Vulnerability Search Top

Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

Vulnerability Information Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":May 23, 2026, 6 p.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
251421	7.5	危険	ColdGen	-	ColdGen ColdBookmarks の index.cfm における SQL インジェクションの脆弱性	CWE-89 SQLインジェクション	CVE-2010-4915	2012-02-28 10:47	2011-10-8	Show	GitHub Exploit DB Packet Storm

251422	7.5	危険	DeltaScripts	-	PHP Classifieds の tools/phpmailer/class.phpmailer.php における任意の PHP コードを実行される脆弱性	CWE-94 コード・インジェクション	CVE-2010-4914	2012-02-28 10:43	2011-10-8	Show	GitHub Exploit DB Packet Storm

251423	4.3	警告	ColdGen	-	ColdGen ColdUserGroup の search 機能におけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2010-4913	2012-02-28 10:41	2011-10-8	Show	GitHub Exploit DB Packet Storm

251424	7.5	危険	Discuz	-	UCenter Home の shop.php における SQL インジェクションの脆弱性	CWE-89 SQLインジェクション	CVE-2010-4912	2012-02-28 10:40	2011-10-8	Show	GitHub Exploit DB Packet Storm

251425	7.5	危険	Sell@Site	-	PHP Classifieds Ads の classi/detail.php における SQL インジェクションの脆弱性	CWE-89 SQLインジェクション	CVE-2010-4911	2012-02-28 10:39	2011-10-8	Show	GitHub Exploit DB Packet Storm

251426	7.5	危険	ColdGen	-	ColdGen ColdCalendar の index.cfm におけるSQL インジェクションの脆弱性	CWE-89 SQLインジェクション	CVE-2010-4910	2012-02-28 10:37	2011-10-8	Show	GitHub Exploit DB Packet Storm

251427	4.3	警告	Mechbunny	-	PaysiteReviewCMS におけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2010-4909	2012-02-28 10:36	2011-10-8	Show	GitHub Exploit DB Packet Storm

251428	7.5	危険	Virtue Netz	-	Virtue Shopping Mall の detail.php における SQL インジェクションの脆弱性	CWE-89 SQLインジェクション	CVE-2010-4908	2012-02-28 10:35	2011-10-8	Show	GitHub Exploit DB Packet Storm

251429	4.3	警告	Powie	-	Powie pFile の pfile/kommentar.php におけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2012-1211	2012-02-27 17:12	2012-02-24	Show	GitHub Exploit DB Packet Storm

251430	4.3	警告	Apache Software Foundation	-	Apache HTTP Server の mod_proxy モジュールにおけるイントラネットサーバにリクエストを送信される脆弱性	CWE-20 不適切な入力確認	CVE-2011-3639	2012-02-27 17:01	2011-10-25	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:May 23, 2026, 4:08 a.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
223801	6.8	MEDIUM Physics	xen fedoraproject	xen fedora	An issue was discovered in Xen through 4.12.x allowing attackers to gain host OS privileges via DMA in a situation where an untrusted domain has access to a physical device (and assignable-add is not…	CWE-20 Improper Input Validation	CVE-2019-19579	2024-11-21 13:34	2019-12-5	Show	GitHub Exploit DB Packet Storm

223802	6.5	MEDIUM Network	fronius	datamanager_box_2.0_firmware eco_25.0-3-s_firmware eco_27.0-3-s_firmware galvo_1.5-1_firmware galvo_1.5-1_208-240_firmware galvo_2.0-1_firmware galvo_2.0-1_208-240_firmware galvo…	admincgi-bin/service.fcgi on Fronius Solar Inverter devices before 3.14.1 (HM 1.12.1) allows action=download&filename= Directory Traversal.	CWE-22 Path Traversal	CVE-2019-19229	2024-11-21 13:34	2019-12-5	Show	GitHub Exploit DB Packet Storm

223803	9.8	CRITICAL Network	verot_project getk2	verot k2	class.upload.php in verot.net class.upload before 1.0.3 and 2.x before 2.0.4, as used in the K2 extension for Joomla! and other products, omits .phar from the set of dangerous file extensions.	CWE-434 Unrestricted Upload of File with Dangerous Type	CVE-2019-19576	2024-11-21 13:34	2019-12-5	Show	GitHub Exploit DB Packet Storm

223804	9.8	CRITICAL Network	fronius	datamanager_box_2.0_firmware eco_25.0-3-s_firmware eco_27.0-3-s_firmware galvo_1.5-1_firmware galvo_1.5-1_208-240_firmware galvo_2.0-1_firmware galvo_2.0-1_208-240_firmware galvo…	Fronius Solar Inverter devices before 3.14.1 (HM 1.12.1) allow attackers to bypass authentication because the password for the today account is stored in the /tmp/web_users.conf file.	CWE-312 Cleartext Storage of Sensitive Information	CVE-2019-19228	2024-11-21 13:34	2019-12-5	Show	GitHub Exploit DB Packet Storm

223805	5.5	MEDIUM Local	xfig_project	xfig	read_textobject in read.c in Xfig fig2dev 3.2.7b has a stack-based buffer overflow because of an incorrect sscanf.	CWE-787 Out-of-bounds Write	CVE-2019-19555	2024-11-21 13:34	2019-12-5	Show	GitHub Exploit DB Packet Storm

223806	7.8	HIGH Local	linux	linux_kernel	In the Linux kernel before 5.1.6, there is a use-after-free in serial_ir_init_module() in drivers/media/rc/serial_ir.c.	CWE-416 Use After Free	CVE-2019-19543	2024-11-21 13:34	2019-12-4	Show	GitHub Exploit DB Packet Storm

223807	9.8	CRITICAL Network	saltosystem	proaccess_space	An issue was discovered in SALTO ProAccess SPACE 5.4.3.0. An attacker can write arbitrary content to arbitrary files, as demonstrated by CVE-2019-19458 files under the web root, or .bat files that wi…	CWE-22 Path Traversal	CVE-2019-19459	2024-11-21 13:34	2019-12-4	Show	GitHub Exploit DB Packet Storm

223808	8.6	HIGH Network	saltosystem	proaccess_space	SALTO ProAccess SPACE 5.4.3.0 allows Directory Traversal in the Data Export feature.	CWE-22 Path Traversal	CVE-2019-19458	2024-11-21 13:34	2019-12-4	Show	GitHub Exploit DB Packet Storm

223809	5.4	MEDIUM Network	saltosystem	proaccess_space	SALTO ProAccess SPACE 5.4.3.0 allows XSS.	CWE-79 Cross-site Scripting	CVE-2019-19457	2024-11-21 13:34	2019-12-4	Show	GitHub Exploit DB Packet Storm

223810	8.8	HIGH Network	freeftpd	freeftpd	freeFTPd 1.0.8 has a Post-Authentication Buffer Overflow via a crafted SIZE command (this is exploitable even if logging is disabled).	CWE-120 Classic Buffer Overflow	CVE-2019-19383	2024-11-21 13:34	2019-12-4	Show	GitHub Exploit DB Packet Storm