Vulnerability Search Top
Show Search Menu
|
You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database). |
JVN Vulnerability Information
Update Date":May 8, 2026, 6 p.m.
| No | CVSS | Level Attach Vector |
Vendor Name | Project Name | Title | CWE | CVE | Update Date | Publication Date | Impact Show |
Exploit PoC Search |
|---|---|---|---|---|---|---|---|---|---|---|---|
| 228701 | 5.8 | 警告 | x-diesel | - | Unreal Commander におけるユーザに危険なファイルを上書きまたは作成させる脆弱性 |
CWE-DesignError
|
CVE-2007-4546 | 2012-12-20 18:33 | 2007-08-27 | Show | GitHub Exploit DB Packet Storm |
| 228702 | 6.8 | 警告 | x-diesel | - | Unreal Commander におけるディレクトリトラバーサルの脆弱性 |
CWE-22
パス・トラバーサル |
CVE-2007-4545 | 2012-12-20 18:33 | 2007-08-27 | Show | GitHub Exploit DB Packet Storm |
| 228703 | 4.3 | 警告 | WordPress.org | - | WordPress MU の wp-newblog.php におけるクロスサイトスクリプティングの脆弱性 |
CWE-352
同一生成元ポリシー違反 |
CVE-2007-4544 | 2012-12-20 18:33 | 2007-08-27 | Show | GitHub Exploit DB Packet Storm |
| 228704 | 4.3 | 警告 | university of minnesota | - | MapServer におけるクロスサイトスクリプティングの脆弱性 |
CWE-79
クロスサイト・スクリプティング(XSS) |
CVE-2007-4542 | 2012-12-20 18:33 | 2007-08-27 | Show | GitHub Exploit DB Packet Storm |
| 228705 | 6.8 | 警告 | skulltag team | - | Huffman 解凍アルゴリズムにおけるヒープベースのバッファオーバーフローの脆弱性 | - | CVE-2007-4537 | 2012-12-20 18:33 | 2007-08-27 | Show | GitHub Exploit DB Packet Storm |
| 228706 | 4.6 | 警告 | torrenttrader | - | TorrentTrader における任意の PHP コードを実行される脆弱性 | - | CVE-2007-4536 | 2012-12-20 18:33 | 2007-08-24 | Show | GitHub Exploit DB Packet Storm |
| 228707 | 4.3 | 警告 | vavoom | - | Vavoom の str.cpp におけるサービス運用妨害 (DoS) の脆弱性 | - | CVE-2007-4535 | 2012-12-20 18:33 | 2007-08-24 | Show | GitHub Exploit DB Packet Storm |
| 228708 | 7.5 | 危険 | vavoom | - | Vavoom の p_thinker.cpp におけるバッファオーバーフローの脆弱性 | - | CVE-2007-4534 | 2012-12-20 18:33 | 2007-08-24 | Show | GitHub Exploit DB Packet Storm |
| 228709 | 6.8 | 警告 | vavoom | - | Vavoom の sv_main.cpp におけるフォーマットストリングの脆弱性 | - | CVE-2007-4533 | 2012-12-20 18:33 | 2007-08-24 | Show | GitHub Exploit DB Packet Storm |
| 228710 | 4.3 | 警告 | TeamSpeak Systems GmbH | - | TeamSpeak Server におけるクロスサイトスクリプティングの脆弱性 | - | CVE-2007-4530 | 2012-12-20 18:33 | 2007-08-24 | Show | GitHub Exploit DB Packet Storm |
NVD Vulnerability Information
Update Date:May 8, 2026, 4:54 a.m.
| No | CVSS | Level Attach Vector |
Vendor Name | Project Name | Title | CWE | CVE | Update Date | Publication Date | Show Affected | Exploit PoC Search |
|---|---|---|---|---|---|---|---|---|---|---|---|
| 222341 | 4.3 |
MEDIUM
Network |
gitlab | gitlab | GitLab 11.8 and later contains a security vulnerability that allows a user to obtain details of restricted pipelines via the merge request endpoint. |
NVD-CWE-noinfo
|
CVE-2019-15594 | 2024-11-21 13:29 | 2020-02-15 | Show | GitHub Exploit DB Packet Storm |
| 222342 | 4.3 |
MEDIUM
Network |
gitlab | gitlab | GitLab 12.2.2 and below contains a security vulnerability that allows a guest user in a private project to see the merge request ID associated to an issue via the activity timeline. |
NVD-CWE-noinfo
|
CVE-2019-15592 | 2024-11-21 13:29 | 2020-02-15 | Show | GitHub Exploit DB Packet Storm |
| 222343 | 9.8 |
CRITICAL
Network |
nodejs oracle debian redhat opensuse |
node.js graalvm communications_cloud_native_core_network_function_cloud_native_environment debian_linux enterprise_linux enterprise_linux_eus leap |
Including trailing white space in HTTP header values in Nodejs 10, 12, and 13 causes bypass of authorization based on header value comparisons |
NVD-CWE-Other
|
CVE-2019-15606 | 2024-11-21 13:29 | 2020-02-8 | Show | GitHub Exploit DB Packet Storm |
| 222344 | 9.8 |
CRITICAL
Network |
nodejs debian fedoraproject opensuse redhat oracle |
node.js debian_linux fedora leap enterprise_linux_desktop enterprise_linux_workstation enterprise_linux_server software_collections enterprise_linux enterprise_linux_server… |
HTTP request smuggling in Node.js 10, 12, and 13 causes malicious payload delivery when transfer-encoding is malformed |
CWE-444
HTTP Request Smuggling |
CVE-2019-15605 | 2024-11-21 13:29 | 2020-02-8 | Show | GitHub Exploit DB Packet Storm |
| 222345 | 7.5 |
HIGH
Network |
nodejs debian opensuse redhat oracle |
node.js debian_linux leap software_collections enterprise_linux_eus enterprise_linux_server_tus enterprise_linux_server_aus enterprise_linux graalvm communications_cloud_na… |
Improper Certificate Validation in Node.js 10, 12, and 13 causes the process to abort when sending a crafted X.509 certificate |
CWE-295
Improper Certificate Validation |
CVE-2019-15604 | 2024-11-21 13:29 | 2020-02-8 | Show | GitHub Exploit DB Packet Storm |
| 222346 | 7.8 |
HIGH
Local |
fortinet | forticlient | A privilege escalation vulnerability in FortiClient for Linux 6.2.1 and below may allow an user with low privilege to run system commands under root privilege via injecting specially crafted "ExportL… |
NVD-CWE-noinfo
|
CVE-2019-15711 | 2024-11-21 13:29 | 2020-02-7 | Show | GitHub Exploit DB Packet Storm |
| 222347 | 4.9 |
MEDIUM
Network |
nextcloud opensuse suse |
nextcloud_server backports suse_linux_enterprise_server |
Improper Input Validation in Nextcloud Server 15.0.7 allows group admins to create users with IDs of system folders. |
CWE-20
Improper Input Validation |
CVE-2019-15624 | 2024-11-21 13:29 | 2020-02-5 | Show | GitHub Exploit DB Packet Storm |
| 222348 | 5.3 |
MEDIUM
Network |
nextcloud suse opensuse |
nextcloud_server package_hub backports_sle |
Exposure of Private Information in Nextcloud Server 16.0.1 causes the server to send it's domain and user IDs to the Nextcloud Lookup Server without any further data when the Lookup server is disable… |
NVD-CWE-noinfo
|
CVE-2019-15623 | 2024-11-21 13:29 | 2020-02-5 | Show | GitHub Exploit DB Packet Storm |
| 222349 | 2.4 |
LOW
Physics |
nextcloud | nextcloud | Not strictly enough sanitization in the Nextcloud Android app 3.6.0 allowed an attacker to get content information from protected tables when using custom queries. |
CWE-89
SQL Injection |
CVE-2019-15622 | 2024-11-21 13:29 | 2020-02-5 | Show | GitHub Exploit DB Packet Storm |
| 222350 | 6.5 |
MEDIUM
Network |
nextcloud | nextcloud_server | Improper permissions preservation in Nextcloud Server 16.0.1 causes sharees to be able to reshare with write permissions when sharing the mount point of a share they received, as a public link. |
CWE-281
Improper Preservation of Permissions |
CVE-2019-15621 | 2024-11-21 13:29 | 2020-02-5 | Show | GitHub Exploit DB Packet Storm |