Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":May 1, 2026, 6 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
227901 7.5 危険 sisfo kampus - Sisfo Kampus 2006 の blanko.preview.php における絶対パストラバーサルの脆弱性 CWE-22
パス・トラバーサル 		CVE-2007-4820 2012-12-20 18:33 2007-09-11 Show GitHub Exploit DB Packet Storm
227902 4.3 警告 txx cms - Txx CMS におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2007-4819 2012-12-20 18:33 2007-09-11 Show GitHub Exploit DB Packet Storm
227903 7.5 危険 txx cms - Txx CMS における PHP リモートファイルインクルージョンの脆弱性 CWE-94
コード・インジェクション 		CVE-2007-4818 2012-12-20 18:33 2007-09-11 Show GitHub Exploit DB Packet Storm
227904 7.5 危険 tlm cms - TLM CMS における SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2007-4808 2012-12-20 18:33 2007-09-11 Show GitHub Exploit DB Packet Storm
227905 5 警告 ソフォス - Sophos Anti-Virus のウィルス検出エンジンにおけるマルウェアの検出を回避される脆弱性 CWE-20
不適切な入力確認 		CVE-2007-4787 2012-12-20 18:33 2007-09-10 Show GitHub Exploit DB Packet Storm
227906 7.5 危険 tim jackson - PHPOF の dbmodules/DB_adodb.class.php における PHP リモートファイルインクルージョンの脆弱性 CWE-94
コード・インジェクション 		CVE-2007-4763 2012-12-20 18:33 2007-09-8 Show GitHub Exploit DB Packet Storm
227907 7.5 危険 phpmytourney - phpMytourney の menu.php における PHP リモートファイルインクルージョンの脆弱性 CWE-20
不適切な入力確認 		CVE-2007-4757 2012-12-20 18:33 2007-09-8 Show GitHub Exploit DB Packet Storm
227908 5 警告 Thomson - Thomson ST 2030 SIP 電話機におけるサービス運用妨害 (DoS) の脆弱性 CWE-DesignError
CVE-2007-4753 2012-12-20 18:33 2007-09-7 Show GitHub Exploit DB Packet Storm
227909 6.8 警告 ppstream - PPStream の PowerPlayer.dll ActiveX コントロールにおけるバッファオーバーフローの脆弱性 CWE-119
バッファエラー 		CVE-2007-4748 2012-12-20 18:33 2007-09-6 Show GitHub Exploit DB Packet Storm
227910 9.3 危険 telecom italy - Telecom Italy Alice Messenger の Hp.Revolution.RegistryManager.dll 1 におけるレジストリキーを作成される脆弱性 CWE-264
認可・権限・アクセス制御 		CVE-2007-4740 2012-12-20 18:33 2007-09-6 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:May 2, 2026, 4:08 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
223061 8.1 HIGH
Network 		libsdl
debian
opensuse
fedoraproject
canonical
redhat 		simple_directmedia_layer
debian_linux
leap
backports_sle
fedora
ubuntu_linux
enterprise_linux_desktop
enterprise_linux_workstation
enterprise_linux_server
enterprise_linux<… 		SDL (Simple DirectMedia Layer) through 1.2.15 and 2.x through 2.0.9 has a heap-based buffer over-read in BlitNtoN in video/SDL_blit_N.c when called from SDL_SoftBlit in video/SDL_blit.c. CWE-125
Out-of-bounds Read 		CVE-2019-13616 2024-11-21 13:25 2019-07-17 Show GitHub Exploit DB Packet Storm
223062 5.5 MEDIUM
Local 		videolan vlc_media_player libebml before 1.3.6, as used in the MKV module in VideoLAN VLC Media Player binaries before 3.0.3, has a heap-based buffer over-read in EbmlElement::FindNextElement. CWE-125
Out-of-bounds Read 		CVE-2019-13615 2024-11-21 13:25 2019-07-17 Show GitHub Exploit DB Packet Storm
223063 8.8 HIGH
Network 		control-webpanel webpanel In CentOS-WebPanel.com (aka CWP) CentOS Web Panel 0.9.8.838 to 0.9.8.846, remote attackers can bypass authentication in the login process by leveraging the knowledge of a valid username. The attacker… CWE-639
 Authorization Bypass Through User-Controlled Key 		CVE-2019-13605 2024-11-21 13:25 2019-07-17 Show GitHub Exploit DB Packet Storm
223064 5.9 MEDIUM
Network 		hidglobal digital_persona_u.are.u_4500_driver_firmware An issue was discovered in the HID Global DigitalPersona (formerly Crossmatch) U.are.U 4500 Fingerprint Reader Windows Biometric Framework driver 5.0.0.5. It has a statically coded initialization vec… CWE-330
 Use of Insufficiently Random Values 		CVE-2019-13603 2024-11-21 13:25 2019-07-17 Show GitHub Exploit DB Packet Storm
223065 7.5 HIGH
Network 		altn mdaemon_email_server MDaemon Email Server 19 through 20.0.1 skips SpamAssassin checks by default for e-mail messages larger than 2 MB (and limits checks to 10 MB even with special configuration), which is arguably incons… CWE-20
 Improper Input Validation  		CVE-2019-13612 2024-11-21 13:25 2019-07-16 Show GitHub Exploit DB Packet Storm
223066 8.8 HIGH
Network 		python-engineio_project python-engineio An issue was discovered in python-engineio through 3.8.2. There is a Cross-Site WebSocket Hijacking (CSWSH) vulnerability that allows attackers to make WebSocket connections to a server by using a vi… CWE-352
 Origin Validation Error 		CVE-2019-13611 2024-11-21 13:25 2019-07-16 Show GitHub Exploit DB Packet Storm
223067 5.9 MEDIUM
Network 		assaabloy hid_digitalpersona_4500_firmware There is a short key vulnerability in HID Global DigitalPersona (formerly Crossmatch) U.are.U 4500 Fingerprint Reader v24. The key for obfuscating the fingerprint image is vulnerable to brute-force a… CWE-327
 Use of a Broken or Risky Cryptographic Algorithm 		CVE-2019-13604 2024-11-21 13:25 2019-07-15 Show GitHub Exploit DB Packet Storm
223068 7.8 HIGH
Local 		videolan
debian
canonical
opensuse 		vlc_media_player
debian_linux
ubuntu_linux
leap
backports_sle 		An Integer Underflow in MP4_EIA608_Convert() in modules/demux/mp4/mp4.c in VideoLAN VLC media player through 3.0.7.1 allows remote attackers to cause a denial of service (heap-based buffer overflow a… CWE-787
CWE-191
 Out-of-bounds Write
 Integer Underflow (Wrap or Wraparound) 		CVE-2019-13602 2024-11-21 13:25 2019-07-15 Show GitHub Exploit DB Packet Storm
223069 9.8 CRITICAL
Network 		getvera vera_edge_firmware LuaUPnP in Vera Edge Home Controller 1.7.4452 allows remote unauthenticated users to execute arbitrary OS commands via the code parameter to /port_3480/data_request because the "No unsafe lua allowed… CWE-78
OS Command  		CVE-2019-13598 2024-11-21 13:25 2019-07-15 Show GitHub Exploit DB Packet Storm
223070 9.8 CRITICAL
Network 		sahipro sahi_pro _s_/sprm/_s_/dyn/Player_setScriptFile in Sahi Pro 8.0.0 allows command execution. It allows one to run ".sah" scripts via Sahi Launcher. Also, one can create a new script with an editor. It is possib… CWE-78
OS Command  		CVE-2019-13597 2024-11-21 13:25 2019-07-15 Show GitHub Exploit DB Packet Storm