Vulnerability Search Top
Show Search Menu
|
You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database). |
JVN Vulnerability Information
Update Date":May 8, 2026, 6 p.m.
| No | CVSS | Level Attach Vector |
Vendor Name | Project Name | Title | CWE | CVE | Update Date | Publication Date | Impact Show |
Exploit PoC Search |
|---|---|---|---|---|---|---|---|---|---|---|---|
| 229121 | 7.8 | 危険 | windy road | - | Vistered Little の skins/common.css.php におけるディレクトリトラバーサルの脆弱性 | - | CVE-2007-2934 | 2012-12-20 18:19 | 2006-08-29 | Show | GitHub Exploit DB Packet Storm |
| 229122 | 7.2 | 危険 | tcl.tk | - | Tcl/Tk の tcl/win/tclWinReg.c におけるバッファオーバーフローの脆弱性 | - | CVE-2007-2877 | 2012-12-20 18:19 | 2007-05-29 | Show | GitHub Exploit DB Packet Storm |
| 229123 | 5.8 | 警告 | レッドハット | - | Fedora NetworkManager パッケージの wpa_supplicant におけるバッファオーバーフローの脆弱性 | - | CVE-2007-2874 | 2012-12-20 18:19 | 2007-06-4 | Show | GitHub Exploit DB Packet Storm |
| 229124 | 7.5 | 危険 | phpecho cms | - | PHPEcho CMS の modules/admin/modules/gallery.php における SQL インジェクションの脆弱性 | - | CVE-2007-2866 | 2012-12-20 18:19 | 2007-05-25 | Show | GitHub Exploit DB Packet Storm |
| 229125 | 9.3 | 危険 | phpPgAdmin | - | phpPgAdmin の sqledit.php におけるクロスサイトスクリプティングの脆弱性 | - | CVE-2007-2865 | 2012-12-20 18:19 | 2007-05-25 | Show | GitHub Exploit DB Packet Storm |
| 229126 | 7.5 | 危険 | saxon | - | SAXON における PHP リモートファイルインクルージョンの脆弱性 | - | CVE-2007-2861 | 2012-12-20 18:19 | 2007-05-24 | Show | GitHub Exploit DB Packet Storm |
| 229127 | 7.5 | 危険 | simpgb | - | SimpGB における PHP リモートファイルインクルージョンの脆弱性 | - | CVE-2007-2859 | 2012-12-20 18:19 | 2007-05-24 | Show | GitHub Exploit DB Packet Storm |
| 229128 | 6.5 | 警告 | phpBB | - | phpBB 用の IP-Tracking Mod における SQL インジェクションの脆弱性 | - | CVE-2007-2858 | 2012-12-20 18:19 | 2007-05-24 | Show | GitHub Exploit DB Packet Storm |
| 229129 | 7.5 | 危険 | zakkis technology corporation | - | ABC Excel Parser の sample/xls2mysql における PHP リモートファイルインクルージョンの脆弱性 | - | CVE-2007-2857 | 2012-12-20 18:19 | 2007-05-24 | Show | GitHub Exploit DB Packet Storm |
| 229130 | 10 | 危険 | sky software | - | Sky Software Shell MegaPack ActiveX の shComboBox ActiveX コントロールにおけるスタックベースのバッファオーバーフローの脆弱性 | - | CVE-2007-2848 | 2012-12-20 18:19 | 2007-05-24 | Show | GitHub Exploit DB Packet Storm |
NVD Vulnerability Information
Update Date:May 9, 2026, 5:07 a.m.
| No | CVSS | Level Attach Vector |
Vendor Name | Project Name | Title | CWE | CVE | Update Date | Publication Date | Show Affected | Exploit PoC Search |
|---|---|---|---|---|---|---|---|---|---|---|---|
| 223481 | 7.4 |
HIGH
Network |
roundcube fedoraproject |
webmail fedora |
Roundcube Webmail through 1.3.9 mishandles Punycode xn-- domain names, leading to homograph attacks. |
NVD-CWE-noinfo
|
CVE-2019-15237 | 2024-11-21 13:28 | 2019-08-20 | Show | GitHub Exploit DB Packet Storm |
| 223482 | 9.8 |
CRITICAL
Network |
live555 | streaming_media | Live555 before 2019.08.16 has a Use-After-Free because GenericMediaServer::createNewClientSessionWithId can generate the same client session ID in succession, which is mishandled by the MPEG1or2 and … |
CWE-416
Use After Free |
CVE-2019-15232 | 2024-11-21 13:28 | 2019-08-20 | Show | GitHub Exploit DB Packet Storm |
| 223483 | 8.8 |
HIGH
Network |
thedaylightstudio | fuel_cms | FUEL CMS 1.4.4 has CSRF in the blocks/create/ Create Blocks section of the Admin console. This could lead to an attacker tricking the administrator into executing arbitrary code via a specially craft… |
CWE-352
Origin Validation Error |
CVE-2019-15229 | 2024-11-21 13:28 | 2019-08-20 | Show | GitHub Exploit DB Packet Storm |
| 223484 | 5.4 |
MEDIUM
Network |
thedaylightstudio | fuel_cms | FUEL CMS 1.4.4 has XSS in the Create Blocks section of the Admin console. This could lead to cookie stealing and other malicious actions. This vulnerability can be exploited with an authenticated acc… |
CWE-79
Cross-site Scripting |
CVE-2019-15228 | 2024-11-21 13:28 | 2019-08-20 | Show | GitHub Exploit DB Packet Storm |
| 223485 | 7.5 |
HIGH
Network |
envoyproxy | envoy | In Envoy through 1.11.1, users may configure a route to match incoming path headers via the libstdc++ regular expression implementation. A remote attacker may send a request with a very long URI to r… |
CWE-770
Allocation of Resources Without Limits or Throttling |
CVE-2019-15225 | 2024-11-21 13:28 | 2019-08-20 | Show | GitHub Exploit DB Packet Storm |
| 223486 | 9.8 |
CRITICAL
Network |
rest-client_project | rest-client | The rest-client gem 1.6.10 through 1.6.13 for Ruby, as distributed on RubyGems.org, included a code-execution backdoor inserted by a third party. Versions <=1.6.9 and >=1.6.14 are unaffected. |
CWE-94
Code Injection |
CVE-2019-15224 | 2024-11-21 13:28 | 2019-08-20 | Show | GitHub Exploit DB Packet Storm |
| 223487 | 4.6 |
MEDIUM
Physics |
linux netapp canonical |
linux_kernel h410c_firmware data_availability_services solidfire_\&_hci_management_node active_iq_unified_manager solidfire_baseboard_management_controller ubuntu_linux |
An issue was discovered in the Linux kernel before 5.1.8. There is a NULL pointer dereference caused by a malicious USB device in the sound/usb/line6/driver.c driver. |
CWE-476
NULL Pointer Dereference |
CVE-2019-15223 | 2024-11-21 13:28 | 2019-08-20 | Show | GitHub Exploit DB Packet Storm |
| 223488 | 4.6 |
MEDIUM
Physics |
linux netapp opensuse |
linux_kernel h410c_firmware data_availability_services solidfire_\&_hci_management_node active_iq_unified_manager solidfire_baseboard_management_controller leap |
An issue was discovered in the Linux kernel before 5.2.8. There is a NULL pointer dereference caused by a malicious USB device in the sound/usb/helper.c (motu_microbookii) driver. |
CWE-476
NULL Pointer Dereference |
CVE-2019-15222 | 2024-11-21 13:28 | 2019-08-20 | Show | GitHub Exploit DB Packet Storm |
| 223489 | 4.6 |
MEDIUM
Physics |
linux netapp canonical debian opensuse |
linux_kernel h410c_firmware data_availability_services solidfire_\&_hci_management_node active_iq_unified_manager solidfire_baseboard_management_controller ubuntu_linux debia… |
An issue was discovered in the Linux kernel before 5.1.17. There is a NULL pointer dereference caused by a malicious USB device in the sound/usb/line6/pcm.c driver. |
CWE-476
NULL Pointer Dereference |
CVE-2019-15221 | 2024-11-21 13:28 | 2019-08-20 | Show | GitHub Exploit DB Packet Storm |
| 223490 | 4.6 |
MEDIUM
Physics |
linux netapp canonical debian opensuse |
linux_kernel h410c_firmware data_availability_services solidfire_\&_hci_management_node active_iq_unified_manager solidfire_baseboard_management_controller ubuntu_linux debia… |
An issue was discovered in the Linux kernel before 5.2.1. There is a use-after-free caused by a malicious USB device in the drivers/net/wireless/intersil/p54/p54usb.c driver. |
CWE-416
Use After Free |
CVE-2019-15220 | 2024-11-21 13:28 | 2019-08-20 | Show | GitHub Exploit DB Packet Storm |