Vulnerability Search Top

Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

Vulnerability Information Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":April 30, 2026, 6 p.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
228001	6.8	警告	yourfreescreamer	-	YourFreeScreamer における PHP リモートファイルインクルージョンの脆弱性	-	CVE-2007-3315	2012-12-20 18:19	2007-06-21	Show	GitHub Exploit DB Packet Storm

228002	7.5	危険	XOOPS	-	Xoops 用の Articles モジュールにおける SQL インジェクションの脆弱性	-	CVE-2007-3311	2012-12-20 18:19	2007-06-21	Show	GitHub Exploit DB Packet Storm

228003	4.3	警告	tdizin	-	TDizin の arama.asp におけるクロスサイトスクリプティングの脆弱性	-	CVE-2007-3310	2012-12-20 18:19	2007-06-20	Show	GitHub Exploit DB Packet Storm

228004	7.5	危険	Simple Machines	-	SMF におけるメッセージの作成時に任意の PHP コードを実行され脆弱性	-	CVE-2007-3309	2012-12-20 18:19	2007-06-20	Show	GitHub Exploit DB Packet Storm

228005	7.5	危険	Simple Machines	-	SMF における CAPTCHA テストを通過される脆弱性	-	CVE-2007-3308	2012-12-20 18:19	2007-06-20	Show	GitHub Exploit DB Packet Storm

228006	7.5	危険	solar empire	-	Solar Empire の game_listing.php における SQL インジェクションの脆弱性	-	CVE-2007-3307	2012-12-20 18:19	2007-06-20	Show	GitHub Exploit DB Packet Storm

228007	7.5	危険	ultrize	-	MiniBill の crontab/run_billing.php における PHP リモートファイルインクルージョンの脆弱性	-	CVE-2007-3306	2012-12-20 18:19	2007-06-20	Show	GitHub Exploit DB Packet Storm

228008	7.5	危険	spey	-	Spey における SQL インジェクションの脆弱性	-	CVE-2007-3298	2012-12-20 18:19	2007-06-20	Show	GitHub Exploit DB Packet Storm

228009	9.3	危険	迅雷	-	xunlei Web Thunderbolt の ThunderServer.webThunder.1 ActiveX コントロールにおける任意のファイルをダウンロードされる脆弱性	-	CVE-2007-3296	2012-12-20 18:19	2007-06-20	Show	GitHub Exploit DB Packet Storm

228010	6.5	警告	yabb	-	YaBB におけるディレクトリトラバーサルの脆弱性	-	CVE-2007-3295	2012-12-20 18:19	2007-06-20	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:May 1, 2026, 4:54 a.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
223381	7.8	HIGH Local	londontrustmedia	private_internet_access_vpn_client	A vulnerability in the London Trust Media Private Internet Access (PIA) VPN Client v82 for Linux could allow an authenticated, local attacker to run arbitrary code with elevated privileges. The root_…	CWE-427 Uncontrolled Search Path Element	CVE-2019-12575	2024-11-21 13:23	2019-07-12	Show	GitHub Exploit DB Packet Storm

223382	7.8	HIGH Local	londontrustmedia	private_internet_access_vpn_client	A vulnerability in the London Trust Media Private Internet Access (PIA) VPN Client v1.0 for Windows could allow an authenticated, local attacker to run arbitrary code with elevated privileges. The PI…	CWE-426 Untrusted Search Path	CVE-2019-12574	2024-11-21 13:23	2019-07-12	Show	GitHub Exploit DB Packet Storm

223383	7.1	HIGH Local	londontrustmedia	private_internet_access_vpn_client	A vulnerability in the London Trust Media Private Internet Access (PIA) VPN Client v82 for Linux and macOS could allow an authenticated, local attacker to overwrite arbitrary files. The openvpn_launc…	CWE-59 Link Following	CVE-2019-12573	2024-11-21 13:23	2019-07-12	Show	GitHub Exploit DB Packet Storm

223384	7.1	HIGH Local	londontrustmedia	private_internet_access_vpn_client	A vulnerability in the London Trust Media Private Internet Access (PIA) VPN Client v0.9.8 beta (build 02099) for macOS could allow an authenticated, local attacker to overwrite arbitrary files. When …	CWE-59 Link Following	CVE-2019-12571	2024-11-21 13:23	2019-07-12	Show	GitHub Exploit DB Packet Storm

223385	5.9	MEDIUM Network	squid-cache debian fedoraproject opensuse canonical	squid debian_linux fedora leap ubuntu_linux	An issue was discovered in Squid 2.x through 2.7.STABLE9, 3.x through 3.5.28, and 4.x through 4.7. When Squid is configured to use Basic Authentication, the Proxy-Authorization header is parsed via u…	CWE-125 Out-of-bounds Read	CVE-2019-12529	2024-11-21 13:23	2019-07-12	Show	GitHub Exploit DB Packet Storm

223386	8.8	HIGH Network	squid-cache fedoraproject debian canonical redhat	squid fedora debian_linux ubuntu_linux enterprise_linux enterprise_linux_eus enterprise_linux_server_tus enterprise_linux_server_aus	An issue was discovered in Squid 4.0.23 through 4.7. When checking Basic Authentication with HttpHeader::getAuth, Squid uses a global buffer to store the decoded data. Squid does not check that the d…	CWE-787 Out-of-bounds Write	CVE-2019-12527	2024-11-21 13:23	2019-07-12	Show	GitHub Exploit DB Packet Storm

223387	9.8	CRITICAL Network	squid-cache debian opensuse fedoraproject canonical	squid debian_linux leap fedora ubuntu_linux	An issue was discovered in Squid 3.3.9 through 3.5.28 and 4.x through 4.7. When Squid is configured to use Digest authentication, it parses the header Proxy-Authorization. It searches for certain tok…	CWE-787 Out-of-bounds Write	CVE-2019-12525	2024-11-21 13:23	2019-07-12	Show	GitHub Exploit DB Packet Storm

223388	6.1	MEDIUM Network	zohocorp	manageengine_assetexplorer	An issue was discovered in Zoho ManageEngine AssetExplorer. There is XSS via ResourcesAttachments.jsp with the parameter pageName.	CWE-79 Cross-site Scripting	CVE-2019-12597	2024-11-21 13:23	2019-07-11	Show	GitHub Exploit DB Packet Storm

223389	6.1	MEDIUM Network	zohocorp	manageengine_assetexplorer	An issue was discovered in Zoho ManageEngine AssetExplorer. There is XSS via SoftwareListView.do with the parameter swType or swComplianceType.	CWE-79 Cross-site Scripting	CVE-2019-12596	2024-11-21 13:23	2019-07-11	Show	GitHub Exploit DB Packet Storm

223390	6.1	MEDIUM Network	zohocorp	manageengine_assetexplorer	An issue was discovered in Zoho ManageEngine AssetExplorer. There is XSS via the RCSettings.do rdsName parameter.	CWE-79 Cross-site Scripting	CVE-2019-12595	2024-11-21 13:23	2019-07-11	Show	GitHub Exploit DB Packet Storm