Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":May 7, 2026, 12:09 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
229081 4.3 警告 qdig - Qdig におけるクロスサイトスクリプティングの脆弱性 - CVE-2007-0876 2012-12-20 18:19 2007-02-12 Show GitHub Exploit DB Packet Storm
229082 5 警告 plain old webserver - Mozilla Firefox 用の POW アドオンにおけるディレクトリトラバーサルの脆弱性 - CVE-2007-0872 2012-12-20 18:19 2007-02-12 Show GitHub Exploit DB Packet Storm
229083 5 警告 Yahoo! - Yahoo! Messenger の Chat Room 機能におけるサービス運用妨害 (DoS) の脆弱性 - CVE-2007-0868 2012-12-20 18:19 2007-02-9 Show GitHub Exploit DB Packet Storm
229084 7.5 危険 site-assistant - Site-Assistant の classes/menu.php における PHP リモートファイルインクルージョンの脆弱性 - CVE-2007-0867 2012-12-20 18:19 2007-02-9 Show GitHub Exploit DB Packet Storm
229085 6.8 警告 RARLAB - WinRAR などの製品に同梱されている RARLabs Unrar におけるスタックベースのバッファオーバーフローの脆弱性 - CVE-2007-0855 2012-12-20 18:19 2007-02-8 Show GitHub Exploit DB Packet Storm
229086 7.5 危険 techexcel inc. - DevTrack における SQL インジェクションの脆弱性 - CVE-2007-0853 2012-12-20 18:19 2007-02-8 Show GitHub Exploit DB Packet Storm
229087 6.8 警告 techexcel inc. - DevTrack におけるクロスサイトスクリプティングの脆弱性 - CVE-2007-0852 2012-12-20 18:19 2007-02-8 Show GitHub Exploit DB Packet Storm
229088 7.5 危険 syscp team - SysCP の scripts/cronscript.php における任意のコードを実行される脆弱性 - CVE-2007-0850 2012-12-20 18:19 2007-02-8 Show GitHub Exploit DB Packet Storm
229089 7.2 危険 syscp team - SysCP の scripts/cronscript.php における権限を取得される脆弱性 - CVE-2007-0849 2012-12-20 18:19 2007-02-8 Show GitHub Exploit DB Packet Storm
229090 10 危険 vbdrupal - vbDrupal における脆弱性 - CVE-2007-0841 2012-12-20 18:19 2007-01-30 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:May 7, 2026, 4:22 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
223031 7.8 HIGH
Local 		artifex
redhat
opensuse
fedoraproject
debian 		ghostscript
openshift_container_platform
leap
fedora
debian_linux 		A flaw was found in, ghostscript versions prior to 9.50, in the .pdfexectoken and other procedures where it did not properly secure its privileged calls, enabling scripts to bypass `-dSAFER` restrict… CWE-863
 Incorrect Authorization 		CVE-2019-14817 2024-11-21 13:27 2019-09-4 Show GitHub Exploit DB Packet Storm
223032 7.8 HIGH
Local 		artifex
redhat
fedoraproject
opensuse
debian 		ghostscript
openshift_container_platform
fedora
leap
debian_linux 		A flaw was found in, ghostscript versions prior to 9.50, in the .pdf_hook_DSC_Creator procedure where it did not properly secure its privileged calls, enabling scripts to bypass `-dSAFER` restriction… CWE-863
 Incorrect Authorization 		CVE-2019-14811 2024-11-21 13:27 2019-09-4 Show GitHub Exploit DB Packet Storm
223033 7.5 HIGH
Network 		grafana grafana In Grafana 2.x through 6.x before 6.3.4, parts of the HTTP API allow unauthenticated use. This makes it possible to run a denial of service attack against the server running Grafana. CWE-306
Missing Authentication for Critical Function 		CVE-2019-15043 2024-11-21 13:27 2019-09-3 Show GitHub Exploit DB Packet Storm
223034 7.5 HIGH
Network 		memcached memcached memcached 1.5.16, when UNIX sockets are used, has a stack-based buffer over-read in conn_to_str in memcached.c. CWE-125
Out-of-bounds Read 		CVE-2019-15026 2024-11-21 13:27 2019-08-31 Show GitHub Exploit DB Packet Storm
223035 5.3 MEDIUM
Network 		woocommerce payu_india_payment_gateway /payu/icpcheckout/ in the WooCommerce PayU India Payment Gateway plugin 2.1.1 for WordPress allows Parameter Tampering in the purchaseQuantity=1 parameter, as demonstrated by purchasing an item for l… CWE-20
 Improper Input Validation  		CVE-2019-14978 2024-11-21 13:27 2019-08-30 Show GitHub Exploit DB Packet Storm
223036 5.3 MEDIUM
Network 		woocommerce paypal_checkout_payment_gateway cgi-bin/webscr?cmd=_cart in the WooCommerce PayPal Checkout Payment Gateway plugin 1.6.17 for WordPress allows Parameter Tampering in an amount parameter (such as amount_1), as demonstrated by purcha… CWE-20
 Improper Input Validation  		CVE-2019-14979 2024-11-21 13:27 2019-08-30 Show GitHub Exploit DB Packet Storm
223037 7.8 HIGH
Local 		videolan
debian 		vlc_media_player
debian_linux 		A vulnerability in mkv::event_thread_t in VideoLAN VLC media player 3.0.7.1 allows remote attackers to trigger a heap-based buffer overflow via a crafted .mkv file. CWE-787
 Out-of-bounds Write 		CVE-2019-14970 2024-11-21 13:27 2019-08-30 Show GitHub Exploit DB Packet Storm
223038 7.8 HIGH
Local 		videolan
debian 		vlc_media_player
debian_linux 		The mkv::virtual_segment_c::seek method of demux/mkv/virtual_segment.cpp in VideoLAN VLC media player 3.0.7.1 has a use-after-free. CWE-416
 Use After Free 		CVE-2019-14778 2024-11-21 13:27 2019-08-30 Show GitHub Exploit DB Packet Storm
223039 7.8 HIGH
Local 		videolan
debian 		vlc_media_player
debian_linux 		The Control function of demux/mkv/mkv.cpp in VideoLAN VLC media player 3.0.7.1 has a use-after-free. CWE-416
 Use After Free 		CVE-2019-14777 2024-11-21 13:27 2019-08-30 Show GitHub Exploit DB Packet Storm
223040 7.8 HIGH
Local 		videolan
debian 		vlc_media_player
debian_linux 		A heap-based buffer over-read exists in DemuxInit() in demux/asf/asf.c in VideoLAN VLC media player 3.0.7.1 via a crafted .mkv file. CWE-125
Out-of-bounds Read 		CVE-2019-14776 2024-11-21 13:27 2019-08-30 Show GitHub Exploit DB Packet Storm