Vulnerability Search Top

Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

Vulnerability Information Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":May 10, 2026, 6 p.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
229081	5	警告	シマンテック	-	Symantec Ghost Solution Suite におけるサービス運用妨害 (DoS) の脆弱性	-	CVE-2007-3132	2012-12-20 18:19	2007-06-5	Show	GitHub Exploit DB Packet Storm

229082	4.3	警告	publicwarehouse	-	Light Blog の add_comment.php におけるクロスサイトスクリプティングの脆弱性	-	CVE-2007-3131	2012-12-20 18:19	2007-06-8	Show	GitHub Exploit DB Packet Storm

229083	2.6	注意	Utopia Software	-	Utopia News Pro の login.php におけるクロスサイトスクリプティングの脆弱性	-	CVE-2007-3129	2012-12-20 18:19	2007-06-19	Show	GitHub Exploit DB Packet Storm

229084	5	警告	The GIMP Team	-	Gimp におけるサービス運用妨害 (DoS) の脆弱性	-	CVE-2007-3126	2012-12-20 18:19	2007-06-7	Show	GitHub Exploit DB Packet Storm

229085	7.5	危険	zapping	-	Zapping VBI Library の zvbi-ntsc-cc ツールにおけるバッファオーバーフローの脆弱性	-	CVE-2007-3121	2012-12-20 18:19	2007-06-7	Show	GitHub Exploit DB Packet Storm

229086	6.8	警告	The Cacti Group	-	Cacti におけるサービス運用妨害 (DoS) の脆弱性	-	CVE-2007-3113	2012-12-20 18:19	2007-05-22	Show	GitHub Exploit DB Packet Storm

229087	7.8	危険	The Cacti Group	-	Cacti におけるサービス運用妨害 (DoS) の脆弱性	-	CVE-2007-3112	2012-12-20 18:19	2007-05-22	Show	GitHub Exploit DB Packet Storm

229088	9	危険	シマンテック	-	Symantec Client Security および SAV CE などで使用される Symantec Reporting Server における "認証システムを無効にされる" 脆弱性	-	CVE-2007-3095	2012-12-20 18:19	2007-06-5	Show	GitHub Exploit DB Packet Storm

229089	7.8	危険	rainbowsoft	-	Z-Blog におけるデータベースをダウンロードされる脆弱性	-	CVE-2007-3083	2012-12-20 18:19	2007-06-6	Show	GitHub Exploit DB Packet Storm

229090	7.8	危険	sendcard	-	Sendcard の sendcard.php におけるディレクトリトラバーサルの脆弱性	-	CVE-2007-3082	2012-12-20 18:19	2007-06-6	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:May 11, 2026, 4:09 a.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
222481	9.8	CRITICAL Network	dlink	dir-655_firmware dir-866l_firmware dir-652_firmware dhp-1565_firmware dir-855l_firmware dap-1533_firmware dir-862l_firmware dir-615_firmware dir-835_firmware dir-825_firmwa…	Unauthenticated remote code execution occurs in D-Link products such as DIR-655C, DIR-866L, DIR-652, and DHP-1565. The issue occurs when the attacker sends an arbitrary input to a "PingTest" device c…	CWE-78 OS Command	CVE-2019-16920	2024-11-21 13:31	2019-09-27	Show	GitHub Exploit DB Packet Storm

222482	9.8	CRITICAL Network	netgate	pfsense	An issue was discovered in pfSense through 2.4.4-p3. widgets/widgets/picture.widget.php uses the widgetkey parameter directly without sanitization (e.g., a basename call) for a pathname to file_get_c…	CWE-22 Path Traversal	CVE-2019-16915	2024-11-21 13:31	2019-09-27	Show	GitHub Exploit DB Packet Storm

222483	6.1	MEDIUM Network	netgate	pfsense	An XSS issue was discovered in pfSense through 2.4.4-p3. In services_captiveportal_mac.php, the username and delmac parameters are displayed without sanitization.	CWE-79 Cross-site Scripting	CVE-2019-16914	2024-11-21 13:31	2019-09-27	Show	GitHub Exploit DB Packet Storm

222484	9.8	CRITICAL Network	inoideas	inoerp	download.php in inoERP 4.15 allows SQL injection through insecure deserialization.	CWE-89 CWE-502 SQL Injection Deserialization of Untrusted Data	CVE-2019-16894	2024-11-21 13:31	2019-09-27	Show	GitHub Exploit DB Packet Storm

222485	7.5	HIGH Network	netty debian canonical redhat	netty debian_linux ubuntu_linux jboss_enterprise_application_platform	Netty before 4.1.42.Final mishandles whitespace before the colon in HTTP headers (such as a "Transfer-Encoding : chunked" line), which leads to HTTP request smuggling.	CWE-444 HTTP Request Smuggling	CVE-2019-16869	2024-11-21 13:31	2019-09-27	Show	GitHub Exploit DB Packet Storm

222486	9.8	CRITICAL Network	bmc	myit_digital_workplace	BMC Remedy ITSM Suite is prone to unspecified vulnerabilities in both DWP and SmartIT components, which can permit remote attackers to perform pre-authenticated remote commands execution on the Opera…	CWE-502 Deserialization of Untrusted Data	CVE-2019-16755	2024-11-21 13:31	2019-09-27	Show	GitHub Exploit DB Packet Storm

222487	5.3	MEDIUM Network	arm fedoraproject debian	mbed_crypto mbed_tls fedora debian_linux	Arm Mbed TLS before 2.19.0 and Arm Mbed Crypto before 2.0.0, when deterministic ECDSA is enabled, use an RNG with insufficient entropy for blinding, which might allow an attacker to recover a private…	NVD-CWE-noinfo	CVE-2019-16910	2024-11-21 13:31	2019-09-26	Show	GitHub Exploit DB Packet Storm

222488	5.4	MEDIUM Network	teampass	teampass	TeamPass 2.1.27.36 allows Stored XSS by setting a crafted password for an item in a common available folder or sharing the item with an admin. (The crafted password is exploitable when viewing the ch…	CWE-79 Cross-site Scripting	CVE-2019-16904	2024-11-21 13:31	2019-09-26	Show	GitHub Exploit DB Packet Storm

222489	5.3	MEDIUM Network	plutinosoft	platinum	Platinum UPnP SDK 1.2.0 allows Directory Traversal in Core/PltHttpServer.cpp because it checks for /.. where it should be checking for ../ instead.	CWE-22 Path Traversal	CVE-2019-16903	2024-11-21 13:31	2019-09-26	Show	GitHub Exploit DB Packet Storm

222490	5.3	MEDIUM Network	mediawiki fedoraproject debian	mediawiki fedora debian_linux	In MediaWiki through 1.33.0, Special:Redirect allows information disclosure of suppressed usernames via a User ID Lookup.	CWE-862 Missing Authorization	CVE-2019-16738	2024-11-21 13:31	2019-09-26	Show	GitHub Exploit DB Packet Storm