Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":May 11, 2026, 6:01 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
229311 5 警告 SAP - EnjoySAP SAP GUI の ActiveX コントロールにおけるサービス運用妨害 (DoS) の脆弱性 - CVE-2007-3607 2012-12-20 18:33 2007-07-6 Show GitHub Exploit DB Packet Storm
229312 7.6 危険 SAP - EnjoySAP SAP GUI の rfcguisink.rfcguisink.1 ActiveX コントロールにおけるヒープベースのバッファオーバーフローの脆弱性 - CVE-2007-3606 2012-12-20 18:33 2007-07-6 Show GitHub Exploit DB Packet Storm
229313 7.6 危険 SAP - EnjoySAP SAP GUI の FrontEnd\SapGui\kwedit.dll におけるスタックベースのバッファオーバーフローの脆弱性 - CVE-2007-3605 2012-12-20 18:33 2007-07-6 Show GitHub Exploit DB Packet Storm
229314 4 警告 Vtiger - vtiger CRM におけるデータ制限を回避される脆弱性 - CVE-2007-3604 2012-12-20 18:33 2007-03-7 Show GitHub Exploit DB Packet Storm
229315 6.5 警告 Vtiger - vtiger CRM の dashboard における SQL インジェクションの脆弱性 - CVE-2007-3603 2012-12-20 18:33 2007-03-7 Show GitHub Exploit DB Packet Storm
229316 5.5 警告 Vtiger - vtiger CRM の SOAP Web サービスにおけるデータをアクセスされる脆弱性 - CVE-2007-3602 2012-12-20 18:33 2007-02-26 Show GitHub Exploit DB Packet Storm
229317 2.1 注意 Vtiger - vtiger CRM における特定ユーザのカレンダー項目を読まれる脆弱性 - CVE-2007-3601 2012-12-20 18:33 2007-05-31 Show GitHub Exploit DB Packet Storm
229318 4 警告 Vtiger - vtiger CRM の wordintegration コンポーネントにおけるフィールドレベルのセキュリティパーミッションを回避される脆弱性 - CVE-2007-3600 2012-12-20 18:33 2007-05-9 Show GitHub Exploit DB Packet Storm
229319 8.5 危険 Vtiger - vtiger CRM における連絡先情報をインポートされるなどの脆弱性 - CVE-2007-3599 2012-12-20 18:33 2007-02-9 Show GitHub Exploit DB Packet Storm
229320 5.5 警告 Vtiger - index.php の vtiger CRM における全ユーザ名などを取得される脆弱性 - CVE-2007-3598 2012-12-20 18:33 2007-02-5 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:May 11, 2026, 4:09 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
222771 5.4 MEDIUM
Network 		zrlog zrlog An issue was discovered in ZrLog 2.1.1. There is a Stored XSS vulnerability in the article_edit area. CWE-79
Cross-site Scripting 		CVE-2019-16643 2024-11-21 13:30 2019-09-21 Show GitHub Exploit DB Packet Storm
222772 6.1 MEDIUM
Network 		draytek vigor2925_firmware On DrayTek Vigor2925 devices with firmware 3.8.4.3, XSS exists via a crafted WAN name on the General Setup screen. NOTE: this is an end-of-life product. CWE-79
Cross-site Scripting 		CVE-2019-16534 2024-11-21 13:30 2019-09-21 Show GitHub Exploit DB Packet Storm
222773 6.1 MEDIUM
Network 		draytek vigor2925_firmware On DrayTek Vigor2925 devices with firmware 3.8.4.3, Incorrect Access Control exists in loginset.htm, and can be used to trigger XSS. NOTE: this is an end-of-life product. CWE-79
Cross-site Scripting 		CVE-2019-16533 2024-11-21 13:30 2019-09-21 Show GitHub Exploit DB Packet Storm
222774 9.8 CRITICAL
Network 		yejiao tuzicms App\Mobile\Controller\ZhuantiController.class.php in TuziCMS 2.0.6 has SQL injection via the index.php/Mobile/Zhuanti/group?id= substring. CWE-89
SQL Injection 		CVE-2019-16642 2024-11-21 13:30 2019-09-21 Show GitHub Exploit DB Packet Storm
222775 8.8 HIGH
Network 		layerbb layerbb LayerBB before 1.1.4 has multiple CSRF issues, as demonstrated by changing the System Settings via admin/general.php. CWE-352
 Origin Validation Error 		CVE-2019-16531 2024-11-21 13:30 2019-09-20 Show GitHub Exploit DB Packet Storm
222776 6.1 MEDIUM
Network 		checklist checklist An XSS issue was discovered in the checklist plugin before 1.1.9 for WordPress. The fill parameter is not correctly filtered in the checklist-icon.php file, and it is possible to inject JavaScript co… CWE-79
Cross-site Scripting 		CVE-2019-16525 2024-11-21 13:30 2019-09-20 Show GitHub Exploit DB Packet Storm
222777 5.5 MEDIUM
Local 		firegiant wix_toolset An issue was discovered in DTF in FireGiant WiX Toolset before 3.11.2. Microsoft.Deployment.Compression.Cab.dll and Microsoft.Deployment.Compression.Zip.dll allow directory traversal during CAB or ZI… CWE-22
Path Traversal 		CVE-2019-16511 2024-11-21 13:30 2019-09-20 Show GitHub Exploit DB Packet Storm
222778 7.5 HIGH
Network 		mz-automation libiec61850 libIEC61850 through 1.3.3 has a use-after-free in MmsServer_waitReady in mms/iso_mms/server/mms_server.c, as demonstrated by server_example_goose. CWE-416
 Use After Free 		CVE-2019-16510 2024-11-21 13:30 2019-09-20 Show GitHub Exploit DB Packet Storm
222779 7.5 HIGH
Network 		tendacn n301_firmware In goform/setSysTools on Tenda N301 wireless routers, attackers can trigger a device crash via a zero wanMTU value. (Prohibition of this zero value is only enforced within the GUI.) CWE-20
 Improper Input Validation  		CVE-2019-16412 2024-11-21 13:30 2019-09-20 Show GitHub Exploit DB Packet Storm
222780 6.8 MEDIUM
Physics 		keeper k5_firmware On Keeper K5 20.1.0.25 and 20.1.0.63 devices, remote code execution can occur by inserting an SD card containing a file named zskj_script_run.sh that executes a reverse shell. CWE-345
 Insufficient Verification of Data Authenticity 		CVE-2019-16398 2024-11-21 13:30 2019-09-20 Show GitHub Exploit DB Packet Storm