Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":April 29, 2026, 6 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
228071 7.8 危険 Zenphoto - zenphoto の zen/template-functions.php におけるディレクトリトラバーサルの脆弱性 - CVE-2007-0616 2012-12-20 18:19 2007-01-31 Show GitHub Exploit DB Packet Storm
228072 4.3 警告 W-Agora - Web-Agora におけるアプリケーションのパス情報を取得される脆弱性 - CVE-2007-0607 2012-12-20 18:19 2007-03-20 Show GitHub Exploit DB Packet Storm
228073 5 警告 W-Agora - w-agora における重要な情報を取得される脆弱性 - CVE-2007-0606 2012-12-20 18:19 2007-03-21 Show GitHub Exploit DB Packet Storm
228074 6.8 警告 シックス・アパート株式会社 - Movable Type におけるクロスサイトスクリプティングの脆弱性 - CVE-2007-0604 2012-12-20 18:19 2007-01-30 Show GitHub Exploit DB Packet Storm
228075 6.9 警告 トレンドマイクロ - Linux 用の Trend Micro VirusWall におけるバッファオーバーフローの脆弱性 - CVE-2007-0602 2012-12-20 18:19 2007-01-30 Show GitHub Exploit DB Packet Storm
228076 5 警告 siteman - Siteman におけるパスワードハッシュを含むデータベースをダウンロードされる脆弱性 - CVE-2007-0594 2012-12-20 18:19 2007-01-30 Show GitHub Exploit DB Packet Storm
228077 5 警告 siteman - Siteman におけるパスワードハッシュを含むデータベースをダウンロードされる脆弱性 - CVE-2007-0593 2012-12-20 18:19 2007-01-30 Show GitHub Exploit DB Packet Storm
228078 7.5 危険 vu le an - VirtualPath の configure.php における PHP リモートファイルインクルージョンの脆弱性 - CVE-2007-0591 2012-12-20 18:19 2007-01-30 Show GitHub Exploit DB Packet Storm
228079 9.3 危険 webfwlog - Webfwlog の include/debug.php におけるファイルのソースコードを取得される脆弱性 - CVE-2007-0585 2012-12-20 18:19 2007-01-30 Show GitHub Exploit DB Packet Storm
228080 7.5 危険 xt-stats - Xt-Stats の xt_counter.php における PHP リモートファイルインクルージョンの脆弱性 - CVE-2007-0576 2012-12-20 18:19 2007-01-30 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:April 29, 2026, 4:51 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
223221 9.8 CRITICAL
Network 		zzcms zzcms An issue was discovered in zzcms 2019. SQL Injection exists in user/ztconfig.php via the daohang or img POST parameter. CWE-89
SQL Injection 		CVE-2019-12348 2024-11-21 13:22 2021-05-25 Show GitHub Exploit DB Packet Storm
223222 7.5 HIGH
Network 		apache libapreq2 A flaw in the libapreq2 v2.07 to v2.13 multipart parser can deference a null pointer leading to a process crash. A remote attacker could send a request causing a process crash which could lead to a d… CWE-476
 NULL Pointer Dereference 		CVE-2019-12412 2024-11-21 13:22 2020-11-19 Show GitHub Exploit DB Packet Storm
223223 6.5 MEDIUM
Adjacent 		actions-micro ezcast_pro_ii_firmware In EZCast Pro II, the administrator password md5 hash is provided upon a web request. This hash can be cracked to access the administration panel of the device. NVD-CWE-noinfo
CVE-2019-12305 2024-11-21 13:22 2020-10-17 Show GitHub Exploit DB Packet Storm
223224 6.1 MEDIUM
Network 		whatsapp whatsapp_desktop An input validation issue in WhatsApp Desktop versions prior to v0.3.4932 could have allowed cross-site scripting upon clicking on a link from a specially crafted live location message. CWE-79
Cross-site Scripting 		CVE-2019-11928 2024-11-21 13:22 2020-09-4 Show GitHub Exploit DB Packet Storm
223225 6.6 MEDIUM
Network 		hp mse_msg_gw_application_e-ltu HPE has found a potential Remote Access Restriction Bypass in HPE MSE Msg Gw application E-LTU prior to version 3.2 when HTTPS is used between the USSD and an external USSD service logic application.… CWE-295
Improper Certificate Validation  		CVE-2019-12000 2024-11-21 13:22 2020-07-18 Show GitHub Exploit DB Packet Storm
223226 7.5 HIGH
Network 		apache ofbiz Apache OFBiz 17.12.01 is vulnerable to Host header injection by accepting arbitrary host CWE-74
Injection 		CVE-2019-12425 2024-11-21 13:22 2020-05-1 Show GitHub Exploit DB Packet Storm
223227 9.8 CRITICAL
Network 		hpe msa_1040_firmware
msa_2040_firmware
msa_2042_firmware
msa_1050_firmware
msa_2050_firmware
msa_2052_firmware 		A remote session reuse vulnerability leading to access restriction bypass was discovered in HPE MSA 2040 SAN Storage; HPE MSA 1040 SAN Storage; HPE MSA 1050 SAN Storage; HPE MSA 2042 SAN Storage; HPE… NVD-CWE-noinfo
CVE-2019-12002 2024-11-21 13:22 2020-04-17 Show GitHub Exploit DB Packet Storm
223228 6.4 MEDIUM
Network 		hpe msa_1040_firmware
msa_2040_firmware
msa_2042_firmware
msa_1050_firmware
msa_2050_firmware
msa_2052_firmware 		A remote session reuse vulnerability leading to access restriction bypass was discovered in HPE MSA 2040 SAN Storage; HPE MSA 1040 SAN Storage; HPE MSA 1050 SAN Storage; HPE MSA 2042 SAN Storage; HPE… CWE-613
 Insufficient Session Expiration 		CVE-2019-12001 2024-11-21 13:22 2020-04-17 Show GitHub Exploit DB Packet Storm
223229 6.9 MEDIUM
Network 		hpe opencall_media_platform Potential security vulnerabilities have been identified in HPE OpenCall Media Platform (OCMP) resulting in remote arbitrary file download and cross site scripting. HPE has made the following updates … CWE-79
Cross-site Scripting 		CVE-2019-11999 2024-11-21 13:22 2020-04-17 Show GitHub Exploit DB Packet Storm
223230 9.8 CRITICAL
Network 		3cx live_chat The WP Live Chat Support plugin before 8.0.33 for WordPress accepts certain REST API calls without invoking the wplc_api_permission_check protection mechanism. CWE-862
 Missing Authorization 		CVE-2019-12498 2024-11-21 13:22 2020-03-21 Show GitHub Exploit DB Packet Storm