Vulnerability Search Top

Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

Vulnerability Information Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":April 30, 2026, 6 p.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
227941	6.4	警告	qt-cute	-	QuickTalk フォーラムにおけるディレクトリトラバーサルの脆弱性	-	CVE-2007-3505	2012-12-20 18:19	2007-07-2	Show	GitHub Exploit DB Packet Storm

227942	10	危険	xeforum	-	Xeweb XEForum における権限を取得される脆弱性	CWE-264 認可・権限・アクセス制御	CVE-2007-3500	2012-12-20 18:19	2007-06-29	Show	GitHub Exploit DB Packet Storm

227943	6.4	警告	slackroll	-	SlackRoll におけるサービス運用妨害 (DoS) の脆弱性	-	CVE-2007-3499	2012-12-20 18:19	2007-06-29	Show	GitHub Exploit DB Packet Storm

227944	4.3	警告	SAP	-	SAP NetWeaver Nw04 の BC-WD-JAV におけるクロスサイトスクリプティングの脆弱性	-	CVE-2007-3496	2012-12-20 18:19	2007-06-29	Show	GitHub Exploit DB Packet Storm

227945	4.3	警告	SAP	-	SAP Basis コンポーネントの BC-MID-ICF におけるクロスサイトスクリプティングの脆弱性	-	CVE-2007-3495	2012-12-20 18:19	2007-06-29	Show	GitHub Exploit DB Packet Storm

227946	7.5	危険	Progress Software Corporation	-	Progress Software OpenEdge の _mprosrv におけるバッファオーバーフローの脆弱性	-	CVE-2007-3491	2012-12-20 18:19	2007-06-29	Show	GitHub Exploit DB Packet Storm

227947	4.3	警告	Yandex	-	Yandex Server におけるクロスサイトスクリプティングの脆弱性	-	CVE-2007-3485	2012-12-20 18:19	2007-06-28	Show	GitHub Exploit DB Packet Storm

227948	10	危険	BlackBerry	-	Research in Motion BlackBerry Enterprise Server におけるマルウェアを読み込む脆弱性	-	CVE-2007-3483	2012-12-20 18:19	2007-06-28	Show	GitHub Exploit DB Packet Storm

227949	7.8	危険	VideoLAN	-	VideoLAN VLC Media Player の input.c におけるサービス運用妨害 (DoS) の脆弱性	-	CVE-2007-3468	2012-12-20 18:19	2007-06-27	Show	GitHub Exploit DB Packet Storm

227950	7.8	危険	VideoLAN	-	VideoLAN VLC Media Player の stats.c における整数オーバーフローの脆弱性	-	CVE-2007-3467	2012-12-20 18:19	2007-06-27	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:May 1, 2026, 4:54 a.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
223311	8.1	HIGH Network	ttlock	ttlock	TTLock devices do not properly restrict password-reset attempts, leading to incorrect access control and disclosure of sensitive information about valid account names.	CWE-640 Weak Password Recovery Mechanism for Forgotten Password	CVE-2019-12943	2024-11-21 13:23	2019-09-11	Show	GitHub Exploit DB Packet Storm

223312	6.5	MEDIUM Adjacent	ttlock	ttlock	TTLock devices do not properly block guest access in certain situations where the network connection to the cloud is unavailable.	CWE-862 Missing Authorization	CVE-2019-12942	2024-11-21 13:23	2019-09-11	Show	GitHub Exploit DB Packet Storm

223313	5.3	MEDIUM Network	mendix	mendix	In Mendix 7.23.5 and earlier, issue in XML import mappings allow DOCTYPE declarations in the XML input that is potentially unsafe.	CWE-918 Server-Side Request Forgery (SSRF)	CVE-2019-12996	2024-11-21 13:23	2019-09-11	Show	GitHub Exploit DB Packet Storm

223314	7.8	HIGH Local	cisco	jabber	A vulnerability in Cisco Jabber Client Framework (JCF) for Mac Software, installed as part of the Cisco Jabber for Mac client, could allow an authenticated, local attacker to execute arbitrary code o…	CWE-732 Incorrect Permission Assignment for Critical Resource	CVE-2019-12645	2024-11-21 13:23	2019-09-5	Show	GitHub Exploit DB Packet Storm

223315	6.1	MEDIUM Network	cisco	identity_services_engine	A vulnerability in the web-based management interface of Cisco Identity Services Engine (ISE) Software could allow an unauthenticated, remote attacker to conduct a cross-site scripting (XSS) attack a…	CWE-79 Cross-site Scripting	CVE-2019-12644	2024-11-21 13:23	2019-09-5	Show	GitHub Exploit DB Packet Storm

223316	4.3	MEDIUM Network	cisco	content_security_management_appliance	A vulnerability in the authorization module of Cisco Content Security Management Appliance (SMA) Software could allow an authenticated, remote attacker to gain out-of-scope access to email. The vulne…	CWE-732 Incorrect Permission Assignment for Critical Resource	CVE-2019-12635	2024-11-21 13:23	2019-09-5	Show	GitHub Exploit DB Packet Storm

223317	7.5	HIGH Network	cisco	unified_contact_center_express	A vulnerability in Cisco Unified Contact Center Express (Unified CCX) could allow an unauthenticated, remote attacker to bypass access controls and conduct a server-side request forgery (SSRF) attack…	CWE-918 Server-Side Request Forgery (SSRF)	CVE-2019-12633	2024-11-21 13:23	2019-09-5	Show	GitHub Exploit DB Packet Storm

223318	7.5	HIGH Network	cisco	finesse	A vulnerability in Cisco Finesse could allow an unauthenticated, remote attacker to bypass access controls and conduct a server-side request forgery (SSRF) attack on an affected system. The vulnerabi…	CWE-918 Server-Side Request Forgery (SSRF)	CVE-2019-12632	2024-11-21 13:23	2019-09-5	Show	GitHub Exploit DB Packet Storm

223319	6.5	MEDIUM Adjacent	espressif	esp-idf arduino-esp32 esp8266_nonos_sdk	The EAP peer implementation in Espressif ESP-IDF 2.0.0 through 4.0.0 and ESP8266_NONOS_SDK 2.2.0 through 3.1.0 processes EAP Success messages before any EAP method completion or failure, which allows…	NVD-CWE-noinfo	CVE-2019-12586	2024-11-21 13:23	2019-09-5	Show	GitHub Exploit DB Packet Storm

223320	6.5	MEDIUM Adjacent	espressif	esp8266_nonos_sdk arduino_esp8266	The client 802.11 mac implementation in Espressif ESP8266_NONOS_SDK 2.2.0 through 3.1.0 does not validate correctly the RSN AuthKey suite list count in beacon frames, probe responses, and association…	CWE-20 Improper Input Validation	CVE-2019-12588	2024-11-21 13:23	2019-09-4	Show	GitHub Exploit DB Packet Storm