Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":May 18, 2026, 6 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
251691 7.5 危険 The Cacti Group - Cacti の auth_login.php における SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2011-4824 2011-12-19 15:06 2011-09-26 Show GitHub Exploit DB Packet Storm
251692 4.3 警告 Atlassian - Atlassian FishEye のユーザプロファイル機能におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2011-4822 2011-12-19 15:05 2011-10-24 Show GitHub Exploit DB Packet Storm
251693 3.6 注意 Artsoft Entertainment - Artsoft Entertainment の Rocks'n'Diamonds における任意のファイルを上書きされる脆弱性 CWE-264
認可・権限・アクセス制御 		CVE-2011-4606 2011-12-19 15:05 2011-12-15 Show GitHub Exploit DB Packet Storm
251694 4.3 警告 Digium - Asterisk の channels/chan_sip.c におけるサービス運用妨害 (DoS) の脆弱性 CWE-200
情報漏えい 		CVE-2011-4598 2011-12-19 15:03 2011-11-2 Show GitHub Exploit DB Packet Storm
251695 5 警告 Digium - Asterisk の UDP 実装での SIP におけるユーザ名を列挙される脆弱性 CWE-200
情報漏えい 		CVE-2011-4597 2011-12-19 15:01 2011-07-18 Show GitHub Exploit DB Packet Storm
251696 7.5 危険 Caupo.Net - CaupoShop Pro および CaupoShop Classic におけるディレクトリトラバーサルの脆弱性 CWE-22
パス・トラバーサル 		CVE-2011-4832 2011-12-19 13:44 2011-12-15 Show GitHub Exploit DB Packet Storm
251697 4 警告 David Azoulay - Web File Browser の webFileBrowser.php におけるディレクトリトラバーサルの脆弱性 CWE-22
パス・トラバーサル 		CVE-2011-4831 2011-12-19 13:43 2011-12-15 Show GitHub Exploit DB Packet Storm
251698 7.5 危険 e4j Extensions for Joomla - Joomla! 用 Vik Real Estate コンポーネントにおける SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2011-4823 2011-12-19 11:52 2011-12-15 Show GitHub Exploit DB Packet Storm
251699 3.5 注意 Barter Sites - Joomla! 用 Barter Sites の com_listing コンポーネントにおけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2011-4830 2011-12-19 11:51 2011-12-15 Show GitHub Exploit DB Packet Storm
251700 7.5 危険 Barter Sites - Joomla! 用 Barter Sites の com_listing コンポーネントにおける SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2011-4829 2011-12-19 11:50 2011-12-15 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:May 19, 2026, 4:16 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
222611 6.5 MEDIUM
Network 		serpico_project serpico An issue was discovered in Serpico (aka SimplE RePort wrIting and CollaboratiOn tool) 1.3.0. An admin can change their password without providing the current password, by using interfaces outside the… CWE-287
Improper Authentication 		CVE-2019-19857 2024-11-21 13:35 2020-01-16 Show GitHub Exploit DB Packet Storm
222612 4.8 MEDIUM
Network 		serpico_project serpico An issue was discovered in Serpico (aka SimplE RePort wrIting and CollaboratiOn tool) 1.3.0. The User Type on the admin/list_user page allows stored XSS via the type parameter. CWE-79
Cross-site Scripting 		CVE-2019-19856 2024-11-21 13:35 2020-01-16 Show GitHub Exploit DB Packet Storm
222613 4.8 MEDIUM
Network 		serpico_project serpico An issue was discovered in Serpico (aka SimplE RePort wrIting and CollaboratiOn tool) 1.3.0. admin/list_user allows stored XSS via the auth_type parameter. CWE-79
Cross-site Scripting 		CVE-2019-19855 2024-11-21 13:35 2020-01-16 Show GitHub Exploit DB Packet Storm
222614 8.8 HIGH
Network 		serpico_project serpico An issue was discovered in Serpico (aka SimplE RePort wrIting and CollaboratiOn tool) 1.3.0. It does not use CSRF Tokens to mitigate against CSRF; it uses the Origin header (which must match the requ… CWE-352
 Origin Validation Error 		CVE-2019-19854 2024-11-21 13:35 2020-01-16 Show GitHub Exploit DB Packet Storm
222615 8.8 HIGH
Network 		proofpoint enterprise_protection A file-extension filtering vulnerability in Proofpoint Enterprise Protection (PPS / PoD), in the unpatched versions of PPS through 8.9.22 and 8.14.2 respectively, allows attackers to bypass protectio… NVD-CWE-Other
CVE-2019-19680 2024-11-21 13:35 2020-01-14 Show GitHub Exploit DB Packet Storm
222616 7.5 HIGH
Network 		schedmd
opensuse
debian 		slurm
leap
debian_linux 		SchedMD Slurm before 18.08.9 and 19.x before 19.05.5 executes srun --uid with incorrect privileges. CWE-269
 Improper Privilege Management 		CVE-2019-19728 2024-11-21 13:35 2020-01-14 Show GitHub Exploit DB Packet Storm
222617 5.5 MEDIUM
Local 		schedmd
opensuse 		slurm
leap 		SchedMD Slurm before 18.08.9 and 19.x before 19.05.5 has weak slurmdbd.conf permissions. CWE-732
 Incorrect Permission Assignment for Critical Resource 		CVE-2019-19727 2024-11-21 13:35 2020-01-14 Show GitHub Exploit DB Packet Storm
222618 5.9 MEDIUM
Network 		mitel sip-dect_firmware An encryption key vulnerability on Mitel SIP-DECT wireless devices 8.0 and 8.1 could allow an attacker to launch a man-in-the-middle attack. A successful exploit may allow the attacker to intercept s… CWE-327
 Use of a Broken or Risky Cryptographic Algorithm 		CVE-2019-19891 2024-11-21 13:35 2020-01-14 Show GitHub Exploit DB Packet Storm
222619 5.5 MEDIUM
Local 		gonitro nitropdf The JBIG2Globals library in npdf.dll in Nitro Free PDF Reader 12.0.0.112 has a CAPPDAnnotHandlerUtils::PDAnnotHandlerDestroyData2+0x90ec NULL Pointer Dereference via crafted Unicode content. CWE-476
 NULL Pointer Dereference 		CVE-2019-19819 2024-11-21 13:35 2020-01-11 Show GitHub Exploit DB Packet Storm
222620 5.5 MEDIUM
Local 		gonitro nitro_free_pdf_reader The JBIG2Decode library in npdf.dll in Nitro Free PDF Reader 12.0.0.112 has a CAPPDAnnotHandlerUtils::PDAnnotHandlerDestroyData2+0x2e8a Out-of-Bounds Read via crafted Unicode content. CWE-125
Out-of-bounds Read 		CVE-2019-19817 2024-11-21 13:35 2020-01-11 Show GitHub Exploit DB Packet Storm