Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":May 11, 2026, 6:01 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
228621 5 警告 VideoLAN - VideoLAN VLC のブラウザプラグインにおける任意のファイルを上書きされる脆弱性 CWE-DesignError
CVE-2007-6683 2012-12-20 18:34 2008-01-16 Show GitHub Exploit DB Packet Storm
228622 7.5 危険 VideoLAN - VideoLAN VLC の httpd_FileCallBack 関数 におけるフォーマットストリングの脆弱性 CWE-DesignError
CVE-2007-6682 2012-12-20 18:34 2008-01-16 Show GitHub Exploit DB Packet Storm
228623 7.5 危険 VideoLAN - VideoLAN VLC の modules/demux/subtitle.c におけるスタックベースのバッファオーバーフローの脆弱性 CWE-119
バッファエラー 		CVE-2007-6681 2012-12-20 18:34 2008-01-16 Show GitHub Exploit DB Packet Storm
228624 5 警告 uber uploader - UU の初期設定におけるアップロードに危険な拡張子を使用される脆弱性 CWE-16
環境設定 		CVE-2007-6676 2012-12-20 18:34 2008-01-8 Show GitHub Exploit DB Packet Storm
228625 4.3 警告 rapidshare - RapidShare Database の Default.asp におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2007-6674 2012-12-20 18:34 2008-01-8 Show GitHub Exploit DB Packet Storm
228626 7.5 危険 phpcredo - PHCDownload の search.php における SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2007-6670 2012-12-20 18:34 2008-01-7 Show GitHub Exploit DB Packet Storm
228627 4.3 警告 phpcredo - PHCDownload の search.php におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2007-6669 2012-12-20 18:34 2008-01-7 Show GitHub Exploit DB Packet Storm
228628 7.5 危険 Zenphoto - Zenphoto の rss.php における SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2007-6666 2012-12-20 18:34 2008-01-4 Show GitHub Exploit DB Packet Storm
228629 7.5 危険 webportal - WebPortal CMS の index.php における SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2007-6664 2012-12-20 18:34 2008-01-4 Show GitHub Exploit DB Packet Storm
228630 7.5 危険 pragmaticutopia - Joomla! 用の Pragmatic Utopia PU Arcade コンポーネントにおける SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2007-6663 2012-12-20 18:34 2008-01-4 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:May 12, 2026, 5:06 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
221941 5.3 MEDIUM
Network 		apache rocketmq In Apache RocketMQ 4.2.0 to 4.6.0, when the automatic topic creation in the broker is turned on by default, an evil topic like “../../../../topic2020” is sent from rocketmq-client to the broker, a to… CWE-22
Path Traversal 		CVE-2019-17572 2024-11-21 13:32 2020-05-15 Show GitHub Exploit DB Packet Storm
221942 9.8 CRITICAL
Network 		apache cloudstack A buffer overflow vulnerability has been found in the baremetal component of Apache CloudStack. This applies to all versions prior to 4.13.1. The vulnerability is due to the lack of validation of the… CWE-119
Incorrect Access of Indexable Resource ('Range Error')  		CVE-2019-17562 2024-11-21 13:32 2020-05-15 Show GitHub Exploit DB Packet Storm
221943 5.4 MEDIUM
Network 		apache syncope It was found that the Apache Syncope EndUser UI login page prio to 2.0.15 and 2.1.6 reflects the successMessage parameters. By this mean, a user accessing the Enduser UI could execute javascript code… CWE-79
Cross-site Scripting 		CVE-2019-17557 2024-11-21 13:32 2020-05-4 Show GitHub Exploit DB Packet Storm
221944 5.4 MEDIUM
Network 		eleveo call_recording ZOOM International Call Recording 6.3.1 suffers from multiple authenticated stored XSS vulnerabilities via the phoneNumber field in the (1) User Edit or (2) User Add form, (3) name field in the Role … CWE-79
Cross-site Scripting 		CVE-2019-18223 2024-11-21 13:32 2020-04-27 Show GitHub Exploit DB Packet Storm
221945 8.8 HIGH
Network 		dlink dir-615_firmware The login page on D-Link DIR-615 T1 20.10 devices allows remote attackers to bypass the CAPTCHA protection mechanism and conduct brute-force attacks. CWE-307
mproper Restriction of Excessive Authentication Attempts 		CVE-2019-17525 2024-11-21 13:32 2020-04-22 Show GitHub Exploit DB Packet Storm
221946 7.5 HIGH
Network 		fortinet fortiap-w2
fortiap-s
fortiswitch
fortianalyzer
fortimanager 		An Uncontrolled Resource Consumption vulnerability in Fortinet FortiSwitch below 3.6.11, 6.0.6 and 6.2.2, FortiAnalyzer below 6.2.3, FortiManager below 6.2.3 and FortiAP-S/W2 below 6.2.2 may allow an… CWE-400
 Uncontrolled Resource Consumption 		CVE-2019-17657 2024-11-21 13:32 2020-04-8 Show GitHub Exploit DB Packet Storm
221947 9.8 CRITICAL
Network 		apache dubbo Unsafe deserialization occurs within a Dubbo application which has HTTP remoting enabled. An attacker may submit a POST request with a Java object in it to completely compromise a Provider instance o… CWE-502
 Deserialization of Untrusted Data 		CVE-2019-17564 2024-11-21 13:32 2020-04-2 Show GitHub Exploit DB Packet Storm
221948 7.5 HIGH
Network 		apache
oracle 		netbeans
graalvm 		The "Apache NetBeans" autoupdate system does not fully validate code signatures. An attacker could modify the downloaded nbm and include additional code. "Apache NetBeans" versions up to and includin… CWE-347
 Improper Verification of Cryptographic Signature 		CVE-2019-17561 2024-11-21 13:32 2020-03-31 Show GitHub Exploit DB Packet Storm
221949 9.1 CRITICAL
Network 		apache
oracle 		netbeans
graalvm 		The "Apache NetBeans" autoupdate system does not validate SSL certificates and hostnames for https based downloads. This allows an attacker to intercept downloads of autoupdates and modify the downlo… CWE-295
Improper Certificate Validation  		CVE-2019-17560 2024-11-21 13:32 2020-03-31 Show GitHub Exploit DB Packet Storm
221950 5.4 MEDIUM
Network 		netapp oncommand_system_manager OnCommand System Manager versions 9.3 prior to 9.3P18 and 9.4 prior to 9.4P2 are susceptible to a cross site scripting vulnerability that could allow an authenticated attacker to inject arbitrary scr… CWE-79
Cross-site Scripting 		CVE-2019-17276 2024-11-21 13:32 2020-03-25 Show GitHub Exploit DB Packet Storm