Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":May 20, 2026, 6 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
251421 4 警告 The Support Incident Tracker Project - Support Incident Tracker の move_uploaded_file.php における重要な情報を取得される脆弱性 CWE-200
情報漏えい 		CVE-2011-5067 2012-02-1 16:07 2012-01-29 Show GitHub Exploit DB Packet Storm
251422 6 警告 The Support Incident Tracker Project - Support Incident Tracker の ftp_upload_file.php における任意の PHP コードを実行される脆弱性 CWE-Other
その他 		CVE-2011-3833 2012-02-1 16:05 2012-01-29 Show GitHub Exploit DB Packet Storm
251423 6.5 警告 The Support Incident Tracker Project - Support Incident Tracker の config.php における任意の PHP コードを実行される脆弱性 CWE-94
コード・インジェクション 		CVE-2011-3832 2012-02-1 16:02 2012-01-29 Show GitHub Exploit DB Packet Storm
251424 7.5 危険 The Support Incident Tracker Project - Support Incident Tracker の incident_attachments.php における SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2011-3831 2012-02-1 16:01 2012-01-29 Show GitHub Exploit DB Packet Storm
251425 4.3 警告 The Support Incident Tracker Project - Support Incident Tracker の search.php におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2011-3830 2012-02-1 15:59 2012-01-29 Show GitHub Exploit DB Packet Storm
251426 4 警告 The Support Incident Tracker Project - Support Incident Tracker の ftp_upload_file.php における重要な情報を取得される脆弱性 CWE-200
情報漏えい 		CVE-2011-3829 2012-02-1 15:58 2012-01-29 Show GitHub Exploit DB Packet Storm
251427 4 警告 イー・アクセス株式会社 - Pocket WiFi (GP02) におけるクロスサイトリクエストフォージェリの脆弱性 CWE-352
同一生成元ポリシー違反 		CVE-2012-0314 2012-02-1 12:01 2012-02-1 Show GitHub Exploit DB Packet Storm
251428 5.8 警告 OpenNMS - OpenNMS におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2012-0936 2012-02-1 11:05 2012-01-29 Show GitHub Exploit DB Packet Storm
251429 7.5 危険 Aryadad - Aryadad CMS の Default.aspx における SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2012-0935 2012-02-1 11:03 2012-01-29 Show GitHub Exploit DB Packet Storm
251430 7.5 危険 Zingiri - WordPress 用 Theme Tuner プラグインにおける任意の PHP コードを実行される脆弱性 CWE-94
コード・インジェクション 		CVE-2012-0934 2012-02-1 11:03 2012-01-29 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:May 20, 2026, 4:14 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
223331 9.8 CRITICAL
Network 		verot_project
getk2 		verot
k2 		class.upload.php in verot.net class.upload before 1.0.3 and 2.x before 2.0.4, as used in the K2 extension for Joomla! and other products, omits .phar from the set of dangerous file extensions. CWE-434
 Unrestricted Upload of File with Dangerous Type  		CVE-2019-19576 2024-11-21 13:34 2019-12-5 Show GitHub Exploit DB Packet Storm
223332 9.8 CRITICAL
Network 		fronius datamanager_box_2.0_firmware
eco_25.0-3-s_firmware
eco_27.0-3-s_firmware
galvo_1.5-1_firmware
galvo_1.5-1_208-240_firmware
galvo_2.0-1_firmware
galvo_2.0-1_208-240_firmware
galvo… 		Fronius Solar Inverter devices before 3.14.1 (HM 1.12.1) allow attackers to bypass authentication because the password for the today account is stored in the /tmp/web_users.conf file. CWE-312
 Cleartext Storage of Sensitive Information 		CVE-2019-19228 2024-11-21 13:34 2019-12-5 Show GitHub Exploit DB Packet Storm
223333 5.5 MEDIUM
Local 		xfig_project xfig read_textobject in read.c in Xfig fig2dev 3.2.7b has a stack-based buffer overflow because of an incorrect sscanf. CWE-787
 Out-of-bounds Write 		CVE-2019-19555 2024-11-21 13:34 2019-12-5 Show GitHub Exploit DB Packet Storm
223334 7.8 HIGH
Local 		linux linux_kernel In the Linux kernel before 5.1.6, there is a use-after-free in serial_ir_init_module() in drivers/media/rc/serial_ir.c. CWE-416
 Use After Free 		CVE-2019-19543 2024-11-21 13:34 2019-12-4 Show GitHub Exploit DB Packet Storm
223335 9.8 CRITICAL
Network 		saltosystem proaccess_space An issue was discovered in SALTO ProAccess SPACE 5.4.3.0. An attacker can write arbitrary content to arbitrary files, as demonstrated by CVE-2019-19458 files under the web root, or .bat files that wi… CWE-22
Path Traversal 		CVE-2019-19459 2024-11-21 13:34 2019-12-4 Show GitHub Exploit DB Packet Storm
223336 8.6 HIGH
Network 		saltosystem proaccess_space SALTO ProAccess SPACE 5.4.3.0 allows Directory Traversal in the Data Export feature. CWE-22
Path Traversal 		CVE-2019-19458 2024-11-21 13:34 2019-12-4 Show GitHub Exploit DB Packet Storm
223337 5.4 MEDIUM
Network 		saltosystem proaccess_space SALTO ProAccess SPACE 5.4.3.0 allows XSS. CWE-79
Cross-site Scripting 		CVE-2019-19457 2024-11-21 13:34 2019-12-4 Show GitHub Exploit DB Packet Storm
223338 8.8 HIGH
Network 		freeftpd freeftpd freeFTPd 1.0.8 has a Post-Authentication Buffer Overflow via a crafted SIZE command (this is exploitable even if logging is disabled). CWE-120
Classic Buffer Overflow 		CVE-2019-19383 2024-11-21 13:34 2019-12-4 Show GitHub Exploit DB Packet Storm
223339 7.8 HIGH
Local 		maxpcsecure anti_virus_plus Max Secure Anti Virus Plus 19.0.4.020 has Insecure Permissions on the installation directory. Local attackers can replace a .exe or .dll file to achieve privilege escalation. CWE-732
 Incorrect Permission Assignment for Critical Resource 		CVE-2019-19382 2024-11-21 13:34 2019-12-4 Show GitHub Exploit DB Packet Storm
223340 5.5 MEDIUM
Local 		saltosystem proaccess_space An issue was discovered in SALTO ProAccess SPACE 5.4.3.0. The product's webserver runs as a Windows service with local SYSTEM permissions by default. This is against the principle of least privilege.… CWE-276
Incorrect Default Permissions  		CVE-2019-19460 2024-11-21 13:34 2019-12-4 Show GitHub Exploit DB Packet Storm