Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":April 30, 2026, 6 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
227391 4.3 警告 vtls - VTLS vtls.web.gateway の Visionary Technology におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2007-5993 2012-12-20 18:33 2007-11-15 Show GitHub Exploit DB Packet Storm
227392 6.8 警告 Skype Technologies S.A. - Skype の skype4com URI ハンドラにおける任意のコードを実行される脆弱性 CWE-119
バッファエラー 		CVE-2007-5989 2012-12-20 18:33 2007-12-13 Show GitHub Exploit DB Packet Storm
227393 4.3 警告 X7 Group - X7 Chat におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2007-5982 2012-12-20 18:33 2007-11-14 Show GitHub Exploit DB Packet Storm
227394 7.5 危険 XOOPS - XOOPS 用の mylinks モジュールにおける SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2007-5978 2012-12-20 18:33 2007-11-14 Show GitHub Exploit DB Packet Storm
227395 3.5 注意 The phpMyAdmin Project - phpMyAdmin の db_create.php におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2007-5977 2012-12-20 18:33 2007-11-11 Show GitHub Exploit DB Packet Storm
227396 6.5 警告 The phpMyAdmin Project - phpMyAdmin の db_create.php における SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2007-5976 2012-12-20 18:33 2007-11-14 Show GitHub Exploit DB Packet Storm
227397 6.5 警告 torrentstrike - TBSource の index.php における SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2007-5975 2012-12-20 18:33 2007-11-14 Show GitHub Exploit DB Packet Storm
227398 5 警告 really simple caldav store - RSCDS における重要な情報を取得される脆弱性 CWE-noinfo
情報不足 		CVE-2007-5953 2012-12-20 18:33 2007-11-13 Show GitHub Exploit DB Packet Storm
227399 4.3 警告 script-fun - SF-Shoutbox の main.php におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2007-5948 2012-12-20 18:33 2007-11-13 Show GitHub Exploit DB Packet Storm
227400 5 警告 usvn - USVN におけるリポジトリの内容の一覧を取得される脆弱性 CWE-264
認可・権限・アクセス制御 		CVE-2007-5945 2012-12-20 18:33 2007-11-6 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:April 30, 2026, 4:58 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
212751 4.3 MEDIUM
Network 		magento magento A cross-site request forgery vulnerability in Magento 2.1 prior to 2.1.18, Magento 2.2 prior to 2.2.9, Magento 2.3 prior to 2.3.2 can cause unwanted items to be added to a shopper's cart due to an in… CWE-352
 Origin Validation Error 		CVE-2019-7857 2024-11-21 13:48 2019-08-3 Show GitHub Exploit DB Packet Storm
212752 5.3 MEDIUM
Network 		magento magento A cryptograhic flaw in Magento 2.1 prior to 2.1.18, Magento 2.2 prior to 2.2.9, Magento 2.3 prior to 2.3.2 could be abused by an unauthenticated user to discover an invariant used in gift card genera… CWE-338
 Use of Cryptographically Weak Pseudo-Random Number Generator (PRNG) 		CVE-2019-7855 2024-11-21 13:48 2019-08-3 Show GitHub Exploit DB Packet Storm
212753 7.5 HIGH
Network 		magento magento An insecure direct object reference (IDOR) vulnerability in Magento 2.1 prior to 2.1.18, Magento 2.2 prior to 2.2.9, Magento 2.3 prior to 2.3.2 can lead to unauthorized disclosure of company credit h… CWE-639
 Authorization Bypass Through User-Controlled Key 		CVE-2019-7854 2024-11-21 13:48 2019-08-3 Show GitHub Exploit DB Packet Storm
212754 4.8 MEDIUM
Network 		magento magento A stored cross-site scripting vulnerability exists in Magento 2.1 prior to 2.1.18, Magento 2.2 prior to 2.2.9, Magento 2.3 prior to 2.3.2. This could be exploited by an authenticated user with privil… CWE-79
Cross-site Scripting 		CVE-2019-7853 2024-11-21 13:48 2019-08-3 Show GitHub Exploit DB Packet Storm
212755 5.3 MEDIUM
Network 		magento magento A path disclosure vulnerability exists in Magento 2.1 prior to 2.1.18, Magento 2.2 prior to 2.2.9, Magento 2.3 prior to 2.3.2. Requests for a specific file path could result in a redirect to the URL … CWE-200
Information Exposure 		CVE-2019-7852 2024-11-21 13:48 2019-08-3 Show GitHub Exploit DB Packet Storm
212756 6.5 MEDIUM
Network 		magento magento A cross-site request forgery vulnerability in Magento 2.1 prior to 2.1.18, Magento 2.2 prior to 2.2.9, Magento 2.3 prior to 2.3.2 can lead to unintended data deletion from customer pages. CWE-352
 Origin Validation Error 		CVE-2019-7851 2024-11-21 13:48 2019-08-3 Show GitHub Exploit DB Packet Storm
212757 7.5 HIGH
Network 		magento magento A defense-in-depth check was added to mitigate inadequate session validation handling by 3rd party checkout modules. This impacts Magento 1.x prior to 1.9.4.2, Magento Commerce prior to 1.14.4.2, Mag… CWE-384
 Session Fixation 		CVE-2019-7849 2024-11-21 13:48 2019-08-3 Show GitHub Exploit DB Packet Storm
212758 4.9 MEDIUM
Network 		elastic kibana Kibana versions before 6.8.2 and 7.2.1 contain a server side request forgery (SSRF) flaw in the graphite integration for Timelion visualizer. An attacker with administrative Kibana access could set t… CWE-918
Server-Side Request Forgery (SSRF)  		CVE-2019-7616 2024-11-21 13:48 2019-07-31 Show GitHub Exploit DB Packet Storm
212759 7.4 HIGH
Network 		elastic apm-agent-ruby A TLS certificate validation flaw was found in Elastic APM agent for Ruby versions before 2.9.0. When specifying a trusted server CA certificate via the 'server_ca_cert' setting, the Ruby agent would… CWE-295
Improper Certificate Validation  		CVE-2019-7615 2024-11-21 13:48 2019-07-31 Show GitHub Exploit DB Packet Storm
212760 5.9 MEDIUM
Network 		elastic elasticsearch A race condition flaw was found in the response headers Elasticsearch versions before 7.2.1 and 6.8.2 returns to a request. On a system with multiple users submitting requests, it could be possible f… CWE-362
Race Condition 		CVE-2019-7614 2024-11-21 13:48 2019-07-31 Show GitHub Exploit DB Packet Storm