Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":May 12, 2026, 2:01 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
229211 6.8 警告 szymon kosok - Szymon Kosok Best Top List の banner-upload.php における banners/ 配下の任意の PHP ファイルを実行される脆弱性 - CVE-2007-4376 2012-12-20 18:33 2007-08-16 Show GitHub Exploit DB Packet Storm
229212 4 警告 rndlabs - Babo Violent におけるメッセージを偽造される脆弱性 - CVE-2007-4374 2012-12-20 18:33 2007-08-16 Show GitHub Exploit DB Packet Storm
229213 6.8 警告 rndlabs - Babo Violent のサーバにおける認証を回避される脆弱性 - CVE-2007-4373 2012-12-20 18:33 2007-08-16 Show GitHub Exploit DB Packet Storm
229214 7.5 危険 racer - Racer の client などにおけるバッファオーバーフローの脆弱性 - CVE-2007-4370 2012-12-20 18:33 2007-08-15 Show GitHub Exploit DB Packet Storm
229215 5 警告 sote - SOTEeSKLEP の go/_files におけるディレクトリトラバーサルの脆弱性 - CVE-2007-4369 2012-12-20 18:33 2007-08-15 Show GitHub Exploit DB Packet Storm
229216 5 警告 wengo - WengoPhone におけるサービス運用妨害 (DoS) の脆弱性 - CVE-2007-4366 2012-12-20 18:33 2007-08-15 Show GitHub Exploit DB Packet Storm
229217 6.8 警告 prozilla - Prozilla Webring の category.php における SQL インジェクションの脆弱性 - CVE-2007-4362 2012-12-20 18:33 2007-08-15 Show GitHub Exploit DB Packet Storm
229218 6.8 警告 skilmatch staffing systems - SkilMatch Staffing Systems JobLister3 における SQL インジェクションの脆弱性 - CVE-2007-4359 2012-12-20 18:33 2007-08-15 Show GitHub Exploit DB Packet Storm
229219 4.3 警告 zoidcom - Zoidcom におけるサービス運用妨害 (DoS) の脆弱性 - CVE-2007-4358 2012-12-20 18:33 2007-08-15 Show GitHub Exploit DB Packet Storm
229220 7.5 危険 phpcentral - PHPCentral Login の include.php における PHP リモートファイルインクルージョンの脆弱性 CWE-94
コード・インジェクション 		CVE-2007-4342 2012-12-20 18:33 2007-08-14 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:May 12, 2026, 5:06 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
222551 6.1 MEDIUM
Network 		openproject openproject An XSS vulnerability in project list in OpenProject before 9.0.4 and 10.x before 10.0.2 allows remote attackers to inject arbitrary web script or HTML via the sortBy parameter because error messages … CWE-79
Cross-site Scripting 		CVE-2019-17092 2024-11-21 13:31 2019-10-10 Show GitHub Exploit DB Packet Storm
222552 7.5 HIGH
Network 		netreo omnicenter Netreo OmniCenter through 12.1.1 allows unauthenticated SQL Injection (Boolean Based Blind) in the redirect parameters and parameter name of the login page through a GET request. The injection allows… CWE-89
SQL Injection 		CVE-2019-17128 2024-11-21 13:31 2019-10-10 Show GitHub Exploit DB Packet Storm
222553 9.8 CRITICAL
Network 		kramerav viaware Kramer VIAware 2.5.0719.1034 has Incorrect Access Control. CWE-276
Incorrect Default Permissions  		CVE-2019-17124 2024-11-21 13:31 2019-10-10 Show GitHub Exploit DB Packet Storm
222554 8.8 HIGH
Network 		fiberhome hg2201t_firmware /var/WEB-GUI/cgi-bin/telnet.cgi on FiberHome HG2201T 1.00.M5007_JS_201804 devices allows pre-authentication remote code execution. CWE-306
Missing Authentication for Critical Function 		CVE-2019-17186 2024-11-21 13:31 2019-10-9 Show GitHub Exploit DB Packet Storm
222555 9.1 CRITICAL
Network 		opendev
canonical 		octavia
ubuntu_linux 		Amphora Images in OpenStack Octavia >=0.10.0 <2.1.2, >=3.0.0 <3.2.0, >=4.0.0 <4.1.0 allows anyone with access to the management network to bypass client-certificate based authentication and retrieve … CWE-287
Improper Authentication 		CVE-2019-17134 2024-11-21 13:31 2019-10-9 Show GitHub Exploit DB Packet Storm
222556 7.5 HIGH
Network 		fiberhome hg2201t_firmware /var/WEB-GUI/cgi-bin/downloadfile.cgi on FiberHome HG2201T 1.00.M5007_JS_201804 devices allows pre-authentication Directory Traversal for reading arbitrary files. CWE-22
Path Traversal 		CVE-2019-17187 2024-11-21 13:31 2019-10-9 Show GitHub Exploit DB Packet Storm
222557 5.3 MEDIUM
Network 		centreon centreon_web The token generator in index.php in Centreon Web before 2.8.27 is predictable. CWE-330
 Use of Insufficiently Random Values 		CVE-2019-17105 2024-11-21 13:31 2019-10-9 Show GitHub Exploit DB Packet Storm
222558 6.1 MEDIUM
Network 		centreon centreon_web Local file inclusion in brokerPerformance.php in Centreon Web before 2.8.28 allows attackers to disclose information or perform a stored XSS attack on a user. CWE-79
Cross-site Scripting 		CVE-2019-17108 2024-11-21 13:31 2019-10-8 Show GitHub Exploit DB Packet Storm
222559 8.8 HIGH
Network 		centreon centreon_web minPlayCommand.php in Centreon Web before 2.8.27 allows authenticated attackers to execute arbitrary code via the command_hostaddress parameter. NOTE: some sources have listed CVE-2019-17017 for this… CWE-78
OS Command  		CVE-2019-17107 2024-11-21 13:31 2019-10-8 Show GitHub Exploit DB Packet Storm
222560 6.5 MEDIUM
Network 		centreon centreon_web In Centreon Web through 2.8.29, disclosure of external components' passwords allows authenticated attackers to move laterally to external components. CWE-312
 Cleartext Storage of Sensitive Information 		CVE-2019-17106 2024-11-21 13:31 2019-10-8 Show GitHub Exploit DB Packet Storm