Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":May 7, 2026, 2:09 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
228111 6.9 警告 winpcap - WinPcap の NPF.SYS における権限を取得される脆弱性 CWE-119
バッファエラー 		CVE-2007-5756 2012-12-20 18:33 2007-11-13 Show GitHub Exploit DB Packet Storm
228112 6.8 警告 phpfaber - phpFaber URLInn の urlinn_includes/config.php における PHP リモートファイルインクルージョンの脆弱性 CWE-94
コード・インジェクション 		CVE-2007-5754 2012-12-20 18:33 2007-10-31 Show GitHub Exploit DB Packet Storm
228113 9 危険 wesnoth - Wesnoth 用の WML engine preprocessor におけるディレクトリトラバーサルの脆弱性 CWE-22
パス・トラバーサル 		CVE-2007-5742 2012-12-20 18:33 2007-11-27 Show GitHub Exploit DB Packet Storm
228114 7.5 危険 Plone Foundation - Plone における任意の Python コードを実行される脆弱性 CWE-94
コード・インジェクション 		CVE-2007-5741 2012-12-20 18:33 2007-11-7 Show GitHub Exploit DB Packet Storm
228115 7.5 危険 vergenet - Perdition Mail Retrieval Proxy の IMAPD における任意のコードを実行される脆弱性 CWE-134
書式文字列の問題 		CVE-2007-5740 2012-12-20 18:33 2007-10-31 Show GitHub Exploit DB Packet Storm
228116 6.4 警告 seeblick - SeeBlick の upload.php における任意のファイルをアップロードされる脆弱性 CWE-20
不適切な入力確認 		CVE-2007-5736 2012-12-20 18:33 2007-10-30 Show GitHub Exploit DB Packet Storm
228117 4.3 警告 phpPgAdmin - phpPgAdmin におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2007-5728 2012-12-20 18:33 2007-10-30 Show GitHub Exploit DB Packet Storm
228118 4.3 警告 smart-shop - Smart-Shop におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2007-5725 2012-12-20 18:33 2007-10-30 Show GitHub Exploit DB Packet Storm
228119 6.8 警告 profilecms - ProfileCMS の profiles スクリプトにおける任意の PHP コードを実行される脆弱性 CWE-94
コード・インジェクション 		CVE-2007-5720 2012-12-20 18:33 2007-10-30 Show GitHub Exploit DB Packet Storm
228120 4.9 警告 vobcopy - vobcopy における任意のファイルへデータを追加される脆弱性 CWE-59
リンク解釈の問題 		CVE-2007-5718 2012-12-20 18:33 2007-10-30 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:May 7, 2026, 4:22 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
222261 8.8 HIGH
Network 		sentrifugo sentrifugo Multiple file upload restriction bypass vulnerabilities in Sentrifugo 3.2 could allow authenticated users to execute arbitrary code via a webshell. CWE-434
 Unrestricted Upload of File with Dangerous Type  		CVE-2019-15813 2024-11-21 13:29 2019-09-4 Show GitHub Exploit DB Packet Storm
222262 4.4 MEDIUM
Local 		systemd_project
fedoraproject
redhat 		systemd
fedora
enterprise_linux
openshift_container_platform
enterprise_linux_eus
enterprise_linux_server_tus
enterprise_linux_server_aus
enterprise_linux_server_update_services_… 		In systemd 240, bus_open_system_watch_bind_with_description in shared/bus-util.c (as used by systemd-resolved to connect to the system D-Bus instance), calls sd_bus_set_trusted, which disables access… NVD-CWE-noinfo
CVE-2019-15718 2024-11-21 13:29 2019-09-4 Show GitHub Exploit DB Packet Storm
222263 7.5 HIGH
Network 		libexpat_project
python 		libexpat
python 		In libexpat before 2.2.8, crafted XML input could fool the parser into changing from DTD parsing to document parsing too early; a consecutive call to XML_GetCurrentLineNumber (or XML_GetCurrentColumn… CWE-125
CWE-776
Out-of-bounds Read
XML Entity Expansion 		CVE-2019-15903 2024-11-21 13:29 2019-09-4 Show GitHub Exploit DB Packet Storm
222264 5.6 MEDIUM
Local 		linux
debian
opensuse
netapp 		linux_kernel
debian_linux
leap
active_iq_performance_analytics_services
service_processor
baseboard_management_controller_firmware 		A backporting error was discovered in the Linux stable/longterm kernel 4.4.x through 4.4.190, 4.9.x through 4.9.190, 4.14.x through 4.14.141, 4.19.x through 4.19.69, and 5.2.x through 5.2.11. Misuse … CWE-200
Information Exposure 		CVE-2019-15902 2024-11-21 13:29 2019-09-4 Show GitHub Exploit DB Packet Storm
222265 6.1 MEDIUM
Network 		nagios log_server Nagios Log Server before 2.0.8 allows Reflected XSS via the username on the Login page. CWE-79
Cross-site Scripting 		CVE-2019-15898 2024-11-21 13:29 2019-09-4 Show GitHub Exploit DB Packet Storm
222266 7.5 HIGH
Network 		varnish_cache_project
varnish-software
debian 		varnish_cache
debian_linux 		An issue was discovered in Varnish Cache before 6.0.4 LTS, and 6.1.x and 6.2.x before 6.2.1. An HTTP/1 parsing failure allows a remote attacker to trigger an assert by sending crafted HTTP/1 requests… CWE-617
 Reachable Assertion 		CVE-2019-15892 2024-11-21 13:29 2019-09-4 Show GitHub Exploit DB Packet Storm
222267 6.1 MEDIUM
Network 		wpdownloadmanager wordpress_download_manager The download-manager plugin before 2.9.94 for WordPress has XSS via the category shortcode feature, as demonstrated by the orderby or search[publish_date] parameter. CWE-79
Cross-site Scripting 		CVE-2019-15889 2024-11-21 13:29 2019-09-4 Show GitHub Exploit DB Packet Storm
222268 8.8 HIGH
Network 		metagauss profilegrid The profilegrid-user-profiles-groups-and-communities plugin before 2.8.6 for WordPress has remote code execution via an wp-admin/admin-ajax.php request with the action=pm_template_preview&html=<?php … CWE-94
Code Injection 		CVE-2019-15873 2024-11-21 13:29 2019-09-3 Show GitHub Exploit DB Packet Storm
222269 9.8 CRITICAL
Network 		wpbrigade loginpress The LoginPress plugin before 1.1.4 for WordPress has SQL injection via an import of settings. CWE-89
SQL Injection 		CVE-2019-15872 2024-11-21 13:29 2019-09-3 Show GitHub Exploit DB Packet Storm
222270 4.3 MEDIUM
Network 		wpbrigade loginpress The LoginPress plugin before 1.1.4 for WordPress has no capability check for updates to settings. CWE-862
 Missing Authorization 		CVE-2019-15871 2024-11-21 13:29 2019-09-3 Show GitHub Exploit DB Packet Storm