Vulnerability Search Top

Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

Vulnerability Information Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":May 10, 2026, 6 p.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
229331	7.5	危険	pl-php	-	pL-PHP の admin.php におけるディレクトリトラバーサルの脆弱性	-	CVE-2007-2008	2012-12-20 18:19	2007-04-12	Show	GitHub Exploit DB Packet Storm

229332	10	危険	stephen craton	-	Stephen Craton Chatness の admin/options.php における classes/vars.php などの設定ファイルを読まれる脆弱性	-	CVE-2007-2147	2012-12-20 18:19	2007-04-19	Show	GitHub Exploit DB Packet Storm

229333	7.5	危険	shoutpro	-	ShoutPro の shoutbox.php における shouts.php へ任意の PHP コードを挿入される脆弱性	-	CVE-2007-2141	2012-12-20 18:19	2007-04-19	Show	GitHub Exploit DB Packet Storm

229334	7.5	危険	rha7 downloads	-	XOOPS 用の rha7downloads モジュールにおける SQL インジェクションの脆弱性	-	CVE-2007-2107	2012-12-20 18:19	2007-04-18	Show	GitHub Exploit DB Packet Storm

229335	6.8	警告	wabbit	-	Wabbit PHP Gallery の showpic.php におけるクロスサイトスクリプティングの脆弱性	-	CVE-2007-2098	2012-12-20 18:19	2007-04-18	Show	GitHub Exploit DB Packet Storm

229336	7.5	危険	tsdisplay4xoops	-	TSD4XOOPS の blocks/tsdisplay4xoops_block2.php における PHP リモートファイルインクルージョンの脆弱性	CWE-94 コード・インジェクション	CVE-2007-2091	2012-12-20 18:19	2007-04-18	Show	GitHub Exploit DB Packet Storm

229337	6.8	警告	tumusika evolution	-	TuMusika Evolution の index.php におけるクロスサイトスクリプティングの脆弱性	-	CVE-2007-2090	2012-12-20 18:19	2007-04-18	Show	GitHub Exploit DB Packet Storm

229338	7.5	危険	pl-php	-	pL-PHP の admin.php における認証を回避される脆弱性	-	CVE-2007-2007	2012-12-20 18:19	2007-04-12	Show	GitHub Exploit DB Packet Storm

229339	7.5	危険	pl-php	-	pL-PHP の login.php における SQL インジェクションの脆弱性	-	CVE-2007-2006	2012-12-20 18:19	2007-04-12	Show	GitHub Exploit DB Packet Storm

229340	7.5	危険	raphael limbach	-	Crea-Book の admin/admin.php における SQL インジェクションの脆弱性	CWE-89 SQLインジェクション	CVE-2007-2000	2012-12-20 18:19	2007-04-12	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:May 11, 2026, 4:09 a.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
223011	5.4	MEDIUM Network	nextcloud	nextcloud_server	A missing check in Nextcloud Server 17.0.0 allowed an attacker to set up a new second factor when trying to login.	NVD-CWE-noinfo	CVE-2019-15617	2024-11-21 13:29	2020-02-5	Show	GitHub Exploit DB Packet Storm

223012	4.3	MEDIUM Network	nextcloud	nextcloud_server	Dangling remote share attempts in Nextcloud 16 allow a DNS pollution when running long.	CWE-74 Injection	CVE-2019-15616	2024-11-21 13:29	2020-02-5	Show	GitHub Exploit DB Packet Storm

223013	6.1	MEDIUM Physics	nextcloud	nextcloud	A wrong check for the system time in the Android App 3.9.0 causes a bypass of the lock protection when changing the time of the system to the past.	CWE-287 Improper Authentication	CVE-2019-15615	2024-11-21 13:29	2020-02-5	Show	GitHub Exploit DB Packet Storm

223014	5.4	MEDIUM Network	nextcloud	nextcloud	Missing sanitization in the iOS App 2.24.4 causes an XSS when opening malicious HTML files.	CWE-79 Cross-site Scripting	CVE-2019-15614	2024-11-21 13:29	2020-02-5	Show	GitHub Exploit DB Packet Storm

223015	8.0	HIGH Network	nextcloud opensuse	nextcloud_server backports	A bug in Nextcloud Server 17.0.1 causes the workflow rules to depend their behaviour on the file extension when checking file mimetypes.	CWE-345 Insufficient Verification of Data Authenticity	CVE-2019-15613	2024-11-21 13:29	2020-02-5	Show	GitHub Exploit DB Packet Storm

223016	5.9	MEDIUM Physics	nextcloud	nextcloud_server	A bug in Nextcloud Server 15.0.2 causes pending 2FA logins to not be correctly expired when the password of the user is reset.	CWE-384 Session Fixation	CVE-2019-15612	2024-11-21 13:29	2020-02-5	Show	GitHub Exploit DB Packet Storm

223017	4.9	MEDIUM Network	nextcloud	nextcloud	Violation of Secure Design Principles in the iOS App 2.23.0 causes the app to leak its login and token to other Nextcloud services when search e.g. for federated users or registering for push notific…	NVD-CWE-Other	CVE-2019-15611	2024-11-21 13:29	2020-02-5	Show	GitHub Exploit DB Packet Storm

223018	4.3	MEDIUM Network	nextcloud	circles	Improper authorization in the Circles app 0.17.7 causes retaining access when an email address was removed from a circle.	NVD-CWE-Other	CVE-2019-15610	2024-11-21 13:29	2020-02-5	Show	GitHub Exploit DB Packet Storm

223019	5.4	MEDIUM Network	nodered	node-red	A stored XSS vulnerability is present within node-red (version: <= 0.20.7) npm package, which is a visual tool for wiring the Internet of Things. This issue will allow the attacker to steal session c…	CWE-79 Cross-site Scripting	CVE-2019-15607	2024-11-21 13:29	2020-01-28	Show	GitHub Exploit DB Packet Storm

223020	7.5	HIGH Network	gitlab	gitlab	An access control issue exists in < 12.3.5, < 12.2.8, and < 12.1.14 for GitLab Community Edition (CE) and Enterprise Edition (EE) where private merge requests and issues would be disclosed with the G…	NVD-CWE-Other	CVE-2019-15590	2024-11-21 13:29	2020-01-28	Show	GitHub Exploit DB Packet Storm