Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":May 8, 2026, 6 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
229001 7.5 危険 scriptdevelopers.net - NetClassifieds Premium Edition における SQL インジェクションの脆弱性 - CVE-2007-3354 2012-12-20 18:19 2007-06-22 Show GitHub Exploit DB Packet Storm
229002 4.3 警告 stephen ostermiller - Stephen Ostermiller Contact Form のプレビューフォームにおけるクロスサイトスクリプティングの脆弱性 - CVE-2007-3352 2012-12-20 18:19 2007-06-22 Show GitHub Exploit DB Packet Storm
229003 7.8 危険 sj labs - SJPhone SIP ソフトフォンにおけるサービス運用妨害 (DoS) の脆弱性 - CVE-2007-3351 2012-12-20 18:19 2007-06-22 Show GitHub Exploit DB Packet Storm
229004 4.3 警告 シックス・アパート株式会社 - MT におけるクロスサイトスクリプティングの脆弱性 - CVE-2007-3342 2012-12-20 18:19 2007-06-21 Show GitHub Exploit DB Packet Storm
229005 7.5 危険 phpecho cms - PHPEcho CMS の管理パネルにおける SQL インジェクションの脆弱性 - CVE-2007-3335 2012-12-20 18:19 2007-06-21 Show GitHub Exploit DB Packet Storm
229006 5 警告 PHPNUKE - PHP-Nuke 用の Satel Lite におけるディレクトリトラバーサルの脆弱性 - CVE-2007-3332 2012-12-20 18:19 2007-06-21 Show GitHub Exploit DB Packet Storm
229007 5 警告 stphp - STphp EasyNews におけるクロスサイトリクエストフォージェリの脆弱性 - CVE-2007-3331 2012-12-20 18:19 2007-06-21 Show GitHub Exploit DB Packet Storm
229008 4.3 警告 stphp - STphp EasyNews におけるクロスサイトスクリプティングの脆弱性 - CVE-2007-3330 2012-12-20 18:19 2007-06-21 Show GitHub Exploit DB Packet Storm
229009 6.8 警告 xvid - Xvid の src/bitstream/mbcoding.c における任意のコードを実行される脆弱性 CWE-DesignError
CVE-2007-3329 2012-12-20 18:19 2007-04-28 Show GitHub Exploit DB Packet Storm
229010 9.3 危険 VideoLAN - VideoLAN VLC Media Player のプラグインにおけるフォーマットストリングの脆弱性 - CVE-2007-3316 2012-12-20 18:19 2007-06-12 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:May 8, 2026, 4:54 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
222681 8.8 HIGH
Network 		webmin webmin rpc.cgi in Webmin through 1.920 allows authenticated Remote Code Execution via a crafted object name because unserialise_variable makes an eval call. NOTE: the Webmin_Servers_Index documentation stat… CWE-94
Code Injection 		CVE-2019-15642 2024-11-21 13:29 2019-08-27 Show GitHub Exploit DB Packet Storm
222682 6.5 MEDIUM
Network 		webmin webmin xmlrpc.cgi in Webmin through 1.930 allows authenticated XXE attacks. By default, only root, admin, and sysadm can access xmlrpc.cgi. CWE-611
XXE 		CVE-2019-15641 2024-11-21 13:29 2019-08-27 Show GitHub Exploit DB Packet Storm
222683 7.5 HIGH
Network 		limesurvey limesurvey Limesurvey before 3.17.10 does not validate both the MIME type and file extension of an image. CWE-20
 Improper Input Validation  		CVE-2019-15640 2024-11-21 13:29 2019-08-27 Show GitHub Exploit DB Packet Storm
222684 8.1 HIGH
Network 		tableau tableau_server
tableau_desktop
tableau_reader
tableau_public_desktop 		Numerous Tableau products are vulnerable to XXE via a malicious workbook, extension, or data source, leading to information disclosure or a DoS. This affects Tableau Server, Tableau Desktop, Tableau … CWE-611
XXE 		CVE-2019-15637 2024-11-21 13:29 2019-08-27 Show GitHub Exploit DB Packet Storm
222685 9.8 CRITICAL
Network 		xm-online xm\^online_2_-_common_utils_and_endpoints XM^online 2 Common Utils and Endpoints 0.2.1 allows SQL injection, related to Constants.java, DropSchemaResolver.java, and SchemaChangeResolver.java. CWE-89
SQL Injection 		CVE-2019-15558 2024-11-21 13:29 2019-08-27 Show GitHub Exploit DB Packet Storm
222686 9.8 CRITICAL
Network 		xm-online xm\^online_2_user_account_and_authentication_server XM^online 2 User Account and Authentication server 1.0.0 allows SQL injection via a tenant key. CWE-89
SQL Injection 		CVE-2019-15557 2024-11-21 13:29 2019-08-27 Show GitHub Exploit DB Packet Storm
222687 9.8 CRITICAL
Network 		wellness_project wellness FredReinink Wellness-app before 2019-06-19 allows SQL injection, related to dietTrack.php, exerciseGenerator.php, fitnessTrack.php, and server.php. CWE-89
SQL Injection 		CVE-2019-15555 2024-11-21 13:29 2019-08-27 Show GitHub Exploit DB Packet Storm
222688 9.8 CRITICAL
Network 		reviews_module_project reviews_module The Reviews Module before 2019-06-14 for OpenSource Table allows SQL injection in database/index.js. CWE-89
SQL Injection 		CVE-2019-15560 2024-11-21 13:29 2019-08-27 Show GitHub Exploit DB Packet Storm
222689 9.8 CRITICAL
Network 		hawn_project hawn DianoxDragon Hawn before 2019-07-10 allows SQL injection. CWE-89
SQL Injection 		CVE-2019-15559 2024-11-21 13:29 2019-08-27 Show GitHub Exploit DB Packet Storm
222690 9.8 CRITICAL
Network 		cipsoft gesior-aac Gesior-AAC before 2019-05-01 allows serviceID SQL injection in accountmanagement.php. CWE-89
SQL Injection 		CVE-2019-15574 2024-11-21 13:29 2019-08-27 Show GitHub Exploit DB Packet Storm