Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":May 12, 2026, 6 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
229241 5 警告 ynp - YNP Portal System の showpage.cgi におけるディレクトリトラバーサルの脆弱性 - CVE-2007-4256 2012-12-20 18:33 2007-08-8 Show GitHub Exploit DB Packet Storm
229242 4.3 警告 toolbar gaming - Internet Explorer 用の Toolbar Gaming ツールバーにおけるサービス運用妨害 (DoS) の脆弱性 - CVE-2007-4248 2012-12-20 18:33 2007-08-8 Show GitHub Exploit DB Packet Storm
229243 9.3 危険 vietphp - VietPHP における PHP リモートファイルインクルージョンの脆弱性 - CVE-2007-4235 2012-12-20 18:33 2007-08-8 Show GitHub Exploit DB Packet Storm
229244 4.3 警告 PHPNUKE - PHP-Nuke の Search モジュールにおけるクロスサイトスクリプティングの脆弱性 - CVE-2007-4212 2012-12-20 18:33 2007-08-7 Show GitHub Exploit DB Packet Storm
229245 7.5 危険 redline software - la-nai CMS の module.php における SQL インジェクションの脆弱性 - CVE-2007-4210 2012-12-20 18:33 2007-08-7 Show GitHub Exploit DB Packet Storm
229246 4.3 警告 The Sleuth Kit - Brian Carrier TSK の ext2fs.c におけるサービス運用妨害 (DoS) 脆弱性 - CVE-2007-4195 2012-12-20 18:33 2007-08-7 Show GitHub Exploit DB Packet Storm
229247 5 警告 TIBCO Software - TIBCO RV クライアントのデフォルト設定におけるメッセージの内容をキャプチャされる脆弱性 - CVE-2007-4160 2012-12-20 18:33 2007-08-3 Show GitHub Exploit DB Packet Storm
229248 5 警告 TIBCO Software - TIBCO RV の特定のデーモンにおけるユーザ名などの重要な情報を取得される脆弱性 - CVE-2007-4159 2012-12-20 18:33 2007-08-3 Show GitHub Exploit DB Packet Storm
229249 7.8 危険 TIBCO Software - TIBCO rvd におけるサービス運用妨害 (DoS) の脆弱性 CWE-399
リソース管理の問題 		CVE-2007-4158 2012-12-20 18:33 2007-08-3 Show GitHub Exploit DB Packet Storm
229250 5 警告 phpblogger - PHPBlogger における admin パスワードハッシュを含むデータベースをダウンロードされる脆弱性 - CVE-2007-4157 2012-12-20 18:33 2007-08-3 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:May 13, 2026, 5:05 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
222461 8.8 HIGH
Network 		sourcecodester restaurant_management_system Sourcecodester Restaurant Management System 1.0 allows an authenticated attacker to upload arbitrary files that can result in code execution. The issue occurs because the application fails to adequat… CWE-434
 Unrestricted Upload of File with Dangerous Type  		CVE-2019-18417 2024-11-21 13:33 2019-10-25 Show GitHub Exploit DB Packet Storm
222462 6.1 MEDIUM
Network 		restaurant_management_system_project restaurant_management_system Sourcecodester Restaurant Management System 1.0 allows XSS via the Last Name field of a member. CWE-79
Cross-site Scripting 		CVE-2019-18416 2024-11-21 13:33 2019-10-25 Show GitHub Exploit DB Packet Storm
222463 6.1 MEDIUM
Network 		restaurant_management_system_project restaurant_management_system Sourcecodester Restaurant Management System 1.0 allows XSS via the "send a message" screen. CWE-79
Cross-site Scripting 		CVE-2019-18415 2024-11-21 13:33 2019-10-25 Show GitHub Exploit DB Packet Storm
222464 8.8 HIGH
Network 		sourcecodester restaurant_management_system Sourcecodester Restaurant Management System 1.0 is affected by an admin/staff-exec.php Cross Site Request Forgery vulnerability due to a lack of CSRF protection. This could lead to an attacker tricki… CWE-352
 Origin Validation Error 		CVE-2019-18414 2024-11-21 13:33 2019-10-25 Show GitHub Exploit DB Packet Storm
222465 9.8 CRITICAL
Network 		typestack_class-validator_project typestack_class-validator In TypeStack class-validator 0.10.2, validate() input validation can be bypassed because certain internal attributes can be overwritten via a conflicting name. Even though there is an optional forbid… CWE-79
CWE-89
Cross-site Scripting
SQL Injection 		CVE-2019-18413 2024-11-21 13:33 2019-10-25 Show GitHub Exploit DB Packet Storm
222466 7.8 HIGH
Local 		zenspider ruby_parser-legacy The ruby_parser-legacy (aka legacy) gem 1.0.0 for Ruby allows local privilege escalation because of world-writable files. For example, if the brakeman gem (which has a legacy dependency) 4.5.0 throug… CWE-732
 Incorrect Permission Assignment for Critical Resource 		CVE-2019-18409 2024-11-21 13:33 2019-10-24 Show GitHub Exploit DB Packet Storm
222467 7.5 HIGH
Network 		libarchive
debian
canonical 		libarchive
debian_linux
ubuntu_linux 		archive_read_format_rar_read_data in archive_read_support_format_rar.c in libarchive before 3.4.0 has a use-after-free in a certain ARCHIVE_FAILED situation, related to Ppmd7_DecodeSymbol. CWE-416
 Use After Free 		CVE-2019-18408 2024-11-21 13:33 2019-10-24 Show GitHub Exploit DB Packet Storm
222468 9.8 CRITICAL
Network 		igniterealtime openfire A Server Side Request Forgery (SSRF) vulnerability in FaviconServlet.java in Ignite Realtime Openfire through 4.4.2 allows attackers to send arbitrary HTTP GET requests. CWE-918
Server-Side Request Forgery (SSRF)  		CVE-2019-18394 2024-11-21 13:33 2019-10-24 Show GitHub Exploit DB Packet Storm
222469 5.3 MEDIUM
Network 		igniterealtime openfire PluginServlet.java in Ignite Realtime Openfire through 4.4.2 does not ensure that retrieved files are located under the Openfire home directory, aka a directory traversal vulnerability. CWE-22
Path Traversal 		CVE-2019-18393 2024-11-21 13:33 2019-10-24 Show GitHub Exploit DB Packet Storm
222470 9.8 CRITICAL
Network 		hotel_and_lodge_management_system_project hotel_and_lodge_management_system Sourcecodester Hotel and Lodge Management System 1.0 is vulnerable to unauthenticated SQL injection and can allow remote attackers to execute arbitrary SQL commands via the id parameter to the edit p… CWE-89
SQL Injection 		CVE-2019-18387 2024-11-21 13:33 2019-10-24 Show GitHub Exploit DB Packet Storm