Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":May 7, 2026, 6 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
228681 7.5 危険 Simple Machines - SMF におけるメッセージの作成時に任意の PHP コードを実行され脆弱性 - CVE-2007-3309 2012-12-20 18:19 2007-06-20 Show GitHub Exploit DB Packet Storm
228682 7.5 危険 Simple Machines - SMF における CAPTCHA テストを通過される脆弱性 - CVE-2007-3308 2012-12-20 18:19 2007-06-20 Show GitHub Exploit DB Packet Storm
228683 7.5 危険 solar empire - Solar Empire の game_listing.php における SQL インジェクションの脆弱性 - CVE-2007-3307 2012-12-20 18:19 2007-06-20 Show GitHub Exploit DB Packet Storm
228684 7.5 危険 ultrize - MiniBill の crontab/run_billing.php における PHP リモートファイルインクルージョンの脆弱性 - CVE-2007-3306 2012-12-20 18:19 2007-06-20 Show GitHub Exploit DB Packet Storm
228685 7.5 危険 spey - Spey における SQL インジェクションの脆弱性 - CVE-2007-3298 2012-12-20 18:19 2007-06-20 Show GitHub Exploit DB Packet Storm
228686 9.3 危険 迅雷 - xunlei Web Thunderbolt の ThunderServer.webThunder.1 ActiveX コントロールにおける任意のファイルをダウンロードされる脆弱性 - CVE-2007-3296 2012-12-20 18:19 2007-06-20 Show GitHub Exploit DB Packet Storm
228687 6.5 警告 yabb - YaBB におけるディレクトリトラバーサルの脆弱性 - CVE-2007-3295 2012-12-20 18:19 2007-06-20 Show GitHub Exploit DB Packet Storm
228688 7.5 危険 XOOPS - XOOPS 用の WiwiMod モジュールにおける PHP リモートファイルインクルージョンの脆弱性 - CVE-2007-3289 2012-12-20 18:19 2007-06-20 Show GitHub Exploit DB Packet Storm
228689 4.3 警告 skeltoac - WordPress 用の Automattic Stats プラグインにおけるクロスサイトスクリプティングの脆弱性 - CVE-2007-3288 2012-12-20 18:19 2007-06-20 Show GitHub Exploit DB Packet Storm
228690 6.8 警告 サン・マイクロシステムズ - Sun Solaris の GNOME XScreenSaver におけるコンソールへアクセスされる脆弱性 - CVE-2007-3283 2012-12-20 18:19 2007-06-19 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:May 8, 2026, 4:54 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
222361 4.3 MEDIUM
Network 		nextcloud circles Improper authorization in the Circles app 0.17.7 causes retaining access when an email address was removed from a circle. NVD-CWE-Other
CVE-2019-15610 2024-11-21 13:29 2020-02-5 Show GitHub Exploit DB Packet Storm
222362 5.4 MEDIUM
Network 		nodered node-red A stored XSS vulnerability is present within node-red (version: <= 0.20.7) npm package, which is a visual tool for wiring the Internet of Things. This issue will allow the attacker to steal session c… CWE-79
Cross-site Scripting 		CVE-2019-15607 2024-11-21 13:29 2020-01-28 Show GitHub Exploit DB Packet Storm
222363 7.5 HIGH
Network 		gitlab gitlab An access control issue exists in < 12.3.5, < 12.2.8, and < 12.1.14 for GitLab Community Edition (CE) and Enterprise Edition (EE) where private merge requests and issues would be disclosed with the G… NVD-CWE-Other
CVE-2019-15590 2024-11-21 13:29 2020-01-28 Show GitHub Exploit DB Packet Storm
222364 6.1 MEDIUM
Network 		gitlab gitlab A XSS exists in Gitlab CE/EE < 12.1.10 in the Mermaid plugin. CWE-79
Cross-site Scripting 		CVE-2019-15586 2024-11-21 13:29 2020-01-28 Show GitHub Exploit DB Packet Storm
222365 9.8 CRITICAL
Network 		gitlab gitlab Improper authentication exists in < 12.3.2, < 12.2.6, and < 12.1.12 for GitLab Community Edition (CE) and Enterprise Edition (EE) in the GitLab SAML integration had a validation issue that permitted … CWE-287
Improper Authentication 		CVE-2019-15585 2024-11-21 13:29 2020-01-28 Show GitHub Exploit DB Packet Storm
222366 7.5 HIGH
Network 		gitlab gitlab An information disclosure exists in < 12.3.2, < 12.2.6, and < 12.1.12 for GitLab Community Edition (CE) and Enterprise Edition (EE). When an issue was moved to a public project from a private one, th… CWE-200
Information Exposure 		CVE-2019-15583 2024-11-21 13:29 2020-01-28 Show GitHub Exploit DB Packet Storm
222367 5.3 MEDIUM
Network 		gitlab gitlab An IDOR was discovered in < 12.3.2, < 12.2.6, and < 12.1.12 for GitLab Community Edition (CE) and Enterprise Edition (EE) that allowed a maintainer to add any private group to a protected environment. CWE-639
 Authorization Bypass Through User-Controlled Key 		CVE-2019-15582 2024-11-21 13:29 2020-01-28 Show GitHub Exploit DB Packet Storm
222368 5.3 MEDIUM
Network 		gitlab gitlab An IDOR exists in < 12.3.2, < 12.2.6, and < 12.1.12 for GitLab Community Edition (CE) and Enterprise Edition (EE) that allowed a project owner or maintainer to see the members of any private group vi… CWE-639
 Authorization Bypass Through User-Controlled Key 		CVE-2019-15581 2024-11-21 13:29 2020-01-28 Show GitHub Exploit DB Packet Storm
222369 5.3 MEDIUM
Network 		gitlab gitlab An information disclosure exists in < 12.3.2, < 12.2.6, and < 12.1.12 for GitLab Community Edition (CE) and Enterprise Edition (EE) where the assignee(s) of a confidential issue in a private project … NVD-CWE-noinfo
CVE-2019-15579 2024-11-21 13:29 2020-01-28 Show GitHub Exploit DB Packet Storm
222370 5.3 MEDIUM
Network 		gitlab gitlab An information disclosure exists in < 12.3.2, < 12.2.6, and < 12.1.12 for GitLab Community Edition (CE) and Enterprise Edition (EE). The path of a private project, that used to be public, would be di… CWE-200
Information Exposure 		CVE-2019-15578 2024-11-21 13:29 2020-01-28 Show GitHub Exploit DB Packet Storm