproject_id parameter to keywordsView.php; the (2) re… CWE-89
SQL Injection 		CVE-2019-20107 2024-11-21 13:38 2020-03-5 Show GitHub Exploit DB Packet Storm
223475 9.8 CRITICAL
Network 		netgear wnr1000_firmware An issue was discovered on NETGEAR WNR1000V4 1.1.0.54 devices. The web management interface (setup.cgi) has an authentication bypass and other problems that ultimately allow an attacker to remotely c… CWE-287
Improper Authentication 		CVE-2019-20489 2024-11-21 13:38 2020-03-3 Show GitHub Exploit DB Packet Storm
223476 9.8 CRITICAL
Network 		netgear wnr1000_firmware An issue was discovered on NETGEAR WNR1000V4 1.1.0.54 devices. Multiple actions within the web management interface (setup.cgi) are vulnerable to command injection, allowing remote attackers to execu… CWE-78
OS Command  		CVE-2019-20488 2024-11-21 13:38 2020-03-3 Show GitHub Exploit DB Packet Storm
223477 8.8 HIGH
Network 		netgear wnr1000_firmware An issue was discovered on NETGEAR WNR1000V4 1.1.0.54 devices. Multiple actions within the WNR1000V4 web management console are vulnerable to an unauthenticated GET request (exploitable directly or t… CWE-352
 Origin Validation Error 		CVE-2019-20487 2024-11-21 13:38 2020-03-3 Show GitHub Exploit DB Packet Storm
223478 6.1 MEDIUM
Network 		netgear wnr1000_firmware An issue was discovered on NETGEAR WNR1000V4 1.1.0.54 devices. Multiple pages (setup.cgi and adv_index.htm) within the web management console are vulnerable to stored XSS, as demonstrated by the conf… CWE-79
Cross-site Scripting 		CVE-2019-20486 2024-11-21 13:38 2020-03-3 Show GitHub Exploit DB Packet Storm
223479 9.8 CRITICAL
Network 		miele xgw_3000_zigbee_gateway_firmware In MIELE XGW 3000 ZigBee Gateway before 2.4.0, the Password Change Function does not require knowledge of the old password. This can be exploited in conjunction with CVE-2019-20480. CWE-287
Improper Authentication 		CVE-2019-20481 2024-11-21 13:38 2020-02-25 Show GitHub Exploit DB Packet Storm
223480 8.8 HIGH
Network 		miele xgw_3000_zigbee_gateway_firmware In MIELE XGW 3000 ZigBee Gateway before 2.4.0, a malicious website visited by an authenticated admin user or a malicious mail is allowed to make arbitrary changes in the "admin panel" because there i… CWE-352
 Origin Validation Error 		CVE-2019-20480 2024-11-21 13:38 2020-02-25 Show GitHub Exploit DB Packet Storm