Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":May 4, 2026, noon

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
228411 7.5 危険 PreProject.com - Pre Shopping Mall の detail.php における SQL インジェクションの脆弱性 - CVE-2007-2674 2012-12-20 18:19 2007-05-14 Show GitHub Exploit DB Packet Storm
228412 7.5 危険 thinc4orce marketing group - PHP Coupon Script の index.php における SQL インジェクションの脆弱性 - CVE-2007-2672 2012-12-20 18:19 2007-05-14 Show GitHub Exploit DB Packet Storm
228413 6.8 警告 webdesproxy - webdesproxy におけるバッファオーバーフローの脆弱性 CWE-119
バッファエラー 		CVE-2007-2668 2012-12-20 18:19 2007-05-14 Show GitHub Exploit DB Packet Storm
228414 7.5 危険 tomasz rekawek - Yaap の includes/common.php における PHP リモートファイルインクルージョンの脆弱性 - CVE-2007-2664 2012-12-20 18:19 2007-05-14 Show GitHub Exploit DB Packet Storm
228415 7.8 危険 precisionid barcode - PrecisionID_DataMatrix.DLL の PrecisionID Barcode ActiveX コントロールにおけるサービス運用妨害 (DoS) の脆弱性 - CVE-2007-2657 2012-12-20 18:19 2007-05-14 Show GitHub Exploit DB Packet Storm
228416 4.4 警告 SUSE
xfsdump		 - xfsdump の xfs_fsr における xfs ファイルシステム上で任意のファイルを上書きされる脆弱性 CWE-362
CWE-Other
CVE-2007-2654 2012-12-20 18:19 2007-05-11 Show GitHub Exploit DB Packet Storm
228417 7.5 危険 voodoo circle - VooDoo cIRCle におけるサービス運用妨害 (DoS) の脆弱性 - CVE-2007-2651 2012-12-20 18:19 2007-05-14 Show GitHub Exploit DB Packet Storm
228418 7.8 危険 t-com - T-com Speedport W 700v における遅延を回避される脆弱性 - CVE-2007-2649 2012-12-20 18:19 2007-05-14 Show GitHub Exploit DB Packet Storm
228419 6.8 警告 yenc32 - yEnc32 におけるヒープベースのバッファオーバーフローの脆弱性 - CVE-2007-2646 2012-12-20 18:19 2007-05-14 Show GitHub Exploit DB Packet Storm
228420 5 警告 pinkcrow designs - PinkCrow Designs Gallery または maGAZIn の phpThumb.php におけるディレクトリトラバーサルの脆弱性 - CVE-2007-2643 2012-12-20 18:19 2007-05-13 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:May 4, 2026, 4:06 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
223781 7.8 HIGH
Local 		symantec endpoint_protection Symantec Endpoint Protection, prior to 14.2 RU1 & 12.1 RU6 MP10 and Symantec Endpoint Protection Small Business Edition, prior to 12.1 RU6 MP10c (12.1.7491.7002), may be susceptible to a privilege es… CWE-125
Out-of-bounds Read 		CVE-2019-12750 2024-11-21 13:23 2019-08-1 Show GitHub Exploit DB Packet Storm
223782 8.3 HIGH
Network 		polycom unified_communications_software
united_communications_software 		A vulnerability in the web-based management interface of VVX, Trio, SoundStructure, SoundPoint, and SoundStation phones running Polycom UC Software, if exploited, could allow an authenticated, remote… CWE-749
 Exposed Dangerous Method or Function 		CVE-2019-12948 2024-11-21 13:23 2019-07-30 Show GitHub Exploit DB Packet Storm
223783 5.3 MEDIUM
Network 		humhub social_network_kit HumHub Social Network Kit Enterprise v1.3.13 allows remote attackers to find the user accounts existing on any Social Network Kits (including self-hosted ones) by brute-forcing the username after the… CWE-203
 Information Exposure Through Discrepancy 		CVE-2019-12743 2024-11-21 13:23 2019-07-30 Show GitHub Exploit DB Packet Storm
223784 5.5 MEDIUM
Local 		sweetscape 010_editor In SweetScape 010 Editor 9.0.1, an integer overflow during the initialization of variables could allow an attacker to cause a denial of service. CWE-190
 Integer Overflow or Wraparound 		CVE-2019-12552 2024-11-21 13:23 2019-07-23 Show GitHub Exploit DB Packet Storm
223785 5.5 MEDIUM
Local 		sweetscape 010_editor In SweetScape 010 Editor 9.0.1, improper validation of arguments in the internal implementation of the Memcpy function (provided by the scripting engine) allows an attacker to overwrite arbitrary mem… CWE-787
 Out-of-bounds Write 		CVE-2019-12551 2024-11-21 13:23 2019-07-23 Show GitHub Exploit DB Packet Storm
223786 8.8 HIGH
Network 		wp-code-highlightjs_project wp-code-highlightjs An issue was discovered in the wp-code-highlightjs plugin through 0.6.2 for WordPress. wp-admin/options-general.php?page=wp-code-highlight-js allows CSRF, as demonstrated by an XSS payload in the hlj… CWE-352
CWE-79
 Origin Validation Error
Cross-site Scripting 		CVE-2019-12934 2024-11-21 13:23 2019-07-20 Show GitHub Exploit DB Packet Storm
223787 9.8 CRITICAL
Network 		proftpd
fedoraproject
debian
siemens 		proftpd
fedora
debian_linux
simatic_cp_1543-1_firmware 		An arbitrary file copy vulnerability in mod_copy in ProFTPD up to 1.3.5b allows for remote code execution and information disclosure without authentication, a related issue to CVE-2015-3306. CWE-755
 Improper Handling of Exceptional Conditions 		CVE-2019-12815 2024-11-21 13:23 2019-07-20 Show GitHub Exploit DB Packet Storm
223788 9.8 CRITICAL
Network 		zeroshell zeroshell Zeroshell 3.9.0 is prone to a remote command execution vulnerability. Specifically, this issue occurs because the web application mishandles a few HTTP parameters. An unauthenticated attacker can exp… CWE-78
OS Command  		CVE-2019-12725 2024-11-21 13:23 2019-07-20 Show GitHub Exploit DB Packet Storm
223789 4.8 MEDIUM
Network 		jisiwei i3_firmware A vulnerability was found in the app 2.0 of the Shenzhen Jisiwei i3 robot vacuum cleaner, while adding a device to the account using a QR-code. The QR-code follows an easily predictable pattern that … CWE-330
 Use of Insufficiently Random Values 		CVE-2019-12821 2024-11-21 13:23 2019-07-20 Show GitHub Exploit DB Packet Storm
223790 5.6 MEDIUM
Network 		jisiwei i3_firmware A vulnerability was found in the app 2.0 of the Shenzhen Jisiwei i3 robot vacuum cleaner. Actions performed on the app such as changing a password, and personal information it communicates with the s… CWE-319
Cleartext Transmission of Sensitive Information 		CVE-2019-12820 2024-11-21 13:23 2019-07-20 Show GitHub Exploit DB Packet Storm