Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":May 4, 2026, 6 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
228851 10 危険 トレンドマイクロ - Windows 用などの Trend Micro ServerProtect におけるスタックベースのバッファオーバーフローの脆弱性 - CVE-2007-1070 2012-12-20 18:19 2007-02-15 Show GitHub Exploit DB Packet Storm
228852 7.8 危険 VMware - VMware Workstation のメモリ管理におけるサービス運用妨害 (DoS) の脆弱性 - CVE-2007-1069 2012-12-20 18:19 2007-05-2 Show GitHub Exploit DB Packet Storm
228853 6.8 警告 ultimate fun book - Ultimate Fun Book の function.php における PHP リモートファイルインクルージョンの脆弱性 - CVE-2007-1059 2012-12-20 18:19 2007-02-21 Show GitHub Exploit DB Packet Storm
228854 7.2 危険 VMware - VMware Workstation における制限された操作を実行される脆弱性 CWE-264
認可・権限・アクセス制御 		CVE-2007-1056 2012-12-20 18:19 2007-02-21 Show GitHub Exploit DB Packet Storm
228855 4.3 警告 WordPress.org - WordPress 用の nonce AYS 機能におけるクロスサイトスクリプティングの脆弱性 - CVE-2007-1049 2012-12-20 18:19 2007-02-13 Show GitHub Exploit DB Packet Storm
228856 7.5 危険 phpbb wordsearch - phpbb_wordsearch の admin_rebuild_search.php における PHP リモートファイルインクルージョンの脆弱性 - CVE-2007-1048 2012-12-20 18:19 2007-02-21 Show GitHub Exploit DB Packet Storm
228857 5.8 警告 xpression news - X-News の news.php におけるディレクトリトラバーサルの脆弱性 CWE-22
パス・トラバーサル 		CVE-2007-1042 2012-12-20 18:19 2007-02-21 Show GitHub Exploit DB Packet Storm
228858 9.3 危険 sandh - S&H Computer Systems News Rover におけるスタックベースのバッファオーバーフローの脆弱性 CWE-119
バッファエラー 		CVE-2007-1041 2012-12-20 18:19 2007-02-21 Show GitHub Exploit DB Packet Storm
228859 7.5 危険 xpression news - X-News の archives.php におけるディレクトリトラバーサルの脆弱性 - CVE-2007-1040 2012-12-20 18:19 2007-02-21 Show GitHub Exploit DB Packet Storm
228860 5 警告 shemes.com - Shemes.com Grabit におけるサービス運用妨害 (DoS) の脆弱性 - CVE-2007-1038 2012-12-20 18:19 2007-02-21 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:May 4, 2026, 4:06 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
223201 8.8 HIGH
Network 		mirumee saleor In Mirumee Saleor 2.7.0 (fixed in 2.8.0), CSRF protection middleware was accidentally disabled, which allowed attackers to send a POST request without a valid CSRF token and be accepted by the server. CWE-352
 Origin Validation Error 		CVE-2019-13594 2024-11-21 13:25 2019-07-15 Show GitHub Exploit DB Packet Storm
223202 5.5 MEDIUM
Local 		sound_exchange_project sound_exchange An issue was discovered in libsox.a in SoX 14.4.2. In sox-fmt.h (startread function), there is an integer overflow on the result of integer addition (wraparound to 0) fed into the lsx_calloc macro th… CWE-190
CWE-476
 Integer Overflow or Wraparound
 NULL Pointer Dereference 		CVE-2019-13590 2024-11-21 13:25 2019-07-15 Show GitHub Exploit DB Packet Storm
223203 9.8 CRITICAL
Network 		anjlab paranoid2 The paranoid2 gem 1.1.6 for Ruby, as distributed on RubyGems.org, included a code-execution backdoor inserted by a third party. The current version, without this backdoor, is 1.1.5. CWE-829
 Inclusion of Functionality from Untrusted Control Sphere 		CVE-2019-13589 2024-11-21 13:25 2019-07-15 Show GitHub Exploit DB Packet Storm
223204 8.8 HIGH
Network 		zoom zoom The Zoom Client before 4.4.53932.0709 on macOS allows remote code execution, a different vulnerability than CVE-2019-13450. If the ZoomOpener daemon (aka the hidden web server) is running, but the Zo… CWE-78
OS Command  		CVE-2019-13567 2024-11-21 13:25 2019-07-12 Show GitHub Exploit DB Packet Storm
223205 7.8 HIGH
Local 		castlerock simple_network_management_protocol_console nodeimp.exe in Castle Rock SNMPc before 9.0.12.1 and 10.x before 10.0.9 has a stack-based buffer overflow via a long variable string in a Map Objects text file. CWE-787
 Out-of-bounds Write 		CVE-2019-13494 2024-11-21 13:25 2019-07-12 Show GitHub Exploit DB Packet Storm
223206 7.8 HIGH
Local 		minimagick_project
debian 		minimagick
debian_linux 		In lib/mini_magick/image.rb in MiniMagick before 4.9.4, a fetched remote image filename could cause remote command execution because Image.open input is directly passed to Kernel#open, which accepts … CWE-78
OS Command  		CVE-2019-13574 2024-11-21 13:25 2019-07-12 Show GitHub Exploit DB Packet Storm
223207 6.1 MEDIUM
Network 		pingidentity agentless_integration_kit XSS exists in Ping Identity Agentless Integration Kit before 1.5. CWE-79
Cross-site Scripting 		CVE-2019-13564 2024-11-21 13:25 2019-07-12 Show GitHub Exploit DB Packet Storm
223208 8.8 HIGH
Network 		dlink dir-655_firmware D-Link DIR-655 C devices before 3.02B05 BETA03 allow CSRF for the entire management console. CWE-352
 Origin Validation Error 		CVE-2019-13563 2024-11-21 13:25 2019-07-12 Show GitHub Exploit DB Packet Storm
223209 6.1 MEDIUM
Network 		dlink dir-655_firmware D-Link DIR-655 C devices before 3.02B05 BETA03 allow XSS, as demonstrated by the /www/ping_response.cgi ping_ipaddr parameter, the /www/ping6_response.cgi ping6_ipaddr parameter, and the /www/apply_s… CWE-79
Cross-site Scripting 		CVE-2019-13562 2024-11-21 13:25 2019-07-12 Show GitHub Exploit DB Packet Storm
223210 9.8 CRITICAL
Network 		dlink dir-655_firmware D-Link DIR-655 C devices before 3.02B05 BETA03 allow remote attackers to execute arbitrary commands via shell metacharacters in the online_firmware_check.cgi check_fw_url parameter. CWE-78
OS Command  		CVE-2019-13561 2024-11-21 13:25 2019-07-12 Show GitHub Exploit DB Packet Storm