Vulnerability Search Top

Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

Vulnerability Information Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":May 5, 2026, 6 p.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
228621	7.5	危険	ryan haudenschilt	-	PHP の Ryan Haudenschilt Battle.net Clan Script における SQL インジェクションの脆弱性	-	CVE-2007-1909	2012-12-20 18:19	2007-04-10	Show	GitHub Exploit DB Packet Storm

228622	4.3	警告	pineapple technologies	-	Pineapple Technologies QuizShock の auth.php におけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2007-1905	2012-12-20 18:19	2007-04-10	Show	GitHub Exploit DB Packet Storm

228623	2.6	注意	sonicbb	-	SonicBB の search.php におけるクロスサイトスクリプティングの脆弱性	-	CVE-2007-1903	2012-12-20 18:19	2007-05-14	Show	GitHub Exploit DB Packet Storm

228624	6.8	警告	sonicbb	-	SonicBB における SQL インジェクションの脆弱性	-	CVE-2007-1902	2012-12-20 18:19	2007-05-14	Show	GitHub Exploit DB Packet Storm

228625	4.3	警告	sonicbb	-	SonicBB における重要な情報を取得される脆弱性	-	CVE-2007-1901	2012-12-20 18:19	2007-05-14	Show	GitHub Exploit DB Packet Storm

228626	6.5	警告	WordPress.org	-	WordPress の xmlrpc における SQL インジェクションの脆弱性	CWE-89 SQLインジェクション	CVE-2007-1897	2012-12-20 18:19	2007-04-9	Show	GitHub Exploit DB Packet Storm

228627	5.8	警告	sky gunning	-	Sky GUNNING MySpeach の chat.php におけるディレクトリトラバーサルの脆弱性	-	CVE-2007-1896	2012-12-20 18:19	2007-04-9	Show	GitHub Exploit DB Packet Storm

228628	6.8	警告	sky gunning	-	Sky GUNNING MySpeach の chat.php における PHP リモートファイルインクルージョンの脆弱性	-	CVE-2007-1895	2012-12-20 18:19	2007-04-9	Show	GitHub Exploit DB Packet Storm

228629	4.3	警告	WordPress.org	-	WordPress の wp-includes/general-template.php におけるクロスサイトスクリプティングの脆弱性	-	CVE-2007-1894	2012-12-20 18:19	2007-03-9	Show	GitHub Exploit DB Packet Storm

228630	4.9	警告	WordPress.org	-	WordPress の xmlrpc におけるアクセス制限を回避される脆弱性	CWE-264 認可・権限・アクセス制御	CVE-2007-1893	2012-12-20 18:19	2007-04-9	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:May 5, 2026, 4:51 a.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
223811	6.5	MEDIUM Network	cisco	spa112_firmware spa122_firmware	A vulnerability in the web-based management interface of Cisco SPA100 Series Analog Telephone Adapters (ATAs) could allow an authenticated, remote attacker to access sensitive information on an affec…	CWE-200 Information Exposure	CVE-2019-12708	2024-11-21 13:23	2019-10-17	Show	GitHub Exploit DB Packet Storm

223812	6.1	MEDIUM Network	cisco	telepresence_video_communication_server	A vulnerability in the web-based management interface of Cisco Expressway Series and Cisco TelePresence Video Communication Server (VCS) could allow an unauthenticated, remote attacker to conduct a c…	CWE-79 Cross-site Scripting	CVE-2019-12705	2024-11-21 13:23	2019-10-17	Show	GitHub Exploit DB Packet Storm

223813	6.1	MEDIUM Network	cisco	sf250-24_firmware sf250-24p_firmware sf250-48_firmware sf250-48hp_firmware sf250-08_firmware sf250-08hp_firmware sf250-10p_firmware sf250-18_firmware sf250-26_firmware sf25…	A vulnerability in the web-based interface of Cisco Small Business Smart and Managed Switches could allow an unauthenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a …	CWE-79 Cross-site Scripting	CVE-2019-12718	2024-11-21 13:23	2019-10-17	Show	GitHub Exploit DB Packet Storm

223814	6.5	MEDIUM Network	cisco	spa112_firmware spa122_firmware	A vulnerability in the web-based management interface of Cisco SPA100 Series Analog Telephone Adapters (ATAs) could allow an authenticated, remote attacker to view the contents of arbitrary files on …	CWE-22 Path Traversal	CVE-2019-12704	2024-11-21 13:23	2019-10-17	Show	GitHub Exploit DB Packet Storm

223815	5.2	MEDIUM Adjacent	cisco	spa122_firmware	A vulnerability in the web-based management interface of Cisco SPA122 ATA with Router Devices could allow an unauthenticated, adjacent attacker to conduct cross-site scripting attacks. The vulnerabil…	CWE-79 Cross-site Scripting	CVE-2019-12703	2024-11-21 13:23	2019-10-17	Show	GitHub Exploit DB Packet Storm

223816	5.4	MEDIUM Network	cisco	spa112_firmware spa122_firmware	A vulnerability in the web-based management interface of Cisco SPA100 Series Analog Telephone Adapters (ATAs) could allow an authenticated, remote attacker to conduct cross-site scripting attacks. Th…	CWE-79 Cross-site Scripting	CVE-2019-12702	2024-11-21 13:23	2019-10-17	Show	GitHub Exploit DB Packet Storm

223817	5.4	MEDIUM Network	cisco	identity_services_engine	A vulnerability in the web-based management interface of Cisco Identity Services Engine (ISE) could allow an authenticated, remote attacker to conduct cross-site scripting (XSS) attacks against a use…	CWE-79 Cross-site Scripting	CVE-2019-12638	2024-11-21 13:23	2019-10-17	Show	GitHub Exploit DB Packet Storm

223818	5.4	MEDIUM Network	cisco	identity_services_engine	Multiple vulnerabilities in the web-based management interface of Cisco Identity Services Engine (ISE) could allow an authenticated, remote attacker to conduct cross-site scripting (XSS) attacks agai…	CWE-79 Cross-site Scripting	CVE-2019-12637	2024-11-21 13:23	2019-10-17	Show	GitHub Exploit DB Packet Storm

223819	8.8	HIGH Network	cisco	sf250-24_firmware sf250-24p_firmware sf250-48_firmware sf250-48hp_firmware sf250-08_firmware sf250-08hp_firmware sf250-10p_firmware sf250-18_firmware sf250-26_firmware sf25…	A vulnerability in the web-based management interface of Cisco Small Business Smart and Managed Switches could allow an unauthenticated, remote attacker to conduct a cross-site request forgery (CSRF)…	CWE-352 Origin Validation Error	CVE-2019-12636	2024-11-21 13:23	2019-10-17	Show	GitHub Exploit DB Packet Storm

223820	7.5	HIGH Network	gluehome	glue_smart_lock_firmware	Glue Smart Lock 2.7.8 devices do not properly block guest access in certain situations where the network connection is unavailable.	CWE-862 Missing Authorization	CVE-2019-12944	2024-11-21 13:23	2019-10-15	Show	GitHub Exploit DB Packet Storm