Vulnerability Search Top

Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

Vulnerability Information Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":May 9, 2026, 6 p.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
228491	5	警告	XScreenSaver project	-	xscreensaver におけるロックされたセッションへのアクセス権を取得される脆弱性	CWE-399 リソース管理の問題	CVE-2007-5585	2012-12-20 18:33	2007-10-19	Show	GitHub Exploit DB Packet Storm

228492	7.5	危険	Pligg	-	Pligg CMS の login.php におけるユーザのパスワードを再設定される脆弱性	CWE-255 証明書・パスワード管理	CVE-2007-5579	2012-12-20 18:33	2007-10-18	Show	GitHub Exploit DB Packet Storm

228493	7.5	危険	Secure Ideas	-	BASE における認証を回避される脆弱性	CWE-287 不適切な認証	CVE-2007-5578	2012-12-20 18:33	2007-10-18	Show	GitHub Exploit DB Packet Storm

228494	4.3	警告	treble designs	-	1024 CMS におけるクロスサイトリクエストフォージェリの脆弱性	CWE-352 同一生成元ポリシー違反	CVE-2007-5575	2012-12-20 18:33	2007-10-18	Show	GitHub Exploit DB Packet Storm

228495	6.8	警告	phpdj	-	PHPDJ の djpage.php における PHP リモートファイルインクルージョンの脆弱性	CWE-94 コード・インジェクション	CVE-2007-5574	2012-12-20 18:33	2007-10-18	Show	GitHub Exploit DB Packet Storm

228496	4.3	警告	sphpblog	-	Simple PHP Blog におけるクロスサイトリクエストフォージェリの脆弱性	CWE-352 同一生成元ポリシー違反	CVE-2007-5572	2012-12-20 18:33	2007-10-18	Show	GitHub Exploit DB Packet Storm

228497	2.6	注意	simple php forum	-	NSSboard におけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2007-5564	2012-12-20 18:33	2007-10-18	Show	GitHub Exploit DB Packet Storm

228498	7.5	危険	VirtueMart	-	VirtueMart における任意の PHP コードを実行される脆弱性	CWE-20 不適切な入力確認	CVE-2007-5563	2012-12-20 18:33	2007-10-18	Show	GitHub Exploit DB Packet Storm

228499	6.9	警告	シマンテック	-	Symantec Altiris Deployment Solution における認証資格情報を取得される脆弱性	CWE-200 情報漏えい	CVE-2007-5555	2012-12-20 18:33	2007-08-13	Show	GitHub Exploit DB Packet Storm

228500	9.3	危険	TIBCO Software	-	TIBCO SmartPGM FX におけるスタックベースのバッファオーバーフローの脆弱性	CWE-119 バッファエラー	CVE-2007-5546	2012-12-20 18:33	2007-10-18	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:May 9, 2026, 5:07 a.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
214641	6.1	MEDIUM Network	zoneminder	zoneminder	skins/classic/views/controlcap.php in ZoneMinder before 1.32.3 has XSS via the newControl array, as demonstrated by the newControl[MinTiltRange] parameter.	CWE-79 Cross-site Scripting	CVE-2019-8426	2024-11-21 13:49	2019-02-18	Show	GitHub Exploit DB Packet Storm

214642	6.1	MEDIUM Network	zoneminder	zoneminder	includes/database.php in ZoneMinder before 1.32.3 has XSS in the construction of SQL-ERR messages.	CWE-79 Cross-site Scripting	CVE-2019-8425	2024-11-21 13:49	2019-02-18	Show	GitHub Exploit DB Packet Storm

214643	9.8	CRITICAL Network	zoneminder	zoneminder	ZoneMinder before 1.32.3 has SQL Injection via the ajax/status.php sort parameter.	CWE-89 SQL Injection	CVE-2019-8424	2024-11-21 13:49	2019-02-18	Show	GitHub Exploit DB Packet Storm

214644	9.8	CRITICAL Network	zoneminder	zoneminder	ZoneMinder through 1.32.3 has SQL Injection via the skins/classic/views/events.php filter[Query][terms][0][cnj] parameter.	CWE-89 SQL Injection	CVE-2019-8423	2024-11-21 13:49	2019-02-18	Show	GitHub Exploit DB Packet Storm

214645	7.2	HIGH Network	pbootcms	pbootcms	A SQL Injection vulnerability exists in PbootCMS v1.3.2 via the description parameter in apps\admin\controller\content\ContentController.php.	CWE-89 SQL Injection	CVE-2019-8422	2024-11-21 13:49	2019-02-18	Show	GitHub Exploit DB Packet Storm

214646	7.2	HIGH Network	bagesoft	bagecms	upload/protected/modules/admini/views/post/index.php in BageCMS through 3.1.4 allows SQL Injection via the title or titleAlias parameter.	CWE-89 SQL Injection	CVE-2019-8421	2024-11-21 13:49	2019-02-18	Show	GitHub Exploit DB Packet Storm

214647	6.1	MEDIUM Network	vnote_project	vnote	VNote 2.2 has XSS via a new text note.	CWE-79 Cross-site Scripting	CVE-2019-8419	2024-11-21 13:49	2019-02-18	Show	GitHub Exploit DB Packet Storm

214648	8.8	HIGH Network	seacms	seacms	SeaCMS 7.2 mishandles member.php?mod=repsw4 requests.	NVD-CWE-noinfo	CVE-2019-8418	2024-11-21 13:49	2019-02-18	Show	GitHub Exploit DB Packet Storm

214649	5.5	MEDIUM Local	mi	mi_mix_2_firmware	On Xiaomi MIX 2 devices with the 4.4.78 kernel, a NULL pointer dereference in the ioctl interface of the device file /dev/elliptic1 or /dev/elliptic0 causes a system crash via IOCTL 0x4008c575 (aka d…	CWE-476 NULL Pointer Dereference	CVE-2019-8413	2024-11-21 13:49	2019-02-18	Show	GitHub Exploit DB Packet Storm

214650	8.8	HIGH Network	feifeicms	feifeicms	FeiFeiCms 4.0.181010 on Windows allows remote attackers to read or delete arbitrary files via index.php?s=Admin-Data-Down-id-..\ or index.php?s=Admin-Data-Del-id-..\ directory traversal.	CWE-22 Path Traversal	CVE-2019-8412	2024-11-21 13:49	2019-02-18	Show	GitHub Exploit DB Packet Storm