Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":May 2, 2026, 2 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
227901 7.5 危険 sisfo kampus - Sisfo Kampus 2006 の blanko.preview.php における絶対パストラバーサルの脆弱性 CWE-22
パス・トラバーサル 		CVE-2007-4820 2012-12-20 18:33 2007-09-11 Show GitHub Exploit DB Packet Storm
227902 4.3 警告 txx cms - Txx CMS におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2007-4819 2012-12-20 18:33 2007-09-11 Show GitHub Exploit DB Packet Storm
227903 7.5 危険 txx cms - Txx CMS における PHP リモートファイルインクルージョンの脆弱性 CWE-94
コード・インジェクション 		CVE-2007-4818 2012-12-20 18:33 2007-09-11 Show GitHub Exploit DB Packet Storm
227904 7.5 危険 tlm cms - TLM CMS における SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2007-4808 2012-12-20 18:33 2007-09-11 Show GitHub Exploit DB Packet Storm
227905 5 警告 ソフォス - Sophos Anti-Virus のウィルス検出エンジンにおけるマルウェアの検出を回避される脆弱性 CWE-20
不適切な入力確認 		CVE-2007-4787 2012-12-20 18:33 2007-09-10 Show GitHub Exploit DB Packet Storm
227906 7.5 危険 tim jackson - PHPOF の dbmodules/DB_adodb.class.php における PHP リモートファイルインクルージョンの脆弱性 CWE-94
コード・インジェクション 		CVE-2007-4763 2012-12-20 18:33 2007-09-8 Show GitHub Exploit DB Packet Storm
227907 7.5 危険 phpmytourney - phpMytourney の menu.php における PHP リモートファイルインクルージョンの脆弱性 CWE-20
不適切な入力確認 		CVE-2007-4757 2012-12-20 18:33 2007-09-8 Show GitHub Exploit DB Packet Storm
227908 5 警告 Thomson - Thomson ST 2030 SIP 電話機におけるサービス運用妨害 (DoS) の脆弱性 CWE-DesignError
CVE-2007-4753 2012-12-20 18:33 2007-09-7 Show GitHub Exploit DB Packet Storm
227909 6.8 警告 ppstream - PPStream の PowerPlayer.dll ActiveX コントロールにおけるバッファオーバーフローの脆弱性 CWE-119
バッファエラー 		CVE-2007-4748 2012-12-20 18:33 2007-09-6 Show GitHub Exploit DB Packet Storm
227910 9.3 危険 telecom italy - Telecom Italy Alice Messenger の Hp.Revolution.RegistryManager.dll 1 におけるレジストリキーを作成される脆弱性 CWE-264
認可・権限・アクセス制御 		CVE-2007-4740 2012-12-20 18:33 2007-09-6 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:May 2, 2026, 4:08 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
213461 8.1 HIGH
Network 		genivia
debian 		gsoap
debian_linux 		Genivia gSOAP 2.7.x and 2.8.x before 2.8.75 allows attackers to cause a denial of service (application abort) or possibly have unspecified other impact if a server application is built with the -DWIT… CWE-787
 Out-of-bounds Write 		CVE-2019-7659 2024-11-21 13:48 2019-02-9 Show GitHub Exploit DB Packet Storm
213462 9.8 CRITICAL
Network 		rdflib_project
debian
canonical 		rdflib
debian_linux
ubuntu_linux 		The Debian python-rdflib-tools 4.2.2-1 package for RDFLib 4.2.2 has CLI tools that can load Python modules from the current working directory, allowing code injection, because "python -m" looks in th… CWE-427
 Uncontrolled Search Path Element 		CVE-2019-7653 2024-11-21 13:48 2019-02-9 Show GitHub Exploit DB Packet Storm
213463 7.5 HIGH
Network 		emsisoft anti-malware EPP.sys in Emsisoft Anti-Malware prior to version 2018.12 allows an attacker to bypass ACLs because Interpreted Device Characteristics lacks FILE_DEVICE_SECURE_OPEN and therefore files and directorie… NVD-CWE-noinfo
CVE-2019-7651 2024-11-21 13:48 2019-02-9 Show GitHub Exploit DB Packet Storm
213464 7.5 HIGH
Network 		hotels_server_project hotels_server controller/fetchpwd.php and controller/doAction.php in Hotels_Server through 2018-11-05 rely on base64 in an attempt to protect password storage. CWE-326
Inadequate Encryption Strength 		CVE-2019-7648 2024-11-21 13:48 2019-02-9 Show GitHub Exploit DB Packet Storm
213465 8.1 HIGH
Network 		fedoraproject
gsi-openssh_project 		fedora
gsi-openssh 		An issue was discovered in gsi-openssh-server 7.9p1 on Fedora 29. If PermitPAMUserChange is set to yes in the /etc/gsissh/sshd_config file, logins succeed with a valid username and an incorrect passw… CWE-863
 Incorrect Authorization 		CVE-2019-7639 2024-11-21 13:48 2019-02-8 Show GitHub Exploit DB Packet Storm
213466 8.8 HIGH
Network 		libsdl
debian
opensuse
fedoraproject
canonical 		simple_directmedia_layer
debian_linux
leap
fedora
ubuntu_linux 		SDL (Simple DirectMedia Layer) through 1.2.15 and 2.x through 2.0.9 has a heap-based buffer over-read in Map1toN in video/SDL_pixels.c. CWE-125
Out-of-bounds Read 		CVE-2019-7638 2024-11-21 13:48 2019-02-8 Show GitHub Exploit DB Packet Storm
213467 8.8 HIGH
Network 		libsdl
debian
opensuse
fedoraproject
canonical 		simple_directmedia_layer
debian_linux
leap
fedora
ubuntu_linux 		SDL (Simple DirectMedia Layer) through 1.2.15 and 2.x through 2.0.9 has a heap-based buffer overflow in SDL_FillRect in video/SDL_surface.c. CWE-787
 Out-of-bounds Write 		CVE-2019-7637 2024-11-21 13:48 2019-02-8 Show GitHub Exploit DB Packet Storm
213468 8.1 HIGH
Network 		libsdl
opensuse
debian
fedoraproject
canonical 		simple_directmedia_layer
leap
debian_linux
fedora
ubuntu_linux 		SDL (Simple DirectMedia Layer) through 1.2.15 and 2.x through 2.0.9 has a heap-based buffer over-read in SDL_GetRGB in video/SDL_pixels.c. CWE-125
Out-of-bounds Read 		CVE-2019-7636 2024-11-21 13:48 2019-02-8 Show GitHub Exploit DB Packet Storm
213469 8.1 HIGH
Network 		libsdl
opensuse
debian
fedoraproject
canonical 		simple_directmedia_layer
leap
backports_sle
debian_linux
fedora
ubuntu_linux 		SDL (Simple DirectMedia Layer) through 1.2.15 and 2.x through 2.0.9 has a heap-based buffer over-read in Blit1to4 in video/SDL_blit_1.c. CWE-125
Out-of-bounds Read 		CVE-2019-7635 2024-11-21 13:48 2019-02-8 Show GitHub Exploit DB Packet Storm
213470 8.8 HIGH
Network 		lifesize team_220_firmware
passport_220_firmware
networker_220_firmware
room_220_firmware 		LifeSize Team, Room, Passport, and Networker 220 devices allow Authenticated Remote OS Command Injection, as demonstrated by shell metacharacters in the support/mtusize.php mtu_size parameter. The li… CWE-78
OS Command  		CVE-2019-7632 2024-11-21 13:48 2019-02-8 Show GitHub Exploit DB Packet Storm