Vulnerability Search Top

Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

Vulnerability Information Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":May 2, 2026, 6 p.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
229131	9.3	危険	scriptsez.net	-	Scriptsez.net E-Dating System におけるプライベートメッセージを読まれる脆弱性	-	CVE-2006-7061	2012-12-20 18:18	2007-02-23	Show	GitHub Exploit DB Packet Storm

229132	5.8	警告	サン・マイクロシステムズ	-	Sun Solaris の .iked などに使用されている libike ライブラリにおける PKCS #1 v1.5 署名を偽造される脆弱性	CWE-DesignError	CVE-2006-7140	2012-12-20 18:18	2006-11-27	Show	GitHub Exploit DB Packet Storm

229133	5	警告	scriptsez.net	-	Scriptsez.net E-Dating System の cindex.php におけるフルパスを取得される脆弱性	-	CVE-2006-7060	2012-12-20 18:18	2007-02-23	Show	GitHub Exploit DB Packet Storm

229134	4.3	警告	scriptsez.net	-	Scriptsez.net E-Dating System におけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2006-7059	2012-12-20 18:18	2007-02-23	Show	GitHub Exploit DB Packet Storm

229135	4.3	警告	Ando Saabas	-	Sphider におけるクロスサイトスクリプティングの脆弱性	-	CVE-2006-7058	2012-12-20 18:18	2007-02-23	Show	GitHub Exploit DB Packet Storm

229136	7.5	危険	Ando Saabas	-	Sphider の search.php における SQL インジェクションの脆弱性	-	CVE-2006-7057	2012-12-20 18:18	2007-02-23	Show	GitHub Exploit DB Packet Storm

229137	6.8	警告	sweetphp	-	TotalCalendar の index.php における PHP リモートファイルインクルージョンの脆弱性	-	CVE-2006-7055	2012-12-20 18:18	2007-02-23	Show	GitHub Exploit DB Packet Storm

229138	6.8	警告	Wikka Development Team	-	WikkaWiki におけるクロスサイトスクリプティングの脆弱性	-	CVE-2006-7050	2012-12-20 18:18	2007-02-23	Show	GitHub Exploit DB Packet Storm

229139	7.5	危険	Wikka Development Team	-	WikkaWiki の Method メソッドにおけるアクセス制限を回避される脆弱性	-	CVE-2006-7049	2012-12-20 18:18	2007-02-23	Show	GitHub Exploit DB Packet Storm

229140	5	警告	shoutpro	-	Shoutpro の include.php における禁止 IP 制限を回避される脆弱性	CWE-264 認可・権限・アクセス制御	CVE-2006-7047	2012-12-20 18:18	2007-02-23	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:May 2, 2026, 4:08 a.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
213191	7.2	HIGH Network	magento	magento	A remote code execution vulnerability exists in Magento 2.1 prior to 2.1.18, Magento 2.2 prior to 2.2.9, Magento 2.3 prior to 2.3.2. An authenticated user with admin privileges to layouts can execute…	NVD-CWE-noinfo	CVE-2019-7895	2024-11-21 13:48	2019-08-3	Show	GitHub Exploit DB Packet Storm

213192	7.2	HIGH Network	magento	magento	A remote code execution vulnerability exists in Magento 2.1 prior to 2.1.18, Magento 2.2 prior to 2.2.9, Magento 2.3 prior to 2.3.2. An authenticated user with administrator privileges to access ship…	CWE-918 Server-Side Request Forgery (SSRF)	CVE-2019-7892	2024-11-21 13:48	2019-08-3	Show	GitHub Exploit DB Packet Storm

213193	7.3	HIGH Network	magento	magento	An Insecure Direct Object Reference (IDOR) vulnerability exists in the order processing workflow of Magento 2.1 prior to 2.1.18, Magento 2.2 prior to 2.2.9, Magento 2.3 prior to 2.3.2. This can lead …	CWE-639 Authorization Bypass Through User-Controlled Key	CVE-2019-7890	2024-11-21 13:48	2019-08-3	Show	GitHub Exploit DB Packet Storm

213194	6.5	MEDIUM Network	magento	magento	An injection vulnerability exists in Magento Open Source prior to 1.9.4.2, and Magento Commerce prior to 1.14.4.2, Magento 2.1 prior to 2.1.18, Magento 2.2 prior to 2.2.9, Magento 2.3 prior to 2.3.2.…	CWE-74 Injection	CVE-2019-7889	2024-11-21 13:48	2019-08-3	Show	GitHub Exploit DB Packet Storm

213195	6.5	MEDIUM Network	magento	magento	An information disclosure vulnerability exists in Magento 2.1 prior to 2.1.18, Magento 2.2 prior to 2.2.9, Magento 2.3 prior to 2.3.2. An authenticated user with privileges to create email templates …	NVD-CWE-noinfo	CVE-2019-7888	2024-11-21 13:48	2019-08-3	Show	GitHub Exploit DB Packet Storm

213196	4.8	MEDIUM Network	magento	magento	A reflected cross-site scripting vulnerability exists in the admin panel of Magento Open Source prior to 1.9.4.2, and Magento Commerce prior to 1.14.4.2, Magento 2.1 prior to 2.1.18, Magento 2.2 prio…	CWE-79 Cross-site Scripting	CVE-2019-7887	2024-11-21 13:48	2019-08-3	Show	GitHub Exploit DB Packet Storm

213197	7.5	HIGH Network	magento	magento	A cryptograhic flaw exists in Magento 2.1 prior to 2.1.18, Magento 2.2 prior to 2.2.9, Magento 2.3 prior to 2.3.2. A weak cryptograhic mechanism is used to generate the intialization vector in multip…	CWE-330 Use of Insufficiently Random Values	CVE-2019-7886	2024-11-21 13:48	2019-08-3	Show	GitHub Exploit DB Packet Storm

213198	8.8	HIGH Network	magento	magento	Insufficient input validation in the config builder of the Elastic search module could lead to remote code execution in Magento 2.1 prior to 2.1.18, Magento 2.2 prior to 2.2.9, Magento 2.3 prior to 2…	CWE-20 Improper Input Validation	CVE-2019-7885	2024-11-21 13:48	2019-08-3	Show	GitHub Exploit DB Packet Storm

213199	5.4	MEDIUM Network	magento	magento	A stored cross-site scripting vulnerability exists in the WYSIWYG editor of Magento Open Source prior to 1.9.4.2, and Magento Commerce prior to 1.14.4.2, Magento 2.1 prior to 2.1.18, Magento 2.2 prio…	CWE-79 Cross-site Scripting	CVE-2019-7882	2024-11-21 13:48	2019-08-3	Show	GitHub Exploit DB Packet Storm

213200	5.4	MEDIUM Network	magento	magento	A cross-site scripting mitigation bypass exists in Magento 2.1 prior to 2.1.18, Magento 2.2 prior to 2.2.9, Magento 2.3 prior to 2.3.2. This could be exploited by an authenticated user to escalate pr…	CWE-79 Cross-site Scripting	CVE-2019-7881	2024-11-21 13:48	2019-08-3	Show	GitHub Exploit DB Packet Storm