Vulnerability Search Top

Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

Vulnerability Information Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":May 1, 2026, 6 p.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
227921	7.5	危険	phpbg	-	phpBG における PHP リモートファイルインクルージョンの脆弱性	CWE-20 不適切な入力確認	CVE-2007-4636	2012-12-20 18:33	2007-08-31	Show	GitHub Exploit DB Packet Storm

227922	5	警告	Yahoo!	-	Yahoo! Messenger におけるサービス運用妨害 (DoS) の脆弱性	CWE-119 CWE-20	CVE-2007-4635	2012-12-20 18:33	2007-08-31	Show	GitHub Exploit DB Packet Storm

227923	6.9	警告	qgit	-	QGit の dataloader.cpp における任意のファイルを上書きされる脆弱性	CWE-59 リンク解釈の問題	CVE-2007-4631	2012-12-20 18:33	2007-08-31	Show	GitHub Exploit DB Packet Storm

227924	4.3	警告	xigla	-	Absolute Poll Manager XE の xlaapmview.asp におけるクロスサイトスクリプティングの脆弱性	-	CVE-2007-4630	2012-12-20 18:33	2007-08-30	Show	GitHub Exploit DB Packet Storm

227925	7.5	危険	university of minnesota	-	MapServer の maptemplate.c におけるバッファオーバーフローの脆弱性	-	CVE-2007-4629	2012-12-20 18:33	2007-08-30	Show	GitHub Exploit DB Packet Storm

227926	7.5	危険	phpns	-	phpns の shownews.php における SQL インジェクションの脆弱性	-	CVE-2007-4628	2012-12-20 18:33	2007-08-30	Show	GitHub Exploit DB Packet Storm

227927	5	警告	polipo	-	Polipo におけるサービス運用妨害 (DoS) の脆弱性	-	CVE-2007-4626	2012-12-20 18:33	2007-08-30	Show	GitHub Exploit DB Packet Storm

227928	4.3	警告	polipo	-	Polipo におけるサービス運用妨害 (DoS) の脆弱性	-	CVE-2007-4625	2012-12-20 18:33	2007-08-30	Show	GitHub Exploit DB Packet Storm

227929	7.5	危険	winterburns.co.uk	-	ePersonnel の protection.php における PHP リモートファイルインクルージョンの脆弱性	CWE-94 コード・インジェクション	CVE-2007-4608	2012-12-20 18:33	2007-08-30	Show	GitHub Exploit DB Packet Storm

227930	7.5	危険	phpnuke-clan	-	PHP-Nuke 用の VWar モジュールにおける PHP リモートファイルインクルージョンの脆弱性	CWE-94 コード・インジェクション	CVE-2007-4606	2012-12-20 18:33	2007-08-30	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:May 2, 2026, 4:08 a.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
223061	8.1	HIGH Network	libsdl debian opensuse fedoraproject canonical redhat	simple_directmedia_layer debian_linux leap backports_sle fedora ubuntu_linux enterprise_linux_desktop enterprise_linux_workstation enterprise_linux_server enterprise_linux<…	SDL (Simple DirectMedia Layer) through 1.2.15 and 2.x through 2.0.9 has a heap-based buffer over-read in BlitNtoN in video/SDL_blit_N.c when called from SDL_SoftBlit in video/SDL_blit.c.	CWE-125 Out-of-bounds Read	CVE-2019-13616	2024-11-21 13:25	2019-07-17	Show	GitHub Exploit DB Packet Storm

223062	5.5	MEDIUM Local	videolan	vlc_media_player	libebml before 1.3.6, as used in the MKV module in VideoLAN VLC Media Player binaries before 3.0.3, has a heap-based buffer over-read in EbmlElement::FindNextElement.	CWE-125 Out-of-bounds Read	CVE-2019-13615	2024-11-21 13:25	2019-07-17	Show	GitHub Exploit DB Packet Storm

223063	8.8	HIGH Network	control-webpanel	webpanel	In CentOS-WebPanel.com (aka CWP) CentOS Web Panel 0.9.8.838 to 0.9.8.846, remote attackers can bypass authentication in the login process by leveraging the knowledge of a valid username. The attacker…	CWE-639 Authorization Bypass Through User-Controlled Key	CVE-2019-13605	2024-11-21 13:25	2019-07-17	Show	GitHub Exploit DB Packet Storm

223064	5.9	MEDIUM Network	hidglobal	digital_persona_u.are.u_4500_driver_firmware	An issue was discovered in the HID Global DigitalPersona (formerly Crossmatch) U.are.U 4500 Fingerprint Reader Windows Biometric Framework driver 5.0.0.5. It has a statically coded initialization vec…	CWE-330 Use of Insufficiently Random Values	CVE-2019-13603	2024-11-21 13:25	2019-07-17	Show	GitHub Exploit DB Packet Storm

223065	7.5	HIGH Network	altn	mdaemon_email_server	MDaemon Email Server 19 through 20.0.1 skips SpamAssassin checks by default for e-mail messages larger than 2 MB (and limits checks to 10 MB even with special configuration), which is arguably incons…	CWE-20 Improper Input Validation	CVE-2019-13612	2024-11-21 13:25	2019-07-16	Show	GitHub Exploit DB Packet Storm

223066	8.8	HIGH Network	python-engineio_project	python-engineio	An issue was discovered in python-engineio through 3.8.2. There is a Cross-Site WebSocket Hijacking (CSWSH) vulnerability that allows attackers to make WebSocket connections to a server by using a vi…	CWE-352 Origin Validation Error	CVE-2019-13611	2024-11-21 13:25	2019-07-16	Show	GitHub Exploit DB Packet Storm

223067	5.9	MEDIUM Network	assaabloy	hid_digitalpersona_4500_firmware	There is a short key vulnerability in HID Global DigitalPersona (formerly Crossmatch) U.are.U 4500 Fingerprint Reader v24. The key for obfuscating the fingerprint image is vulnerable to brute-force a…	CWE-327 Use of a Broken or Risky Cryptographic Algorithm	CVE-2019-13604	2024-11-21 13:25	2019-07-15	Show	GitHub Exploit DB Packet Storm

223068	7.8	HIGH Local	videolan debian canonical opensuse	vlc_media_player debian_linux ubuntu_linux leap backports_sle	An Integer Underflow in MP4_EIA608_Convert() in modules/demux/mp4/mp4.c in VideoLAN VLC media player through 3.0.7.1 allows remote attackers to cause a denial of service (heap-based buffer overflow a…	CWE-787 CWE-191 Out-of-bounds Write Integer Underflow (Wrap or Wraparound)	CVE-2019-13602	2024-11-21 13:25	2019-07-15	Show	GitHub Exploit DB Packet Storm

223069	9.8	CRITICAL Network	getvera	vera_edge_firmware	LuaUPnP in Vera Edge Home Controller 1.7.4452 allows remote unauthenticated users to execute arbitrary OS commands via the code parameter to /port_3480/data_request because the "No unsafe lua allowed…	CWE-78 OS Command	CVE-2019-13598	2024-11-21 13:25	2019-07-15	Show	GitHub Exploit DB Packet Storm

223070	9.8	CRITICAL Network	sahipro	sahi_pro	_s_/sprm/_s_/dyn/Player_setScriptFile in Sahi Pro 8.0.0 allows command execution. It allows one to run ".sah" scripts via Sahi Launcher. Also, one can create a new script with an editor. It is possib…	CWE-78 OS Command	CVE-2019-13597	2024-11-21 13:25	2019-07-15	Show	GitHub Exploit DB Packet Storm