Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":May 4, 2026, 6 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
228161 2.1 注意 Vtiger - vtiger CRM における特定ユーザのカレンダー項目を読まれる脆弱性 - CVE-2007-3601 2012-12-20 18:33 2007-05-31 Show GitHub Exploit DB Packet Storm
228162 4 警告 Vtiger - vtiger CRM の wordintegration コンポーネントにおけるフィールドレベルのセキュリティパーミッションを回避される脆弱性 - CVE-2007-3600 2012-12-20 18:33 2007-05-9 Show GitHub Exploit DB Packet Storm
228163 8.5 危険 Vtiger - vtiger CRM における連絡先情報をインポートされるなどの脆弱性 - CVE-2007-3599 2012-12-20 18:33 2007-02-9 Show GitHub Exploit DB Packet Storm
228164 5.5 警告 Vtiger - index.php の vtiger CRM における全ユーザ名などを取得される脆弱性 - CVE-2007-3598 2012-12-20 18:33 2007-02-5 Show GitHub Exploit DB Packet Storm
228165 6.5 警告 Vtiger - vtiger CRM の index.php における管理の変更を実行される脆弱性 - CVE-2007-3616 2012-12-20 18:33 2006-10-24 Show GitHub Exploit DB Packet Storm
228166 8.5 危険 Zen Cart - Zen Cart におけるセッションをハイジャックされる脆弱性 CWE-287
不適切な認証 		CVE-2007-3597 2012-12-20 18:33 2007-07-6 Show GitHub Exploit DB Packet Storm
228167 7.5 危険 vbzoom - VBZooM の reply.php における SQL インジェクションの脆弱性 - CVE-2007-3588 2012-12-20 18:33 2007-07-5 Show GitHub Exploit DB Packet Storm
228168 7.5 危険 postnuke software foundation - PNphpBB2 の viewforum.php における SQL インジェクションの脆弱性 - CVE-2007-3584 2012-12-20 18:33 2007-07-5 Show GitHub Exploit DB Packet Storm
228169 4.3 警告 PHPIDS - PHPIDS における任意の Web スクリプトを挿入される脆弱性 - CVE-2007-3580 2012-12-20 18:33 2007-07-2 Show GitHub Exploit DB Packet Storm
228170 4.3 警告 PHPIDS - PHPIDS における任意の Web スクリプトを挿入される脆弱性 - CVE-2007-3579 2012-12-20 18:33 2007-07-2 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:May 4, 2026, 4:06 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
223971 4.2 MEDIUM
Physics 		mi
sony
samsung
google
sharp
fujitsu 		mi_5s_plus_firmware
xperia_z4_firmware
galaxy_s6_edge_firmware
galaxy_s4_firmware
nexus_7_firmware
nexus_9_firmware
aquos_zeta_sh-04f_firmware
arrows_nx_f05-f_firmware 		Xiaomi Mi 5s Plus devices allow attackers to trigger touchscreen anomalies via a radio signal between 198 kHz and 203 kHz, as demonstrated by a transmitter and antenna hidden just beneath the surface… NVD-CWE-noinfo
CVE-2019-12762 2024-11-21 13:23 2019-06-7 Show GitHub Exploit DB Packet Storm
223972 7.5 HIGH
Network 		python pyxdg A code injection issue was discovered in PyXDG before 0.26 via crafted Python code in a Category element of a Menu XML document in a .menu file. XDG_CONFIG_DIRS must be set up to trigger xdg.Menu.par… CWE-94
Code Injection 		CVE-2019-12761 2024-11-21 13:23 2019-06-7 Show GitHub Exploit DB Packet Storm
223973 7.5 HIGH
Network 		parso_project parso A deserialization vulnerability exists in the way parso through 0.4.0 handles grammar parsing from the cache. Cache loading relies on pickle and, provided that an evil pickle can be written to a cach… CWE-502
 Deserialization of Untrusted Data 		CVE-2019-12760 2024-11-21 13:23 2019-06-7 Show GitHub Exploit DB Packet Storm
223974 4.7 MEDIUM
Network 		chartkick_project chartkick The Chartkick gem through 3.1.0 for Ruby allows XSS. CWE-79
Cross-site Scripting 		CVE-2019-12732 2024-11-21 13:23 2019-06-7 Show GitHub Exploit DB Packet Storm
223975 7.5 HIGH
Network 		sweetscape 010_editor In SweetScape 010 Editor 9.0.1, improper validation of arguments in the internal implementation of the SubStr function (provided by the scripting engine) allows an attacker to cause a denial of servi… CWE-125
Out-of-bounds Read 		CVE-2019-12555 2024-11-21 13:23 2019-06-6 Show GitHub Exploit DB Packet Storm
223976 7.5 HIGH
Network 		sweetscape 010_editor In SweetScape 010 Editor 9.0.1, improper validation of arguments in the internal implementation of the WSubStr function (provided by the scripting engine) allows an attacker to cause a denial of serv… CWE-125
Out-of-bounds Read 		CVE-2019-12554 2024-11-21 13:23 2019-06-6 Show GitHub Exploit DB Packet Storm
223977 9.8 CRITICAL
Network 		sweetscape 010_editor In SweetScape 010 Editor 9.0.1, improper validation of arguments in the internal implementation of the StrCat function (provided by the scripting engine) allows an attacker to overwrite arbitrary mem… CWE-787
 Out-of-bounds Write 		CVE-2019-12553 2024-11-21 13:23 2019-06-6 Show GitHub Exploit DB Packet Storm
223978 8.8 HIGH
Network 		bludit bludit Bludit prior to 3.9.1 allows a non-privileged user to change the password of any account, including admin. This occurs because of bl-kernel/admin/controllers/user-password.php Insecure Direct Object … CWE-639
 Authorization Bypass Through User-Controlled Key 		CVE-2019-12742 2024-11-21 13:23 2019-06-6 Show GitHub Exploit DB Packet Storm
223979 6.1 MEDIUM
Network 		fhir hapi_fhir XSS exists in the HAPI FHIR testpage overlay module of the HAPI FHIR library before 3.8.0. The attack involves unsanitized HTTP parameters being output in a form page, allowing attackers to leak cook… CWE-79
Cross-site Scripting 		CVE-2019-12741 2024-11-21 13:23 2019-06-6 Show GitHub Exploit DB Packet Storm
223980 6.1 MEDIUM
Network 		zohocorp manageengine_servicedesk_plus An issue was discovered in Zoho ManageEngine ServiceDesk Plus 9.3. There is XSS via the PurchaseRequest.do serviceRequestId parameter. CWE-79
Cross-site Scripting 		CVE-2019-12543 2024-11-21 13:23 2019-06-6 Show GitHub Exploit DB Packet Storm