Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":April 30, 2026, 6 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
228091 9.3 危険 zenturi - Zenturi ProgramChecker の sasatl.dll におけるバッファオーバーフローの脆弱性 CWE-119
バッファエラー 		CVE-2007-2987 2012-12-20 18:19 2007-06-1 Show GitHub Exploit DB Packet Storm
228092 7.8 危険 techno dreams - Techno Dreams Web Directory / Search Engine におけるデータベースをダウンロードされる脆弱性 - CVE-2007-2979 2012-12-20 18:19 2007-05-31 Show GitHub Exploit DB Packet Storm
228093 7.5 危険 Wanewsletter - WAnewsletter の newsletter.php における PHP リモートファイルインクルージョンの脆弱性 - CVE-2007-2969 2012-12-20 18:19 2007-05-31 Show GitHub Exploit DB Packet Storm
228094 7.5 危険 scallywag.org - Scallywag におけるディレクトリトラバーサルの脆弱性 - CVE-2007-2960 2012-12-20 18:19 2007-05-31 Show GitHub Exploit DB Packet Storm
228095 6.8 警告 sylpheed-claws
Sylpheed		 - Sylpheed および Sylpheed-Claws の src/inc.c におけるフォーマットストリングの脆弱性 - CVE-2007-2958 2012-12-20 18:19 2007-08-27 Show GitHub Exploit DB Packet Storm
228096 6.8 警告 シマンテック - Norton AntiVirus などの製品で使用される NavComUI.dll における任意のコードを実行される脆弱性 - CVE-2007-2955 2012-12-20 18:19 2007-08-9 Show GitHub Exploit DB Packet Storm
228097 5 警告 rmforum - RMForum におけるデータベースをダウンロードされる脆弱性 - CVE-2007-2945 2012-12-20 18:19 2007-05-30 Show GitHub Exploit DB Packet Storm
228098 5 警告 wabcms - WabCMS におけるデータベースをダウンロードされる脆弱性 CWE-264
認可・権限・アクセス制御 		CVE-2007-2944 2012-12-20 18:19 2007-05-30 Show GitHub Exploit DB Packet Storm
228099 6.8 警告 webavis - Webavis の class/class.php における PHP リモートファイルインクルージョンの脆弱性 - CVE-2007-2943 2012-12-20 18:19 2007-05-30 Show GitHub Exploit DB Packet Storm
228100 7.5 危険 troforum - TROforum の admin/admin.php における PHP リモートファイルインクルージョンの脆弱性 - CVE-2007-2937 2012-12-20 18:19 2007-05-30 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:April 30, 2026, 4:58 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
223421 6.6 MEDIUM
Network 		hp mse_msg_gw_application_e-ltu HPE has found a potential Remote Access Restriction Bypass in HPE MSE Msg Gw application E-LTU prior to version 3.2 when HTTPS is used between the USSD and an external USSD service logic application.… CWE-295
Improper Certificate Validation  		CVE-2019-12000 2024-11-21 13:22 2020-07-18 Show GitHub Exploit DB Packet Storm
223422 7.5 HIGH
Network 		apache ofbiz Apache OFBiz 17.12.01 is vulnerable to Host header injection by accepting arbitrary host CWE-74
Injection 		CVE-2019-12425 2024-11-21 13:22 2020-05-1 Show GitHub Exploit DB Packet Storm
223423 9.8 CRITICAL
Network 		hpe msa_1040_firmware
msa_2040_firmware
msa_2042_firmware
msa_1050_firmware
msa_2050_firmware
msa_2052_firmware 		A remote session reuse vulnerability leading to access restriction bypass was discovered in HPE MSA 2040 SAN Storage; HPE MSA 1040 SAN Storage; HPE MSA 1050 SAN Storage; HPE MSA 2042 SAN Storage; HPE… NVD-CWE-noinfo
CVE-2019-12002 2024-11-21 13:22 2020-04-17 Show GitHub Exploit DB Packet Storm
223424 6.4 MEDIUM
Network 		hpe msa_1040_firmware
msa_2040_firmware
msa_2042_firmware
msa_1050_firmware
msa_2050_firmware
msa_2052_firmware 		A remote session reuse vulnerability leading to access restriction bypass was discovered in HPE MSA 2040 SAN Storage; HPE MSA 1040 SAN Storage; HPE MSA 1050 SAN Storage; HPE MSA 2042 SAN Storage; HPE… CWE-613
 Insufficient Session Expiration 		CVE-2019-12001 2024-11-21 13:22 2020-04-17 Show GitHub Exploit DB Packet Storm
223425 6.9 MEDIUM
Network 		hpe opencall_media_platform Potential security vulnerabilities have been identified in HPE OpenCall Media Platform (OCMP) resulting in remote arbitrary file download and cross site scripting. HPE has made the following updates … CWE-79
Cross-site Scripting 		CVE-2019-11999 2024-11-21 13:22 2020-04-17 Show GitHub Exploit DB Packet Storm
223426 9.8 CRITICAL
Network 		3cx live_chat The WP Live Chat Support plugin before 8.0.33 for WordPress accepts certain REST API calls without invoking the wplc_api_permission_check protection mechanism. CWE-862
 Missing Authorization 		CVE-2019-12498 2024-11-21 13:22 2020-03-21 Show GitHub Exploit DB Packet Storm
223427 9.8 CRITICAL
Network 		onap open_network_automation_platform In ONAP OOM through Dublin, by accessing an applicable port (30234, 30290, 32010, 30270, 30224, 30281, 30254, 30285, and/or 30271), an attacker gains full access to the respective ONAP services witho… CWE-306
Missing Authentication for Critical Function 		CVE-2019-12127 2024-11-21 13:22 2020-03-20 Show GitHub Exploit DB Packet Storm
223428 9.8 CRITICAL
Network 		onap open_network_automation_platform In ONAP DCAE through Dublin, by accessing an applicable port (30234, 30290, 32010, 30270, 30224, 30281, 30254, 30285, and/or 30271), an attacker gains full access to the respective ONAP services with… CWE-306
Missing Authentication for Critical Function 		CVE-2019-12126 2024-11-21 13:22 2020-03-20 Show GitHub Exploit DB Packet Storm
223429 9.8 CRITICAL
Network 		onap open_network_automation_platform In ONAP Logging through Dublin, by accessing an applicable port (30234, 30290, 32010, 30270, 30224, 30281, 30254, 30285, and/or 30271), an attacker gains full access to the respective ONAP services w… CWE-306
Missing Authentication for Critical Function 		CVE-2019-12125 2024-11-21 13:22 2020-03-20 Show GitHub Exploit DB Packet Storm
223430 6.1 MEDIUM
Network 		apache deltaspike we got reports for 2 injection attacks against the DeltaSpike windowhandler.js. This is only active if a developer selected the ClientSideWindowStrategy which is not the default. CWE-74
Injection 		CVE-2019-12416 2024-11-21 13:22 2020-03-20 Show GitHub Exploit DB Packet Storm