Vulnerability Search Top

Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

Vulnerability Information Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":May 6, 2026, 10 a.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
228571	7.2	危険	secustick	-	Secustick USB フラッシュドライブの USB20.dll における認証要件を回避される脆弱性	-	CVE-2007-2023	2012-12-20 18:19	2007-04-13	Show	GitHub Exploit DB Packet Storm

228572	7.5	危険	pineapple technologies	-	Pineapple Technologies Lore における PHP リモートファイルインクルージョンの脆弱性	-	CVE-2007-2021	2012-12-20 18:19	2007-04-12	Show	GitHub Exploit DB Packet Storm

228573	7.5	危険	tomex	-	phpGalleryScript の init.gallery.php における PHP リモートファイルインクルージョンの脆弱性	-	CVE-2007-2019	2012-12-20 18:19	2007-04-12	Show	GitHub Exploit DB Packet Storm

228574	4.3	警告	The phpMyAdmin Project	-	phpMyAdmin の mysql/phpinfo.php におけるクロスサイトスクリプティングの脆弱性	-	CVE-2007-2016	2012-12-20 18:19	2007-04-12	Show	GitHub Exploit DB Packet Storm

228575	6.8	警告	request it	-	Request It の index.php における PHP リモートファイルインクルージョンの脆弱性	-	CVE-2007-2015	2012-12-20 18:19	2007-04-12	Show	GitHub Exploit DB Packet Storm

228576	6.8	警告	simpcms	-	SimpCMS Light の filename.asp における PHP リモートファイルインクルージョンの脆弱性	-	CVE-2007-2009	2012-12-20 18:19	2007-04-12	Show	GitHub Exploit DB Packet Storm

228577	7.5	危険	pl-php	-	pL-PHP の admin.php におけるディレクトリトラバーサルの脆弱性	-	CVE-2007-2008	2012-12-20 18:19	2007-04-12	Show	GitHub Exploit DB Packet Storm

228578	10	危険	stephen craton	-	Stephen Craton Chatness の admin/options.php における classes/vars.php などの設定ファイルを読まれる脆弱性	-	CVE-2007-2147	2012-12-20 18:19	2007-04-19	Show	GitHub Exploit DB Packet Storm

228579	7.5	危険	shoutpro	-	ShoutPro の shoutbox.php における shouts.php へ任意の PHP コードを挿入される脆弱性	-	CVE-2007-2141	2012-12-20 18:19	2007-04-19	Show	GitHub Exploit DB Packet Storm

228580	7.5	危険	rha7 downloads	-	XOOPS 用の rha7downloads モジュールにおける SQL インジェクションの脆弱性	-	CVE-2007-2107	2012-12-20 18:19	2007-04-18	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:May 6, 2026, 4:08 a.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
222571	6.1	MEDIUM Network	openfind	mail2000	The login feature in "/cgi-bin/portal" in MAIL2000 through version 6.0 and 7.0 has a cross-site scripting (XSS) vulnerability, allowing execution of arbitrary code via any parameter. This vulnerabili…	CWE-79 Cross-site Scripting	CVE-2019-15072	2024-11-21 13:27	2019-11-20	Show	GitHub Exploit DB Packet Storm

222572	6.1	MEDIUM Network	openfind	mail2000	The "/cgi-bin/go" page in MAIL2000 through version 6.0 and 7.0 has a cross-site scripting (XSS) vulnerability, allowing execution of arbitrary code via ACTION parameter without authentication. The co…	CWE-79 Cross-site Scripting	CVE-2019-15071	2024-11-21 13:27	2019-11-20	Show	GitHub Exploit DB Packet Storm

222573	6.1	MEDIUM Network	getmailbird	mailbird	Multiple cross-site scripting (XSS) vulnerabilities in Mailbird before 2.7.5.0 r allow remote attackers to execute arbitrary JavaScript in a privileged context via a crafted HTML mail message. This v…	CWE-79 Cross-site Scripting	CVE-2019-15054	2024-11-21 13:27	2019-11-19	Show	GitHub Exploit DB Packet Storm

222574	8.8	HIGH Network	artifex fedoraproject opensuse	ghostscript fedora leap	A flaw was found in all versions of ghostscript 9.x before 9.50, where the `.charkeys` procedure, where it did not properly secure its privileged calls, enabling scripts to bypass `-dSAFER` restricti…	CWE-732 Incorrect Permission Assignment for Critical Resource	CVE-2019-14869	2024-11-21 13:27	2019-11-15	Show	GitHub Exploit DB Packet Storm

222575	10.0	CRITICAL Network	sas	xml_mapper base_sas	SAS XML Mapper 9.45 has an XML External Entity (XXE) vulnerability that can be leveraged by malicious attackers in multiple ways. Examples are Local File Reading, Out Of Band File Exfiltration, Serve…	CWE-611 XXE	CVE-2019-14678	2024-11-21 13:27	2019-11-15	Show	GitHub Exploit DB Packet Storm

222576	7.5	HIGH Network	dpdk redhat fedoraproject	data_plane_development_kit enterprise_linux_fast_datapath openstack virtualization_eus fedora	A flaw was found in all dpdk version 17.x.x before 17.11.8, 16.x.x before 16.11.10, 18.x.x before 18.11.4 and 19.x.x before 19.08.1 where a malicious master, or a container with access to vhost_user …	CWE-401 Missing Release of Memory after Effective Lifetime	CVE-2019-14818	2024-11-21 13:27	2019-11-15	Show	GitHub Exploit DB Packet Storm

222577	7.8	HIGH Local	intel	nuvoton_consumer_infrared	Improper permissions in the installer for the Nuvoton* CIR Driver versions 1.02.1002 and before may allow an authenticated user to potentially enable escalation of privilege via local access.	CWE-276 Incorrect Default Permissions	CVE-2019-14602	2024-11-21 13:27	2019-11-15	Show	GitHub Exploit DB Packet Storm

222578	6.5	MEDIUM Network	redhat	syndesis fuse	It was found that the Syndesis configuration for Cross-Origin Resource Sharing was set to allow all origins. An attacker could use this lack of protection to conduct phishing attacks and further acce…	NVD-CWE-Other	CVE-2019-14860	2024-11-21 13:27	2019-11-9	Show	GitHub Exploit DB Packet Storm

222579	6.5	MEDIUM Network	fedoraproject redhat debian	389_directory_server enterprise_linux debian_linux	A flaw was found in the 'deref' plugin of 389-ds-base where it could use the 'search' permission to display attribute values. In some configurations, this could allow an authenticated attacker to vie…	CWE-732 Incorrect Permission Assignment for Critical Resource	CVE-2019-14824	2024-11-21 13:27	2019-11-9	Show	GitHub Exploit DB Packet Storm

222580	4.3	MEDIUM Network	atlassian	troubleshooting_and_support jira bitbucket confluence crowd fisheye crucible bamboo	The Atlassian Troubleshooting and Support Tools plugin prior to version 1.17.2 allows an unprivileged user to initiate periodic log scans and send the results to a user-specified email address due to…	CWE-862 Missing Authorization	CVE-2019-15005	2024-11-21 13:27	2019-11-8	Show	GitHub Exploit DB Packet Storm