Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":May 8, 2026, 10 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
228621 4.3 警告 SAP - SAP NetWeaver Nw04 の BC-WD-JAV におけるクロスサイトスクリプティングの脆弱性 - CVE-2007-3496 2012-12-20 18:19 2007-06-29 Show GitHub Exploit DB Packet Storm
228622 4.3 警告 SAP - SAP Basis コンポーネントの BC-MID-ICF におけるクロスサイトスクリプティングの脆弱性 - CVE-2007-3495 2012-12-20 18:19 2007-06-29 Show GitHub Exploit DB Packet Storm
228623 7.5 危険 Progress Software Corporation - Progress Software OpenEdge の _mprosrv におけるバッファオーバーフローの脆弱性 - CVE-2007-3491 2012-12-20 18:19 2007-06-29 Show GitHub Exploit DB Packet Storm
228624 4.3 警告 Yandex - Yandex Server におけるクロスサイトスクリプティングの脆弱性 - CVE-2007-3485 2012-12-20 18:19 2007-06-28 Show GitHub Exploit DB Packet Storm
228625 10 危険 BlackBerry - Research in Motion BlackBerry Enterprise Server におけるマルウェアを読み込む脆弱性 - CVE-2007-3483 2012-12-20 18:19 2007-06-28 Show GitHub Exploit DB Packet Storm
228626 7.8 危険 VideoLAN - VideoLAN VLC Media Player の input.c におけるサービス運用妨害 (DoS) の脆弱性 - CVE-2007-3468 2012-12-20 18:19 2007-06-27 Show GitHub Exploit DB Packet Storm
228627 7.8 危険 VideoLAN - VideoLAN VLC Media Player の stats.c における整数オーバーフローの脆弱性 - CVE-2007-3467 2012-12-20 18:19 2007-06-27 Show GitHub Exploit DB Packet Storm
228628 10 危険 sofaware - Check Point SofaWare Safe@Office における特定のデフォルトパスワードを含む脆弱性 - CVE-2007-3465 2012-12-20 18:19 2007-06-27 Show GitHub Exploit DB Packet Storm
228629 8.5 危険 sofaware - Check Point SofaWare Safe@Office における権限を取得される脆弱性 - CVE-2007-3464 2012-12-20 18:19 2007-06-27 Show GitHub Exploit DB Packet Storm
228630 6 警告 sofaware - Check Point SofaWare Safe@Office におけるクロスサイトリクエストフォージェリの脆弱性 - CVE-2007-3462 2012-12-20 18:19 2007-06-27 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:May 8, 2026, 4:54 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
224161 8.8 HIGH
Network 		layerbb layerbb LayerBB 1.1.3 allows conversations.php/cmd/new CSRF. CWE-352
 Origin Validation Error 		CVE-2019-13974 2024-11-21 13:25 2019-07-19 Show GitHub Exploit DB Packet Storm
224162 9.8 CRITICAL
Network 		layerbb layerbb LayerBB 1.1.3 allows admin/general.php arbitrary file upload because the custom_logo filename suffix is not restricted, and .php may be used. CWE-434
 Unrestricted Upload of File with Dangerous Type  		CVE-2019-13973 2024-11-21 13:25 2019-07-19 Show GitHub Exploit DB Packet Storm
224163 6.1 MEDIUM
Network 		layerbb layerbb LayerBB 1.1.3 allows XSS via the application/commands/new.php pm_title variable, a related issue to CVE-2019-17997. CWE-79
Cross-site Scripting 		CVE-2019-13972 2024-11-21 13:25 2019-07-19 Show GitHub Exploit DB Packet Storm
224164 6.1 MEDIUM
Network 		otcms otcms OTCMS 3.81 allows XSS via the mode parameter in an apiRun.php?mudi=autoRun request. CWE-79
Cross-site Scripting 		CVE-2019-13971 2024-11-21 13:25 2019-07-19 Show GitHub Exploit DB Packet Storm
224165 6.1 MEDIUM
Network 		antsword_project antsword In antSword before 2.1.0, self-XSS in the database configuration leads to code execution via modules/database/asp/index.js, modules/database/custom/index.js, modules/database/index.js, or modules/dat… CWE-79
Cross-site Scripting 		CVE-2019-13970 2024-11-21 13:25 2019-07-19 Show GitHub Exploit DB Packet Storm
224166 8.8 HIGH
Network 		metinfo metinfo Metinfo 6.x allows SQL Injection via the id parameter in an admin/index.php?n=ui_set&m=admin&c=index&a=doget_text_content&table=lang&field=1 request. CWE-89
SQL Injection 		CVE-2019-13969 2024-11-21 13:25 2019-07-19 Show GitHub Exploit DB Packet Storm
224167 9.8 CRITICAL
Network 		videolan
opensuse
debian
canonical 		vlc_media_player
leap
backports_sle
debian_linux
ubuntu_linux 		lavc_CopyPicture in modules/codec/avcodec/video.c in VideoLAN VLC media player through 3.0.7 has a heap-based buffer over-read because it does not properly validate the width and height. CWE-125
Out-of-bounds Read 		CVE-2019-13962 2024-11-21 13:25 2019-07-19 Show GitHub Exploit DB Packet Storm
224168 8.8 HIGH
Network 		flatcore flatcore A CSRF vulnerability was found in flatCore before 1.5, leading to the upload of arbitrary .php files via acp/core/files.upload-script.php. CWE-352
 Origin Validation Error 		CVE-2019-13961 2024-11-21 13:25 2019-07-19 Show GitHub Exploit DB Packet Storm
224169 5.5 MEDIUM
Local 		libjpeg-turbo libjpeg-turbo In libjpeg-turbo 2.0.2, a large amount of memory can be used during processing of an invalid progressive JPEG image containing incorrect width and height values in the image header. NOTE: the vendor'… CWE-770
 Allocation of Resources Without Limits or Throttling 		CVE-2019-13960 2024-11-21 13:25 2019-07-19 Show GitHub Exploit DB Packet Storm
224170 6.5 MEDIUM
Network 		axiosys bento4 In Bento4 1.5.1-627, AP4_DataBuffer::SetDataSize does not handle reallocation failures, leading to a memory copy into a NULL pointer. This is different from CVE-2018-20186. CWE-476
 NULL Pointer Dereference 		CVE-2019-13959 2024-11-21 13:25 2019-07-19 Show GitHub Exploit DB Packet Storm