Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":May 3, 2026, 6 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
227731 7.2 危険 VMware - VMware Server における権限を取得される脆弱性 CWE-noinfo
情報不足 		CVE-2007-5619 2012-12-20 18:33 2007-10-21 Show GitHub Exploit DB Packet Storm
227732 7.2 危険 VMware - VMware Playerなどの製品における Authorization などのサービスにおける権限を取得される脆弱性 CWE-noinfo
情報不足 		CVE-2007-5618 2012-12-20 18:33 2007-10-21 Show GitHub Exploit DB Packet Storm
227733 10 危険 VMware - VMware Player および Workstation における脆弱性 CWE-noinfo
情報不足 		CVE-2007-5617 2012-12-20 18:33 2007-10-21 Show GitHub Exploit DB Packet Storm
227734 9.3 危険 SonicWALL - SonicWall SSL-VPN NetExtender NELaunchCtrl ActiveX コントロールにおけるスタックベースのバッファオーバーフローの脆弱性 CWE-119
バッファエラー 		CVE-2007-5603 2012-12-20 18:33 2007-11-5 Show GitHub Exploit DB Packet Storm
227735 10 危険 swiftview - SwiftView Viewer におけるスタックベースのバッファーオーバーフローの脆弱性 CWE-119
バッファエラー 		CVE-2007-5602 2012-12-20 18:33 2007-10-2 Show GitHub Exploit DB Packet Storm
227736 4.3 警告 The phpMyAdmin Project - phpMyAdmin におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2007-5589 2012-12-20 18:33 2007-10-17 Show GitHub Exploit DB Packet Storm
227737 5 警告 XScreenSaver project - xscreensaver におけるロックされたセッションへのアクセス権を取得される脆弱性 CWE-399
リソース管理の問題 		CVE-2007-5585 2012-12-20 18:33 2007-10-19 Show GitHub Exploit DB Packet Storm
227738 7.5 危険 Pligg - Pligg CMS の login.php におけるユーザのパスワードを再設定される脆弱性 CWE-255
証明書・パスワード管理 		CVE-2007-5579 2012-12-20 18:33 2007-10-18 Show GitHub Exploit DB Packet Storm
227739 7.5 危険 Secure Ideas - BASE における認証を回避される脆弱性 CWE-287
不適切な認証 		CVE-2007-5578 2012-12-20 18:33 2007-10-18 Show GitHub Exploit DB Packet Storm
227740 4.3 警告 treble designs - 1024 CMS におけるクロスサイトリクエストフォージェリの脆弱性 CWE-352
同一生成元ポリシー違反 		CVE-2007-5575 2012-12-20 18:33 2007-10-18 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:May 3, 2026, 4:06 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
223101 5.3 MEDIUM
Network 		rangerstudio directus_7 interfaces/markdown/input.vue in Directus 7 Application before 7.7.0 does not sanitize Markdown text before rendering a preview. NVD-CWE-noinfo
CVE-2019-13982 2024-11-21 13:25 2019-07-20 Show GitHub Exploit DB Packet Storm
223102 5.3 MEDIUM
Network 		rangerstudio directus_7_api In Directus 7 API through 2.3.0, remote attackers can read image files via a direct request for a filename under the uploads/_/originals/ directory. This is related to a configuration option in which… CWE-425
 Direct Request ('Forced Browsing') 		CVE-2019-13981 2024-11-21 13:25 2019-07-20 Show GitHub Exploit DB Packet Storm
223103 8.8 HIGH
Network 		rangerstudio directus_7_api In Directus 7 API through 2.3.0, uploading of PHP files is blocked only when the Apache HTTP Server is used, leading to uploads/_/originals remote code execution with nginx. CWE-434
 Unrestricted Upload of File with Dangerous Type  		CVE-2019-13980 2024-11-21 13:25 2019-07-20 Show GitHub Exploit DB Packet Storm
223104 8.8 HIGH
Network 		rangerstudio directus_7_api In Directus 7 API before 2.2.1, uploading of PHP files is not blocked, leading to uploads/_/originals remote code execution. CWE-434
 Unrestricted Upload of File with Dangerous Type  		CVE-2019-13979 2024-11-21 13:25 2019-07-20 Show GitHub Exploit DB Packet Storm
223105 5.5 MEDIUM
Local 		linux linux_kernel In the Linux kernel through 5.2.1 on the powerpc platform, when hardware transactional memory is disabled, a local user can cause a denial of service (TM Bad Thing exception and system crash) via a s… CWE-399
 Resource Management Errors 		CVE-2019-13648 2024-11-21 13:25 2019-07-19 Show GitHub Exploit DB Packet Storm
223106 8.8 HIGH
Network 		ovidentia ovidentia Ovidentia 8.4.3 has SQL Injection via the id parameter in an index.php?tg=delegat&idx=mem request. CWE-89
SQL Injection 		CVE-2019-13978 2024-11-21 13:25 2019-07-19 Show GitHub Exploit DB Packet Storm
223107 5.4 MEDIUM
Network 		ovidentia ovidentia index.php in Ovidentia 8.4.3 has XSS via tg=groups, tg=maildoms&idx=create&userid=0&bgrp=y, tg=delegat, tg=site&idx=create, tg=site&item=4, tg=admdir&idx=mdb&id=1, tg=notes&idx=Create, tg=admfaqs&idx… CWE-79
Cross-site Scripting 		CVE-2019-13977 2024-11-21 13:25 2019-07-19 Show GitHub Exploit DB Packet Storm
223108 8.8 HIGH
Network 		layerbb layerbb LayerBB 1.1.3 allows conversations.php/cmd/new CSRF. CWE-352
 Origin Validation Error 		CVE-2019-13974 2024-11-21 13:25 2019-07-19 Show GitHub Exploit DB Packet Storm
223109 9.8 CRITICAL
Network 		layerbb layerbb LayerBB 1.1.3 allows admin/general.php arbitrary file upload because the custom_logo filename suffix is not restricted, and .php may be used. CWE-434
 Unrestricted Upload of File with Dangerous Type  		CVE-2019-13973 2024-11-21 13:25 2019-07-19 Show GitHub Exploit DB Packet Storm
223110 6.1 MEDIUM
Network 		layerbb layerbb LayerBB 1.1.3 allows XSS via the application/commands/new.php pm_title variable, a related issue to CVE-2019-17997. CWE-79
Cross-site Scripting 		CVE-2019-13972 2024-11-21 13:25 2019-07-19 Show GitHub Exploit DB Packet Storm