Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":May 6, 2026, 6 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
228161 2.1 注意 Vtiger - vtiger CRM における特定ユーザのカレンダー項目を読まれる脆弱性 - CVE-2007-3601 2012-12-20 18:33 2007-05-31 Show GitHub Exploit DB Packet Storm
228162 4 警告 Vtiger - vtiger CRM の wordintegration コンポーネントにおけるフィールドレベルのセキュリティパーミッションを回避される脆弱性 - CVE-2007-3600 2012-12-20 18:33 2007-05-9 Show GitHub Exploit DB Packet Storm
228163 8.5 危険 Vtiger - vtiger CRM における連絡先情報をインポートされるなどの脆弱性 - CVE-2007-3599 2012-12-20 18:33 2007-02-9 Show GitHub Exploit DB Packet Storm
228164 5.5 警告 Vtiger - index.php の vtiger CRM における全ユーザ名などを取得される脆弱性 - CVE-2007-3598 2012-12-20 18:33 2007-02-5 Show GitHub Exploit DB Packet Storm
228165 6.5 警告 Vtiger - vtiger CRM の index.php における管理の変更を実行される脆弱性 - CVE-2007-3616 2012-12-20 18:33 2006-10-24 Show GitHub Exploit DB Packet Storm
228166 8.5 危険 Zen Cart - Zen Cart におけるセッションをハイジャックされる脆弱性 CWE-287
不適切な認証 		CVE-2007-3597 2012-12-20 18:33 2007-07-6 Show GitHub Exploit DB Packet Storm
228167 7.5 危険 vbzoom - VBZooM の reply.php における SQL インジェクションの脆弱性 - CVE-2007-3588 2012-12-20 18:33 2007-07-5 Show GitHub Exploit DB Packet Storm
228168 7.5 危険 postnuke software foundation - PNphpBB2 の viewforum.php における SQL インジェクションの脆弱性 - CVE-2007-3584 2012-12-20 18:33 2007-07-5 Show GitHub Exploit DB Packet Storm
228169 4.3 警告 PHPIDS - PHPIDS における任意の Web スクリプトを挿入される脆弱性 - CVE-2007-3580 2012-12-20 18:33 2007-07-2 Show GitHub Exploit DB Packet Storm
228170 4.3 警告 PHPIDS - PHPIDS における任意の Web スクリプトを挿入される脆弱性 - CVE-2007-3579 2012-12-20 18:33 2007-07-2 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:May 7, 2026, 4:22 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
224281 5.4 MEDIUM
Network 		grafana grafana public/app/features/panel/panel_ctrl.ts in Grafana before 6.2.5 allows HTML Injection in panel drilldown links (via the Title or url field). CWE-79
Cross-site Scripting 		CVE-2019-13068 2024-11-21 13:24 2019-06-30 Show GitHub Exploit DB Packet Storm
224282 9.8 CRITICAL
Network 		f5 njs njs through 0.3.3, used in NGINX, has a buffer over-read in nxt_utf8_decode in nxt/nxt_utf8.c. This issue occurs after the fix for CVE-2019-12207 is in place. CWE-125
Out-of-bounds Read 		CVE-2019-13067 2024-11-21 13:24 2019-06-30 Show GitHub Exploit DB Packet Storm
224283 6.5 MEDIUM
Adjacent 		logitech unifying_receiver_firmware
k360_firmware 		Certain Logitech Unifying devices allow attackers to dump AES keys and addresses, leading to the capability of live decryption of Radio Frequency transmissions, as demonstrated by an attack against a… CWE-200
Information Exposure 		CVE-2019-13055 2024-11-21 13:24 2019-06-30 Show GitHub Exploit DB Packet Storm
224284 6.5 MEDIUM
Adjacent 		logitech r500_firmware The Logitech R500 presentation clicker allows attackers to determine the AES key, leading to keystroke injection. On Windows, any text may be injected by using ALT+NUMPAD input to bypass the restrict… CWE-522
 Insufficiently Protected Credentials 		CVE-2019-13054 2024-11-21 13:24 2019-06-30 Show GitHub Exploit DB Packet Storm
224285 6.5 MEDIUM
Adjacent 		logitech unifying_receiver_firmware Logitech Unifying devices allow keystroke injection, bypassing encryption. The attacker must press a "magic" key combination while sniffing cryptographic data from a Radio Frequency transmission. NOT… NVD-CWE-noinfo
CVE-2019-13053 2024-11-21 13:24 2019-06-30 Show GitHub Exploit DB Packet Storm
224286 6.5 MEDIUM
Adjacent 		logitech unifying_receiver_firmware Logitech Unifying devices allow live decryption if the pairing of a keyboard to a receiver is sniffed. CWE-327
 Use of a Broken or Risky Cryptographic Algorithm 		CVE-2019-13052 2024-11-21 13:24 2019-06-30 Show GitHub Exploit DB Packet Storm
224287 7.5 HIGH
Network 		gnupg
sks_keyserver_project
fedoraproject
opensuse
f5 		gnupg
sks_keyserver
fedora
leap
traffix_signaling_delivery_controller 		Interaction between the sks-keyserver code through 1.2.0 of the SKS keyserver network, and GnuPG through 2.2.16, makes it risky to have a GnuPG keyserver configuration line referring to a host on the… CWE-295
Improper Certificate Validation  		CVE-2019-13050 2024-11-21 13:24 2019-06-30 Show GitHub Exploit DB Packet Storm
224288 7.8 HIGH
Local 		toaruos_project toaruos An integer wrap in kernel/sys/syscall.c in ToaruOS 1.10.10 allows users to map arbitrary kernel pages into userland process space via TOARU_SYS_FUNC_MMAP, leading to escalation of privileges. CWE-190
 Integer Overflow or Wraparound 		CVE-2019-13049 2024-11-21 13:24 2019-06-30 Show GitHub Exploit DB Packet Storm
224289 5.5 MEDIUM
Local 		toaruos_project toaruos kernel/sys/syscall.c in ToaruOS through 1.10.9 allows a denial of service upon a critical error in certain sys_sbrk allocation patterns (involving PAGE_SIZE, and a value less than PAGE_SIZE). CWE-190
 Integer Overflow or Wraparound 		CVE-2019-13048 2024-11-21 13:24 2019-06-30 Show GitHub Exploit DB Packet Storm
224290 7.8 HIGH
Local 		toaruos_project toaruos kernel/sys/syscall.c in ToaruOS through 1.10.9 has incorrect access control in sys_sysfunc case 9 for TOARU_SYS_FUNC_SETHEAP, allowing arbitrary kernel pages to be mapped into user land, leading to r… CWE-862
 Missing Authorization 		CVE-2019-13047 2024-11-21 13:24 2019-06-30 Show GitHub Exploit DB Packet Storm