Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":June 1, 2026, 6 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
244671 5 警告 codeavalanche - CodeAvalanche FreeForum における管理者パスワードを含むデータベースファイルをダウンロードされる脆弱性 CWE-264
認可・権限・アクセス制御 		CVE-2008-5932 2012-06-26 16:10 2009-01-21 Show GitHub Exploit DB Packet Storm
244672 7.5 危険 flds-script - FLDS の redir.php における SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2008-5928 2012-06-26 16:10 2009-01-21 Show GitHub Exploit DB Packet Storm
244673 7.5 危険 china-on-site - FlexPHPNews の admin/usercheck.php における SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2008-5927 2012-06-26 16:10 2009-01-21 Show GitHub Exploit DB Packet Storm
244674 7.5 危険 ASP-DEV - ASP-DEv Internal E-Mail System の login.asp における SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2008-5926 2012-06-26 16:10 2009-01-21 Show GitHub Exploit DB Packet Storm
244675 5 警告 ASP-DEV - ASP-DEv XM Events Diary におけるデータベースをダウンロードされる脆弱性 CWE-264
認可・権限・アクセス制御 		CVE-2008-5925 2012-06-26 16:10 2009-01-21 Show GitHub Exploit DB Packet Storm
244676 7.5 危険 ASP-DEV - ASP-DEv XM Events Diary の diary_viewC.asp における SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2008-5924 2012-06-26 16:10 2009-01-21 Show GitHub Exploit DB Packet Storm
244677 7.5 危険 ASP-DEV - ASP-DEv XM Events Diary の default.asp における SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2008-5923 2012-06-26 16:10 2009-01-21 Show GitHub Exploit DB Packet Storm
244678 7.5 危険 cfagcms - CFAGCMS の themes/default/index.php における PHP リモートファイルインクルージョンの脆弱性 CWE-94
コード・インジェクション 		CVE-2008-5922 2012-06-26 16:10 2009-01-21 Show GitHub Exploit DB Packet Storm
244679 7.5 危険 codeavalanche - CodeAvalanche Articles における管理者パスワードを含むデータベースファイルをダウンロードされる脆弱性 CWE-264
認可・権限・アクセス制御 		CVE-2008-5900 2012-06-26 16:10 2009-01-12 Show GitHub Exploit DB Packet Storm
244680 7.5 危険 codeavalanche - CodeAvalanche FreeForAll における管理者パスワードを含むデータベースファイルをダウンロードされる脆弱性 CWE-264
認可・権限・アクセス制御 		CVE-2008-5899 2012-06-26 16:10 2009-01-12 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:June 2, 2026, 4:18 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
218641 5.4 MEDIUM
Network 		vertiv avocent_umg-4000_firmware The web interface of the Vertiv Avocent UMG-4000 version 4.2.1.19 is vulnerable to reflected XSS in an HTTP POST parameter. The web application does not neutralize user-controllable input before disp… CWE-79
Cross-site Scripting 		CVE-2019-9509 2024-11-21 13:51 2020-03-31 Show GitHub Exploit DB Packet Storm
218642 3.5 LOW
Network 		vertiv avocent_umg-4000_firmware The web interface of the Vertiv Avocent UMG-4000 version 4.2.1.19 is vulnerable to stored XSS. A remote attacker authenticated with an administrator account could store a maliciously named file withi… CWE-79
Cross-site Scripting 		CVE-2019-9508 2024-11-21 13:51 2020-03-31 Show GitHub Exploit DB Packet Storm
218643 7.2 HIGH
Network 		vertiv avocent_umg-4000_firmware The web interface of the Vertiv Avocent UMG-4000 version 4.2.1.19 is vulnerable to command injection because the application incorrectly neutralizes code syntax before executing. Since all commands w… CWE-77
Command Injection 		CVE-2019-9507 2024-11-21 13:51 2020-03-31 Show GitHub Exploit DB Packet Storm
218644 7.5 HIGH
Network 		google android In Bluetooth, there is a possible out of bounds read due to a missing bounds check. This could lead to remote information disclosure with no additional execution privileges needed. User interaction i… CWE-125
Out-of-bounds Read 		CVE-2019-9474 2024-11-21 13:51 2020-03-16 Show GitHub Exploit DB Packet Storm
218645 7.5 HIGH
Network 		google android In Bluetooth, there is a possible out of bounds read due to a missing bounds check. This could lead to remote information disclosure with no additional execution privileges needed. User interaction i… CWE-125
Out-of-bounds Read 		CVE-2019-9473 2024-11-21 13:51 2020-03-16 Show GitHub Exploit DB Packet Storm
218646 8.8 HIGH
Adjacent 		synology
broadcom 		router_manager
bcm4339_firmware 		The Broadcom wl WiFi driver is vulnerable to a heap buffer overflow. If the vendor information element data length is larger than 164 bytes, a heap buffer overflow is triggered in wlc_wpa_plumb_gtk. … CWE-787
 Out-of-bounds Write 		CVE-2019-9502 2024-11-21 13:51 2020-02-4 Show GitHub Exploit DB Packet Storm
218647 8.8 HIGH
Adjacent 		synology
broadcom 		router_manager
bcm4339_firmware 		The Broadcom wl WiFi driver is vulnerable to a heap buffer overflow. By supplying a vendor information element with a data length larger than 32 bytes, a heap buffer overflow is triggered in wlc_wpa_… CWE-787
 Out-of-bounds Write 		CVE-2019-9501 2024-11-21 13:51 2020-02-4 Show GitHub Exploit DB Packet Storm
218648 8.3 HIGH
Adjacent 		broadcom
redhat 		brcmfmac_driver
enterprise_linux 		The Broadcom brcmfmac WiFi driver prior to commit a4176ec356c73a46c07c181c6d04039fafa34a9f is vulnerable to a frame validation bypass. If the brcmfmac driver receives a firmware event frame from a re… CWE-20
 Improper Input Validation  		CVE-2019-9503 2024-11-21 13:51 2020-01-17 Show GitHub Exploit DB Packet Storm
218649 8.3 HIGH
Adjacent 		broadcom
linux 		brcmfmac_driver
linux_kernel 		The Broadcom brcmfmac WiFi driver prior to commit 1b5e2423164b3670e8bc9174e4762d297990deff is vulnerable to a heap buffer overflow. If the Wake-up on Wireless LAN functionality is configured, a malic… CWE-787
 Out-of-bounds Write 		CVE-2019-9500 2024-11-21 13:51 2020-01-17 Show GitHub Exploit DB Packet Storm
218650 7.8 HIGH
Local 		microsoft windows_10
windows_server_2019 		A vulnerability in Microsoft Windows 10 1803 and Windows Server 2019 and later systems can allow authenticated RDP-connected clients to gain access to user sessions without needing to interact with t… CWE-755
 Improper Handling of Exceptional Conditions 		CVE-2019-9510 2024-11-21 13:51 2020-01-16 Show GitHub Exploit DB Packet Storm