Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":May 8, 2026, 6 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
229161 10 危険 tinyirc - TinyIdentD におけるスタックベースのバッファオーバーフローの脆弱性 - CVE-2007-2711 2012-12-20 18:19 2007-05-16 Show GitHub Exploit DB Packet Storm
229162 6.8 警告 simple php scripts gallery - sphp の Ivan Peevski gallery における任意の PHP コードを実行される脆弱性 - CVE-2007-2679 2012-12-20 18:19 2007-05-14 Show GitHub Exploit DB Packet Storm
229163 7.5 危険 phpchess - phpChess Community Edition における PHP リモートファイルインクルージョンの脆弱性 - CVE-2007-2677 2012-12-20 18:19 2007-05-14 Show GitHub Exploit DB Packet Storm
229164 7.5 危険 PreProject.com - Pre Classifieds Listings の search.php における SQL インジェクションの脆弱性 - CVE-2007-2675 2012-12-20 18:19 2007-05-14 Show GitHub Exploit DB Packet Storm
229165 7.5 危険 PreProject.com - Pre Shopping Mall の detail.php における SQL インジェクションの脆弱性 - CVE-2007-2674 2012-12-20 18:19 2007-05-14 Show GitHub Exploit DB Packet Storm
229166 7.5 危険 thinc4orce marketing group - PHP Coupon Script の index.php における SQL インジェクションの脆弱性 - CVE-2007-2672 2012-12-20 18:19 2007-05-14 Show GitHub Exploit DB Packet Storm
229167 6.8 警告 webdesproxy - webdesproxy におけるバッファオーバーフローの脆弱性 CWE-119
バッファエラー 		CVE-2007-2668 2012-12-20 18:19 2007-05-14 Show GitHub Exploit DB Packet Storm
229168 7.5 危険 tomasz rekawek - Yaap の includes/common.php における PHP リモートファイルインクルージョンの脆弱性 - CVE-2007-2664 2012-12-20 18:19 2007-05-14 Show GitHub Exploit DB Packet Storm
229169 7.8 危険 precisionid barcode - PrecisionID_DataMatrix.DLL の PrecisionID Barcode ActiveX コントロールにおけるサービス運用妨害 (DoS) の脆弱性 - CVE-2007-2657 2012-12-20 18:19 2007-05-14 Show GitHub Exploit DB Packet Storm
229170 4.4 警告 SUSE
xfsdump		 - xfsdump の xfs_fsr における xfs ファイルシステム上で任意のファイルを上書きされる脆弱性 CWE-362
CWE-Other
CVE-2007-2654 2012-12-20 18:19 2007-05-11 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:May 8, 2026, 4:54 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
223591 7.8 HIGH
Local 		infoway social_photo_gallery The Social Photo Gallery plugin 1.0 for WordPress allows Remote Code Execution by creating an album and attaching a malicious PHP file in the cover photo album, because the file extension is not chec… CWE-434
 Unrestricted Upload of File with Dangerous Type  		CVE-2019-14467 2024-11-21 13:26 2019-11-19 Show GitHub Exploit DB Packet Storm
223592 9.8 CRITICAL
Network 		vocabularyserver tematres TemaTres 3.0 allows remote unprivileged users to create an administrator account NVD-CWE-noinfo
CVE-2019-14345 2024-11-21 13:26 2019-11-15 Show GitHub Exploit DB Packet Storm
223593 5.4 MEDIUM
Network 		vocabularyserver tematres TemaTres 3.0 has stored XSS via the value parameter to the vocab/admin.php?vocabulario_id=list URI. CWE-79
Cross-site Scripting 		CVE-2019-14343 2024-11-21 13:26 2019-11-15 Show GitHub Exploit DB Packet Storm
223594 5.5 MEDIUM
Local 		intel
netapp 		graphics_driver
cloud_backup
steelstore_cloud_integrated_storage
data_availability_services
solidfire_baseboard_management_controller_firmware 		Improper input validation in the API for Intel(R) Graphics Driver versions before 26.20.100.7209 may allow an authenticated user to potentially enable denial of service via local access. CWE-20
 Improper Input Validation  		CVE-2019-14591 2024-11-21 13:26 2019-11-15 Show GitHub Exploit DB Packet Storm
223595 5.5 MEDIUM
Local 		intel
netapp 		graphics_driver
cloud_backup
steelstore_cloud_integrated_storage
data_availability_services
solidfire_baseboard_management_controller_firmware 		Improper access control in the API for the Intel(R) Graphics Driver versions before 26.20.100.7209 may allow an authenticated user to potentially enable information disclosure via local access. CWE-269
 Improper Privilege Management 		CVE-2019-14590 2024-11-21 13:26 2019-11-15 Show GitHub Exploit DB Packet Storm
223596 5.5 MEDIUM
Local 		intel
netapp 		graphics_driver
cloud_backup
steelstore_cloud_integrated_storage
data_availability_services
solidfire_baseboard_management_controller_firmware 		Out of bounds read in a subsystem for Intel(R) Graphics Driver versions before 26.20.100.7209 may allow an authenticated user to potentially enable denial of service via local access. CWE-125
Out-of-bounds Read 		CVE-2019-14574 2024-11-21 13:26 2019-11-15 Show GitHub Exploit DB Packet Storm
223597 7.8 HIGH
Local 		intel software_guard_extensions_sdk Insufficient input validation in Intel(R) SGX SDK multiple Linux and Windows versions may allow an authenticated user to enable information disclosure, escalation of privilege or denial of service vi… CWE-20
 Improper Input Validation  		CVE-2019-14566 2024-11-21 13:26 2019-11-15 Show GitHub Exploit DB Packet Storm
223598 7.8 HIGH
Local 		intel software_guard_extensions_sdk Insufficient initialization in Intel(R) SGX SDK Windows versions 2.4.100.51291 and earlier, and Linux versions 2.6.100.51363 and earlier, may allow an authenticated user to enable information disclos… CWE-665
 Improper Initialization 		CVE-2019-14565 2024-11-21 13:26 2019-11-15 Show GitHub Exploit DB Packet Storm
223599 7.5 HIGH
Network 		slack-chat_project slack-chat Slack-Chat through 1.5.5 leaks a Slack Access Token in source code. An attacker can obtain a lot of information about the victim's Slack (channels, members, etc.). CWE-200
Information Exposure 		CVE-2019-14367 2024-11-21 13:26 2019-11-13 Show GitHub Exploit DB Packet Storm
223600 7.5 HIGH
Network 		slack wp_slacksync WP SlackSync plugin through 1.8.5 for WordPress leaks a Slack Access Token in source code. An attacker can obtain a lot of information about the victim's Slack (channels, members, etc.). CWE-200
Information Exposure 		CVE-2019-14366 2024-11-21 13:26 2019-11-13 Show GitHub Exploit DB Packet Storm