Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":May 7, 2026, 6 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
228061 4.3 警告 Trolltech - Trolltech Qt の QSslSocket における偽装サービスの無効なサーバ証明書を承認するようにユーザを騙す脆弱性 CWE-264
認可・権限・アクセス制御 		CVE-2007-5965 2012-12-20 18:33 2008-01-7 Show GitHub Exploit DB Packet Storm
228062 4.3 警告 レッドハット - RHN および Red Hat Network Satellite で使用されている Red Hat Network チャンネル検索機能におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2007-5961 2012-12-20 18:33 2008-05-20 Show GitHub Exploit DB Packet Storm
228063 6.5 警告 SoftbizScripts - Softbiz Ad Management plus Script の ads.php における SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2007-5998 2012-12-20 18:33 2007-11-15 Show GitHub Exploit DB Packet Storm
228064 6.5 警告 SoftbizScripts - Softbiz Banner Exchange Network Script の campaign_stats.php における SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2007-5997 2012-12-20 18:33 2007-11-15 Show GitHub Exploit DB Packet Storm
228065 7.5 危険 SoftbizScripts - Softbiz Link Directory Script の searchresult.php における SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2007-5996 2012-12-20 18:33 2007-11-15 Show GitHub Exploit DB Packet Storm
228066 6.8 警告 php-tools - patBBcode の examples/patExampleGen/bbcodeSource.php における PHP リモートファイルインクルージョンの脆弱性 CWE-94
コード・インジェクション 		CVE-2007-5995 2012-12-20 18:33 2007-11-15 Show GitHub Exploit DB Packet Storm
228067 6.8 警告 yappa-ng - Fritz Berger yappa-ng の check_noimage.php における PHP リモートファイルインクルージョンの脆弱性 CWE-94
コード・インジェクション 		CVE-2007-5994 2012-12-20 18:33 2007-11-15 Show GitHub Exploit DB Packet Storm
228068 4.3 警告 vtls - VTLS vtls.web.gateway の Visionary Technology におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2007-5993 2012-12-20 18:33 2007-11-15 Show GitHub Exploit DB Packet Storm
228069 6.8 警告 Skype Technologies S.A. - Skype の skype4com URI ハンドラにおける任意のコードを実行される脆弱性 CWE-119
バッファエラー 		CVE-2007-5989 2012-12-20 18:33 2007-12-13 Show GitHub Exploit DB Packet Storm
228070 4.3 警告 X7 Group - X7 Chat におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2007-5982 2012-12-20 18:33 2007-11-14 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:May 7, 2026, 4:22 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
214391 7.8 HIGH
Local 		schneider-electric clearscada A CWE-287: Improper Authentication vulnerability exists in a folder within EcoStruxure Geo SCADA Expert (ClearSCADA) -with initial releases before 1 January 2019- which could cause a low privilege us… NVD-CWE-Other
CVE-2019-6854 2024-11-21 13:47 2020-01-7 Show GitHub Exploit DB Packet Storm
214392 9.1 CRITICAL
Network 		zohocorp manageengine_adselfservice_plus An issue was discovered in Zoho ManageEngine ADSelfService Plus 5.6 Build 5607. An exposed service allows an unauthenticated person to retrieve internal information from the system and modify the pro… NVD-CWE-noinfo
CVE-2019-7162 2024-11-21 13:47 2020-01-1 Show GitHub Exploit DB Packet Storm
214393 5.5 MEDIUM
Local 		apple mac_os_x
iphone_os
watchos
tvos 		A memory corruption issue was addressed with improved memory handling. This issue is fixed in iOS 12.2, macOS Mojave 10.14.4, tvOS 12.2, watchOS 5.2. A local user may be able to read kernel memory. CWE-787
 Out-of-bounds Write 		CVE-2019-7293 2024-11-21 13:47 2019-12-19 Show GitHub Exploit DB Packet Storm
214394 6.5 MEDIUM
Network 		apple iphone_os
watchos
tvos
icloud
itunes
safari 		A validation issue was addressed with improved logic. This issue is fixed in iOS 12.2, tvOS 12.2, watchOS 5.2, Safari 12.1, iTunes 12.9.4 for Windows, iCloud for Windows 7.11. Processing maliciously … CWE-20
 Improper Input Validation  		CVE-2019-7292 2024-11-21 13:47 2019-12-19 Show GitHub Exploit DB Packet Storm
214395 10.0 CRITICAL
Network 		apple shortcuts An access issue was addressed with additional sandbox restrictions. This issue is fixed in Shortcuts 2.1.3 for iOS. A sandboxed process may be able to circumvent sandbox restrictions. CWE-610
Externally Controlled Reference to a Resource in Another Sphere 		CVE-2019-7290 2024-11-21 13:47 2019-12-19 Show GitHub Exploit DB Packet Storm
214396 5.5 MEDIUM
Local 		apple shortcuts A parsing issue in the handling of directory paths was addressed with improved path validation. This issue is fixed in Shortcuts 2.1.3 for iOS. A local user may be able to view senstive user informat… CWE-22
Path Traversal 		CVE-2019-7289 2024-11-21 13:47 2019-12-19 Show GitHub Exploit DB Packet Storm
214397 7.8 HIGH
Local 		apple mac_os_x
iphone_os 		A memory corruption issue was addressed with improved input validation. This issue is fixed in iOS 12.1.4, macOS Mojave 10.14.3 Supplemental Update. An application may be able to gain elevated privil… CWE-787
 Out-of-bounds Write 		CVE-2019-7286 2024-11-21 13:47 2019-12-19 Show GitHub Exploit DB Packet Storm
214398 8.8 HIGH
Network 		apple iphone_os
tvos
icloud
itunes
safari 		A use after free issue was addressed with improved memory management. This issue is fixed in iOS 12.2, tvOS 12.2, Safari 12.1, iTunes 12.9.4 for Windows, iCloud for Windows 7.11. Processing malicious… CWE-416
 Use After Free 		CVE-2019-7285 2024-11-21 13:47 2019-12-19 Show GitHub Exploit DB Packet Storm
214399 4.3 MEDIUM
Network 		apple iphone_os This issue was addressed with improved checks. This issue is fixed in iOS 12.2. Processing a maliciously crafted mail message may lead to S/MIME signature spoofing. NVD-CWE-noinfo
CVE-2019-7284 2024-11-21 13:47 2019-12-19 Show GitHub Exploit DB Packet Storm
214400 5.4 MEDIUM
Network 		avaya ip_office_application_server A Cross-Site Scripting (XSS) vulnerability in the WebUI component of IP Office Application Server could allow unauthorized code execution and potentially disclose sensitive information. All product v… CWE-79
Cross-site Scripting 		CVE-2019-7004 2024-11-21 13:47 2019-12-12 Show GitHub Exploit DB Packet Storm