Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":May 6, 2026, 4 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
229011 7.5 危険 XOOPS - Xoops における SQL インジェクションの脆弱性 - CVE-2007-0377 2012-12-20 18:19 2007-01-19 Show GitHub Exploit DB Packet Storm
229012 6.8 警告 VirtueMart - Virtuemart におけるクロスサイトスクリプティングの脆弱性 - CVE-2007-0376 2012-12-20 18:19 2007-01-19 Show GitHub Exploit DB Packet Storm
229013 7.5 危険 phpbp - phpBP の index.php における upload/banners/ ファイルに任意の PHP コードを挿入される脆弱性 - CVE-2007-0370 2012-12-20 18:19 2007-01-19 Show GitHub Exploit DB Packet Storm
229014 7.5 危険 phpbp - phpBP における SQL インジェクションの脆弱性 - CVE-2007-0369 2012-12-20 18:19 2007-01-19 Show GitHub Exploit DB Packet Storm
229015 7.5 危険 uberghey - Uberghey CMS の frontpage.php における PHP リモートファイルインクルージョンの脆弱性 - CVE-2007-0359 2012-12-20 18:19 2007-01-18 Show GitHub Exploit DB Packet Storm
229016 6.2 警告 zonelabs - Microsoft Windows XP および Windows Server 2003 における権限を取得される脆弱性 - CVE-2007-0351 2012-12-20 18:19 2007-01-18 Show GitHub Exploit DB Packet Storm
229017 7.5 危険 sme - SmE FileMailer の index.php および dl.php における SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2007-0350 2012-12-20 18:19 2007-01-18 Show GitHub Exploit DB Packet Storm
229018 7.5 危険 sme - SmE FileMailer の index.php における SQL インジェクションの脆弱性 - CVE-2007-0346 2012-12-20 18:19 2007-01-17 Show GitHub Exploit DB Packet Storm
229019 6.8 警告 The phpMyAdmin Project - phpMyAdmin におけるクロスサイトスクリプティングの脆弱性 - CVE-2007-0341 2012-12-20 18:19 2007-01-17 Show GitHub Exploit DB Packet Storm
229020 7.5 危険 thwboard - ThWboard の inc/header.inc.php における SQL インジェクションの脆弱性 - CVE-2007-0340 2012-12-20 18:19 2007-01-17 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:May 6, 2026, 4:08 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
223141 7.5 HIGH
Network 		simple_service_discovery_protocol_responder_project simple_service_discovery_protocol_responder SSDP Responder 1.x through 1.5 mishandles incoming network messages, leading to a stack-based buffer overflow by 1 byte. This results in a crash of the server, but only when strict stack checking is … CWE-787
CWE-193
 Out-of-bounds Write
 Off-by-one Error 		CVE-2019-14323 2024-11-21 13:26 2019-07-28 Show GitHub Exploit DB Packet Storm
223142 7.5 HIGH
Network 		palletsprojects werkzeug In Pallets Werkzeug before 0.15.5, SharedDataMiddleware mishandles drive names (such as C:) in Windows pathnames. CWE-22
Path Traversal 		CVE-2019-14322 2024-11-21 13:26 2019-07-28 Show GitHub Exploit DB Packet Storm
223143 6.1 MEDIUM
Network 		sunhater kcfinder A cross-site scripting (XSS) vulnerability in upload.php in SunHater KCFinder 3.20-test1, 3.20-test2, 3.12, and earlier allows remote attackers to inject arbitrary web script or HTML via the CKEditor… CWE-79
Cross-site Scripting 		CVE-2019-14315 2024-11-21 13:26 2019-07-28 Show GitHub Exploit DB Packet Storm
223144 5.4 MEDIUM
Network 		veeam one_reporter Veeam ONE Reporter 9.5.0.3201 allows XSS via a crafted Description(config) field to addDashboard or editDashboard in CommonDataHandlerReadOnly.ashx. CWE-79
Cross-site Scripting 		CVE-2019-14298 2024-11-21 13:26 2019-07-28 Show GitHub Exploit DB Packet Storm
223145 5.4 MEDIUM
Network 		veeam one_reporter Veeam ONE Reporter 9.5.0.3201 allows XSS via the Add/Edit Widget with a crafted Caption field to setDashboardWidget in CommonDataHandlerReadOnly.ashx. CWE-79
Cross-site Scripting 		CVE-2019-14297 2024-11-21 13:26 2019-07-28 Show GitHub Exploit DB Packet Storm
223146 7.8 HIGH
Local 		upx_project upx canUnpack in p_vmlinx.cpp in UPX 3.95 allows remote attackers to cause a denial of service (SEGV or buffer overflow, and application crash) or possibly have unspecified other impact via a crafted UPX… CWE-119
Incorrect Access of Indexable Resource ('Range Error')  		CVE-2019-14296 2024-11-21 13:26 2019-07-28 Show GitHub Exploit DB Packet Storm
223147 5.5 MEDIUM
Local 		upx_project upx An Integer overflow in the getElfSections function in p_vmlinx.cpp in UPX 3.95 allows remote attackers to cause a denial of service (crash) via a skewed offset larger than the size of the PE section … CWE-190
 Integer Overflow or Wraparound 		CVE-2019-14295 2024-11-21 13:26 2019-07-28 Show GitHub Exploit DB Packet Storm
223148 5.5 MEDIUM
Local 		glyphandcog xpdfreader An issue was discovered in Xpdf 4.01.01. There is a use-after-free in the function JPXStream::fillReadBuf at JPXStream.cc, due to an out of bounds read. CWE-125
CWE-416
Out-of-bounds Read
 Use After Free 		CVE-2019-14294 2024-11-21 13:26 2019-07-28 Show GitHub Exploit DB Packet Storm
223149 5.5 MEDIUM
Local 		glyphandcog xpdfreader An issue was discovered in Xpdf 4.01.01. There is an out of bounds read in the function GfxPatchMeshShading::parse at GfxState.cc for typeA!=6 case 2. CWE-125
Out-of-bounds Read 		CVE-2019-14293 2024-11-21 13:26 2019-07-28 Show GitHub Exploit DB Packet Storm
223150 5.5 MEDIUM
Local 		glyphandcog xpdfreader An issue was discovered in Xpdf 4.01.01. There is an out of bounds read in the function GfxPatchMeshShading::parse at GfxState.cc for typeA!=6 case 1. CWE-125
Out-of-bounds Read 		CVE-2019-14292 2024-11-21 13:26 2019-07-28 Show GitHub Exploit DB Packet Storm