Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":May 15, 2026, 6 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
255501 7.5 危険 サン・マイクロシステムズ
GNU Project
サイバートラスト株式会社
レッドハット		 - GNU tar の safer_name_suffix 関数におけるバッファオーバーフローの脆弱性 CWE-119
バッファエラー 		CVE-2007-4476 2010-03-25 11:47 2007-08-17 Show GitHub Exploit DB Packet Storm
255502 7.8 危険 VMware - VMware Fusion の vmx86 のカーネル拡張における整数オーバーフローの脆弱性 CWE-189
数値処理の問題 		CVE-2009-3282 2010-03-24 12:23 2009-10-1 Show GitHub Exploit DB Packet Storm
255503 7.2 危険 VMware - VMware Fusion の vmx86 のカーネル拡張における権限昇格の脆弱性 CWE-264
認可・権限・アクセス制御 		CVE-2009-3281 2010-03-24 12:22 2009-10-1 Show GitHub Exploit DB Packet Storm
255504 9.3 危険 VMware - 複数の VMware 製品の VMnc media コーデックにおける任意のコードを実行される脆弱性 CWE-94
コード・インジェクション 		CVE-2009-2628 2010-03-24 12:22 2009-09-4 Show GitHub Exploit DB Packet Storm
255505 9.3 危険 VMware - 複数の VMware 製品の VMnc media コーデックにおけるヒープベースのバッファオーバーフローの脆弱性 CWE-119
バッファエラー 		CVE-2009-0199 2010-03-24 12:22 2009-09-4 Show GitHub Exploit DB Packet Storm
255506 5 警告 VMware - VMware Studio の Web インターフェースにおけるディレクトリトラバーサルの脆弱性 CWE-22
パス・トラバーサル 		CVE-2009-2968 2010-03-24 12:22 2009-08-31 Show GitHub Exploit DB Packet Storm
255507 4 警告 VMware - 複数の VMware 製品の Descheduled Time Accounting ドライバにおけるサービス運用妨害 (DoS) の脆弱性 CWE-noinfo
情報不足 		CVE-2009-1805 2010-03-24 12:22 2009-05-28 Show GitHub Exploit DB Packet Storm
255508 6.8 警告 VMware - 複数の VMware 製品の仮想マシン表示機能における任意のコードを実行される脆弱性 CWE-noinfo
情報不足 		CVE-2009-1244 2010-03-24 12:21 2009-04-10 Show GitHub Exploit DB Packet Storm
255509 7.2 危険 VMware - 複数の VMware 製品の仮想マシン通信インターフェイスにおける権限昇格の脆弱性 CWE-noinfo
情報不足 		CVE-2009-1147 2010-03-24 12:21 2009-04-3 Show GitHub Exploit DB Packet Storm
255510 4.9 警告 VMware - 複数の VMware 製品の ioctl におけるサービス運用妨害 (DoS) の脆弱性 CWE-noinfo
情報不足 		CVE-2009-1146 2010-03-23 14:11 2010-04-3 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:May 15, 2026, 4:28 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
222231 6.5 MEDIUM
Network 		libwav_project libwav marc-q libwav through 2017-04-20 has a NULL pointer dereference in wav_content_read() at libwav.c. CWE-476
 NULL Pointer Dereference 		CVE-2019-19698 2024-11-21 13:35 2019-12-10 Show GitHub Exploit DB Packet Storm
222232 9.8 CRITICAL
Network 		sqlite
siemens
tenable
oracle
netapp 		sqlite
sinec_infrastructure_network_services
tenable.sc
mysql_workbench
cloud_backup
ontap_select_deploy_administration_utility 		pragma.c in SQLite through 3.30.1 mishandles NOT NULL in an integrity_check PRAGMA command in certain cases of generated columns. CWE-754
 Improper Check for Unusual or Exceptional Conditions 		CVE-2019-19646 2024-11-21 13:35 2019-12-10 Show GitHub Exploit DB Packet Storm
222233 7.5 HIGH
Network 		sqlite
oracle
siemens
apache
netapp 		sqlite
mysql_workbench
sinec_infrastructure_network_services
guacamole
cloud_backup
ontap_select_deploy_administration_utility 		SQLite 3.30.1 mishandles certain SELECT statements with a nonexistent VIEW, leading to an application crash. NVD-CWE-noinfo
CVE-2019-19603 2024-11-21 13:35 2019-12-10 Show GitHub Exploit DB Packet Storm
222234 8.8 HIGH
Network 		openstack keystone OpenStack Keystone 15.0.0 and 16.0.0 is affected by Data Leakage in the list credentials API. Any user with a role on a project is able to list any credentials with the /v3/credentials API when enfor… CWE-522
 Insufficiently Protected Credentials 		CVE-2019-19687 2024-11-21 13:35 2019-12-10 Show GitHub Exploit DB Packet Storm
222235 8.8 HIGH
Network 		nopcommerce nopcommerce RoxyFileman, as shipped with nopCommerce v4.2.0, is vulnerable to CSRF because GET requests can be used for renames and deletions. CWE-352
 Origin Validation Error 		CVE-2019-19685 2024-11-21 13:35 2019-12-10 Show GitHub Exploit DB Packet Storm
222236 8.8 HIGH
Network 		nopcommerce nopcommerce nopCommerce v4.2.0 allows privilege escalation via file upload in Presentation/Nop.Web/Admin/Areas/Controllers/PluginController.cs via Admin/FacebookAuthentication/Configure because it is possible to… CWE-434
 Unrestricted Upload of File with Dangerous Type  		CVE-2019-19684 2024-11-21 13:35 2019-12-10 Show GitHub Exploit DB Packet Storm
222237 9.1 CRITICAL
Network 		nopcommerce nopcommerce RoxyFileman, as shipped with nopCommerce v4.2.0, is vulnerable to ../ path traversal via d or f to Admin/RoxyFileman/ProcessRequest because of Libraries/Nop.Services/Media/RoxyFileman/FileRoxyFileman… CWE-22
Path Traversal 		CVE-2019-19683 2024-11-21 13:35 2019-12-10 Show GitHub Exploit DB Packet Storm
222238 4.8 MEDIUM
Network 		nopcommerce nopcommerce nopCommerce through 4.20 allows XSS in the SaveStoreMappings of the components \Presentation\Nop.Web\Areas\Admin\Controllers\NewsController.cs and \Presentation\Nop.Web\Areas\Admin\Controllers\BlogCo… CWE-79
Cross-site Scripting 		CVE-2019-19682 2024-11-21 13:35 2019-12-10 Show GitHub Exploit DB Packet Storm
222239 5.4 MEDIUM
Network 		xpand-it xray_test_mangaement In "Xray Test Management for Jira" prior to version 3.5.5, remote authenticated attackers can cause XSS in the Pre-Condition Summary entry point via the summary field of a Create Pre-Condition action… CWE-79
Cross-site Scripting 		CVE-2019-19679 2024-11-21 13:35 2019-12-10 Show GitHub Exploit DB Packet Storm
222240 5.4 MEDIUM
Network 		xpand-it xray_test_mangaement In "Xray Test Management for Jira" prior to version 3.5.5, remote authenticated attackers can cause XSS in the generic field entry point via the Generic Test Definition field of a new Generic Test is… CWE-79
Cross-site Scripting 		CVE-2019-19678 2024-11-21 13:35 2019-12-10 Show GitHub Exploit DB Packet Storm