Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":April 30, 2026, 6 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
228151 10 危険 tinyirc - TinyIdentD におけるスタックベースのバッファオーバーフローの脆弱性 - CVE-2007-2711 2012-12-20 18:19 2007-05-16 Show GitHub Exploit DB Packet Storm
228152 6.8 警告 simple php scripts gallery - sphp の Ivan Peevski gallery における任意の PHP コードを実行される脆弱性 - CVE-2007-2679 2012-12-20 18:19 2007-05-14 Show GitHub Exploit DB Packet Storm
228153 7.5 危険 phpchess - phpChess Community Edition における PHP リモートファイルインクルージョンの脆弱性 - CVE-2007-2677 2012-12-20 18:19 2007-05-14 Show GitHub Exploit DB Packet Storm
228154 7.5 危険 PreProject.com - Pre Classifieds Listings の search.php における SQL インジェクションの脆弱性 - CVE-2007-2675 2012-12-20 18:19 2007-05-14 Show GitHub Exploit DB Packet Storm
228155 7.5 危険 PreProject.com - Pre Shopping Mall の detail.php における SQL インジェクションの脆弱性 - CVE-2007-2674 2012-12-20 18:19 2007-05-14 Show GitHub Exploit DB Packet Storm
228156 7.5 危険 thinc4orce marketing group - PHP Coupon Script の index.php における SQL インジェクションの脆弱性 - CVE-2007-2672 2012-12-20 18:19 2007-05-14 Show GitHub Exploit DB Packet Storm
228157 6.8 警告 webdesproxy - webdesproxy におけるバッファオーバーフローの脆弱性 CWE-119
バッファエラー 		CVE-2007-2668 2012-12-20 18:19 2007-05-14 Show GitHub Exploit DB Packet Storm
228158 7.5 危険 tomasz rekawek - Yaap の includes/common.php における PHP リモートファイルインクルージョンの脆弱性 - CVE-2007-2664 2012-12-20 18:19 2007-05-14 Show GitHub Exploit DB Packet Storm
228159 7.8 危険 precisionid barcode - PrecisionID_DataMatrix.DLL の PrecisionID Barcode ActiveX コントロールにおけるサービス運用妨害 (DoS) の脆弱性 - CVE-2007-2657 2012-12-20 18:19 2007-05-14 Show GitHub Exploit DB Packet Storm
228160 4.4 警告 SUSE
xfsdump		 - xfsdump の xfs_fsr における xfs ファイルシステム上で任意のファイルを上書きされる脆弱性 CWE-362
CWE-Other
CVE-2007-2654 2012-12-20 18:19 2007-05-11 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:April 30, 2026, 4:58 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
223371 4.2 MEDIUM
Physics 		mi
sony
samsung
google
sharp
fujitsu 		mi_5s_plus_firmware
xperia_z4_firmware
galaxy_s6_edge_firmware
galaxy_s4_firmware
nexus_7_firmware
nexus_9_firmware
aquos_zeta_sh-04f_firmware
arrows_nx_f05-f_firmware 		Xiaomi Mi 5s Plus devices allow attackers to trigger touchscreen anomalies via a radio signal between 198 kHz and 203 kHz, as demonstrated by a transmitter and antenna hidden just beneath the surface… NVD-CWE-noinfo
CVE-2019-12762 2024-11-21 13:23 2019-06-7 Show GitHub Exploit DB Packet Storm
223372 7.5 HIGH
Network 		python pyxdg A code injection issue was discovered in PyXDG before 0.26 via crafted Python code in a Category element of a Menu XML document in a .menu file. XDG_CONFIG_DIRS must be set up to trigger xdg.Menu.par… CWE-94
Code Injection 		CVE-2019-12761 2024-11-21 13:23 2019-06-7 Show GitHub Exploit DB Packet Storm
223373 7.5 HIGH
Network 		parso_project parso A deserialization vulnerability exists in the way parso through 0.4.0 handles grammar parsing from the cache. Cache loading relies on pickle and, provided that an evil pickle can be written to a cach… CWE-502
 Deserialization of Untrusted Data 		CVE-2019-12760 2024-11-21 13:23 2019-06-7 Show GitHub Exploit DB Packet Storm
223374 4.7 MEDIUM
Network 		chartkick_project chartkick The Chartkick gem through 3.1.0 for Ruby allows XSS. CWE-79
Cross-site Scripting 		CVE-2019-12732 2024-11-21 13:23 2019-06-7 Show GitHub Exploit DB Packet Storm
223375 7.5 HIGH
Network 		sweetscape 010_editor In SweetScape 010 Editor 9.0.1, improper validation of arguments in the internal implementation of the SubStr function (provided by the scripting engine) allows an attacker to cause a denial of servi… CWE-125
Out-of-bounds Read 		CVE-2019-12555 2024-11-21 13:23 2019-06-6 Show GitHub Exploit DB Packet Storm
223376 7.5 HIGH
Network 		sweetscape 010_editor In SweetScape 010 Editor 9.0.1, improper validation of arguments in the internal implementation of the WSubStr function (provided by the scripting engine) allows an attacker to cause a denial of serv… CWE-125
Out-of-bounds Read 		CVE-2019-12554 2024-11-21 13:23 2019-06-6 Show GitHub Exploit DB Packet Storm
223377 9.8 CRITICAL
Network 		sweetscape 010_editor In SweetScape 010 Editor 9.0.1, improper validation of arguments in the internal implementation of the StrCat function (provided by the scripting engine) allows an attacker to overwrite arbitrary mem… CWE-787
 Out-of-bounds Write 		CVE-2019-12553 2024-11-21 13:23 2019-06-6 Show GitHub Exploit DB Packet Storm
223378 8.8 HIGH
Network 		bludit bludit Bludit prior to 3.9.1 allows a non-privileged user to change the password of any account, including admin. This occurs because of bl-kernel/admin/controllers/user-password.php Insecure Direct Object … CWE-639
 Authorization Bypass Through User-Controlled Key 		CVE-2019-12742 2024-11-21 13:23 2019-06-6 Show GitHub Exploit DB Packet Storm
223379 6.1 MEDIUM
Network 		fhir hapi_fhir XSS exists in the HAPI FHIR testpage overlay module of the HAPI FHIR library before 3.8.0. The attack involves unsanitized HTTP parameters being output in a form page, allowing attackers to leak cook… CWE-79
Cross-site Scripting 		CVE-2019-12741 2024-11-21 13:23 2019-06-6 Show GitHub Exploit DB Packet Storm
223380 6.1 MEDIUM
Network 		zohocorp manageengine_servicedesk_plus An issue was discovered in Zoho ManageEngine ServiceDesk Plus 9.3. There is XSS via the PurchaseRequest.do serviceRequestId parameter. CWE-79
Cross-site Scripting 		CVE-2019-12543 2024-11-21 13:23 2019-06-6 Show GitHub Exploit DB Packet Storm