Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":June 8, 2026, 2:12 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
230561 10 危険 wportfolio - wPortfolio の admin/upload_form.php における任意のコードを実行される脆弱性 CWE-20
不適切な入力確認 		CVE-2008-5220 2012-12-20 18:52 2008-11-25 Show GitHub Exploit DB Packet Storm
230562 7.5 危険 videoscript - VVideoScript のパスワード変更機能における admin アカウントパスワードを変更される脆弱性 CWE-287
不適切な認証 		CVE-2008-5219 2012-12-20 18:52 2008-11-25 Show GitHub Exploit DB Packet Storm
230563 5 警告 Scriptsez.net - ScriptsEz FREEze Greetings における平文パスワードを取得される脆弱性 CWE-264
認可・権限・アクセス制御 		CVE-2008-5218 2012-12-20 18:52 2008-11-25 Show GitHub Exploit DB Packet Storm
230564 5.1 警告 phpc0d3r - txtCMS の index.php におけるディレクトリトラバーサルの脆弱性 CWE-22
パス・トラバーサル 		CVE-2008-5217 2012-12-20 18:52 2008-11-24 Show GitHub Exploit DB Packet Storm
230565 7.5 危険 toddwoolums - Todd Woolums ASP News Management の viewnews.asp における SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2008-5273 2012-12-20 18:52 2008-11-28 Show GitHub Exploit DB Packet Storm
230566 4 警告 SyndeoCMS - Fred Stuurman SyndeoCMS におけるディレクトリトラバーサルの脆弱性 CWE-22
パス・トラバーサル 		CVE-2008-5272 2012-12-20 18:52 2008-11-28 Show GitHub Exploit DB Packet Storm
230567 4.3 警告 SyndeoCMS - Fred Stuurman SyndeoCMS の index.php におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2008-5271 2012-12-20 18:52 2008-11-28 Show GitHub Exploit DB Packet Storm
230568 7.5 危険 wareziz - Yuhhu Superstar の view.topics.php における SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2008-5270 2012-12-20 18:52 2008-11-28 Show GitHub Exploit DB Packet Storm
230569 2.6 注意 Ando Saabas - Sphider の search.php におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2008-5211 2012-12-20 18:52 2008-11-24 Show GitHub Exploit DB Packet Storm
230570 9.3 危険 phpblock - PhpBlock における PHP リモートファイルインクルージョンの脆弱性 CWE-94
コード・インジェクション 		CVE-2008-5210 2012-12-20 18:52 2008-11-24 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:June 8, 2026, 4:09 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
223471 8.8 HIGH
Network 		foxitsoftware phantompdf
reader 		An exploitable memory corruption vulnerability exists in the JavaScript engine of Foxit Software's Foxit PDF Reader, version 9.4.1.16828. A specially crafted PDF document can trigger an out-of-memory… CWE-770
 Allocation of Resources Without Limits or Throttling 		CVE-2019-5031 2024-11-21 13:44 2019-10-3 Show GitHub Exploit DB Packet Storm
223472 6.7 MEDIUM
Local 		e2fsprogs_project
debian
fedoraproject
canonical
netapp 		e2fsprogs
debian_linux
fedora
ubuntu_linux
solidfire
hci_management_node 		An exploitable code execution vulnerability exists in the quota file functionality of E2fsprogs 1.45.3. A specially crafted ext4 partition can cause an out-of-bounds write on the heap, resulting in c… CWE-787
 Out-of-bounds Write 		CVE-2019-5094 2024-11-21 13:44 2019-09-25 Show GitHub Exploit DB Packet Storm
223473 9.8 CRITICAL
Network 		aspose aspose.pdf_for_c\+\+ An uninitialized memory access vulnerability exists in the way Aspose.PDF 19.2 for C++ handles invalid parent object pointers. A specially crafted PDF can cause a read and write from uninitialized me… CWE-908
 Use of Uninitialized Resource 		CVE-2019-5067 2024-11-21 13:44 2019-09-19 Show GitHub Exploit DB Packet Storm
223474 9.8 CRITICAL
Network 		aspose aspose.pdf_for_c\+\+ An exploitable use-after-free vulnerability exists in the way LZW-compressed streams are processed in Aspose.PDF 19.2 for C++. A specially crafted PDF can cause a dangling heap pointer, resulting in … CWE-416
 Use After Free 		CVE-2019-5066 2024-11-21 13:44 2019-09-19 Show GitHub Exploit DB Packet Storm
223475 8.8 HIGH
Network 		aspose aspose.pdf_for_c\+\+ An exploitable Use-After-Free vulnerability exists in the way FunctionType 0 PDF elements are processed in Aspose.PDF 19.2 for C++. A specially crafted PDF can cause a dangling heap pointer, resultin… CWE-416
 Use After Free 		CVE-2019-5042 2024-11-21 13:44 2019-09-19 Show GitHub Exploit DB Packet Storm
223476 7.2 HIGH
Network 		arubanetworks arubaos A command injection vulnerability is present in the web management interface of ArubaOS that permits an authenticated user to execute arbitrary commands on the underlying operating system. A maliciou… CWE-78
OS Command  		CVE-2019-5315 2024-11-21 13:44 2019-09-14 Show GitHub Exploit DB Packet Storm
223477 6.1 MEDIUM
Network 		arubanetworks arubaos Some web components in the ArubaOS software are vulnerable to HTTP Response splitting (CRLF injection) and Reflected XSS. An attacker would be able to accomplish this by sending certain URL parameter… CWE-74
Injection 		CVE-2019-5314 2024-11-21 13:44 2019-09-14 Show GitHub Exploit DB Packet Storm
223478 7.5 HIGH
Network 		netgear wnr2000_firmware An exploitable denial-of-service vulnerability exists in the Host Access Point Daemon (hostapd) on the NETGEAR N300 (WNR2000v5 with Firmware Version V1.0.0.70) wireless router. A SOAP request sent in… CWE-476
 NULL Pointer Dereference 		CVE-2019-5055 2024-11-21 13:44 2019-09-12 Show GitHub Exploit DB Packet Storm
223479 7.5 HIGH
Network 		netgear wnr2000_firmware An exploitable denial-of-service vulnerability exists in the session handling functionality of the NETGEAR N300 (WNR2000v5 with Firmware Version V1.0.0.70) HTTP server. An HTTP request with an empty … CWE-476
 NULL Pointer Dereference 		CVE-2019-5054 2024-11-21 13:44 2019-09-12 Show GitHub Exploit DB Packet Storm
223480 5.4 MEDIUM
Network 		gitlab gitlab An input validation and output encoding issue was discovered in the GitLab email notification feature which could result in a persistent XSS. This was addressed in GitLab 12.1.2, 12.0.4, and 11.11.6. CWE-79
Cross-site Scripting 		CVE-2019-5471 2024-11-21 13:44 2019-09-10 Show GitHub Exploit DB Packet Storm