Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":May 2, 2026, 4 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
227751 5 警告 wwwisis - WWWISIS の wxis.exe におけるディレクトリトラバーサルの脆弱性 CWE-22
パス・トラバーサル 		CVE-2007-5484 2012-12-20 18:33 2007-10-16 Show GitHub Exploit DB Packet Storm
227752 6.4 警告 サン・マイクロシステムズ - Sun StorEdge/StorageTek 3510 FC Array の FTP サービスにおけるサービス運用妨害 (DoS) の脆弱性 CWE-noinfo
情報不足 		CVE-2007-5482 2012-12-20 18:33 2007-10-15 Show GitHub Exploit DB Packet Storm
227753 4.3 警告 xcomputer - Xcomputer の Search.asp におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2007-5479 2012-12-20 18:33 2007-10-16 Show GitHub Exploit DB Packet Storm
227754 4.3 警告 valve software - WebMod Half-Life Dedicated Server プラグインの auth.w におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2007-5477 2012-12-20 18:33 2007-10-16 Show GitHub Exploit DB Packet Storm
227755 7.8 危険 SUSE - SUSE Linux Enterprise Server の ISC BIND named デーモンで使用される libgssapi におけるサービス運用妨害 (DoS) の脆弱性 CWE-DesignError
CVE-2007-5471 2012-12-20 18:33 2007-10-15 Show GitHub Exploit DB Packet Storm
227756 5 警告 viart - ViArt Shop の iDEAL payment モジュール における証明書および鍵ファイルのパス名を取得される脆弱性 CWE-22
パス・トラバーサル 		CVE-2007-5463 2012-12-20 18:33 2007-10-15 Show GitHub Exploit DB Packet Storm
227757 4.3 警告 wwwisis - WWWISIS の wxis.exe におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2007-5455 2012-12-20 18:33 2007-10-14 Show GitHub Exploit DB Packet Storm
227758 8.5 危険 php-stats - Php-Stats における任意のコードを実行される脆弱性 CWE-94
コード・インジェクション 		CVE-2007-5453 2012-12-20 18:33 2007-10-14 Show GitHub Exploit DB Packet Storm
227759 10 危険 php-stats - Php-Stats の php-stats.recjs.php における SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2007-5452 2012-12-20 18:33 2007-10-14 Show GitHub Exploit DB Packet Storm
227760 7.5 危険 softbiz - Softbiz Recipes Portal Script の searchresult.php における SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2007-5449 2012-12-20 18:33 2007-10-14 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:May 2, 2026, 4:08 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
223361 8.8 HIGH
Network 		imagemagick
opensuse 		imagemagick
leap 		ImageMagick 7.0.8-50 Q16 has a heap-based buffer overflow at MagickCore/pixel-accessor.h in SetPixelViaPixelInfo because of a MagickCore/enhance.c error. CWE-787
 Out-of-bounds Write 		CVE-2019-13298 2024-11-21 13:24 2019-07-5 Show GitHub Exploit DB Packet Storm
223362 8.8 HIGH
Network 		imagemagick
debian
canonical
opensuse 		imagemagick
debian_linux
ubuntu_linux
leap 		ImageMagick 7.0.8-50 Q16 has a heap-based buffer over-read at MagickCore/threshold.c in AdaptiveThresholdImage because a height of zero is mishandled. CWE-125
Out-of-bounds Read 		CVE-2019-13297 2024-11-21 13:24 2019-07-5 Show GitHub Exploit DB Packet Storm
223363 6.5 MEDIUM
Network 		imagemagick
opensuse 		imagemagick
leap 		ImageMagick 7.0.8-50 Q16 has direct memory leaks in AcquireMagickMemory because of an error in CLIListOperatorImages in MagickWand/operation.c for a NULL value. CWE-401
 Missing Release of Memory after Effective Lifetime 		CVE-2019-13296 2024-11-21 13:24 2019-07-5 Show GitHub Exploit DB Packet Storm
223364 8.8 HIGH
Network 		imagemagick
debian
opensuse
canonical 		imagemagick
debian_linux
leap
ubuntu_linux 		ImageMagick 7.0.8-50 Q16 has a heap-based buffer over-read at MagickCore/threshold.c in AdaptiveThresholdImage because a width of zero is mishandled. CWE-125
Out-of-bounds Read 		CVE-2019-13295 2024-11-21 13:24 2019-07-5 Show GitHub Exploit DB Packet Storm
223365 9.8 CRITICAL
Network 		arox school-erp AROX School-ERP Pro has a command execution vulnerability. import_stud.php and upload_fille.php do not have session control. Therefore an unauthenticated user can execute a command on the system. CWE-287
CWE-434
Improper Authentication
 Unrestricted Upload of File with Dangerous Type  		CVE-2019-13294 2024-11-21 13:24 2019-07-5 Show GitHub Exploit DB Packet Storm
223366 9.8 CRITICAL
Network 		weberp weberp A SQL Injection issue was discovered in webERP 4.15. Payments.php accepts payment data in base64 format. After this is decoded, it is deserialized. Then, this deserialized data goes directly into a S… CWE-89
SQL Injection 		CVE-2019-13292 2024-11-21 13:24 2019-07-5 Show GitHub Exploit DB Packet Storm
223367 5.5 MEDIUM
Local 		glyphandcog xpdfreader In Xpdf 4.01.01, there is a heap-based buffer over-read in the function DCTStream::readScan() located at Stream.cc. It can, for example, be triggered by sending a crafted PDF document to the pdftops … CWE-125
Out-of-bounds Read 		CVE-2019-13291 2024-11-21 13:24 2019-07-5 Show GitHub Exploit DB Packet Storm
223368 7.8 HIGH
Local 		artifex mupdf Artifex MuPDF 1.15.0 has a heap-based buffer overflow in fz_append_display_node located at fitz/list-device.c, allowing remote attackers to execute arbitrary code via a crafted PDF file. This occurs … CWE-787
 Out-of-bounds Write 		CVE-2019-13290 2024-11-21 13:24 2019-07-5 Show GitHub Exploit DB Packet Storm
223369 7.8 HIGH
Local 		glyphandcog xpdfreader In Xpdf 4.01.01, there is a use-after-free vulnerability in the function JBIG2Stream::close() located at JBIG2Stream.cc. It can, for example, be triggered by sending a crafted PDF document to the pdf… CWE-416
 Use After Free 		CVE-2019-13289 2024-11-21 13:24 2019-07-5 Show GitHub Exploit DB Packet Storm
223370 5.5 MEDIUM
Local 		glyphandcog xpdfreader In Xpdf 4.01.01, the Parser::getObj() function in Parser.cc may cause infinite recursion via a crafted file. A remote attacker can leverage this for a DoS attack. This is similar to CVE-2018-16646. CWE-674
 Uncontrolled Recursion 		CVE-2019-13288 2024-11-21 13:24 2019-07-5 Show GitHub Exploit DB Packet Storm