Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":May 11, 2026, 6:01 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
229341 4.3 警告 rainworx - rwAuction Pro の search.asp におけるクロスサイトスクリプティングの脆弱性 - CVE-2007-3540 2012-12-20 18:19 2007-07-3 Show GitHub Exploit DB Packet Storm
229342 7.5 危険 qt-cute - QuickTicket およびの QuickTalk フォーラムにおける SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2007-3539 2012-12-20 18:19 2007-07-3 Show GitHub Exploit DB Packet Storm
229343 7.5 危険 qt-cute - QuickTalk guestbook の qtg_msg_view.php における SQL インジェクションの脆弱性 - CVE-2007-3538 2012-12-20 18:19 2007-07-3 Show GitHub Exploit DB Packet Storm
229344 7.2 危険 php director - PHPDirector における権限を取得される脆弱性 - CVE-2007-3530 2012-12-20 18:19 2007-07-3 Show GitHub Exploit DB Packet Storm
229345 7.8 危険 php director - PHPDirector の videos.php における重要な情報を取得される脆弱性 - CVE-2007-3529 2012-12-20 18:19 2007-07-3 Show GitHub Exploit DB Packet Storm
229346 7.5 危険 Vastal I-Tech & Co. - Buddy Zone における SQL インジェクションの脆弱性 - CVE-2007-3526 2012-12-20 18:19 2007-07-3 Show GitHub Exploit DB Packet Storm
229347 7.8 危険 ripe website manager - Ripe Website Manager における設定情報を取得される脆弱性 - CVE-2007-3525 2012-12-20 18:19 2007-07-3 Show GitHub Exploit DB Packet Storm
229348 6.8 警告 ripe website manager - Ripe Website Manager における PHP リモートファイルインクルージョンの脆弱性 - CVE-2007-3524 2012-12-20 18:19 2007-07-3 Show GitHub Exploit DB Packet Storm
229349 6.8 警告 sphpell - sPHPell における PHP リモートファイルインクルージョンの脆弱性 - CVE-2007-3522 2012-12-20 18:19 2007-07-3 Show GitHub Exploit DB Packet Storm
229350 7.5 危険 wesmo - phpEventCalendar の eventdisplay.php における SQL インジェクションの脆弱性 - CVE-2007-3519 2012-12-20 18:19 2007-07-3 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:May 11, 2026, 4:09 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
222881 5.3 MEDIUM
Network 		limesurvey limesurvey A path disclosure vulnerability was found in Limesurvey before 3.17.14 that allows a remote attacker to discover the path to the application in the filesystem. NVD-CWE-noinfo
CVE-2019-16176 2024-11-21 13:30 2019-09-10 Show GitHub Exploit DB Packet Storm
222882 4.3 MEDIUM
Network 		limesurvey limesurvey A clickjacking vulnerability was found in Limesurvey before 3.17.14. CWE-1021
 Improper Restriction of Rendered UI Layers or Frames 		CVE-2019-16175 2024-11-21 13:30 2019-09-10 Show GitHub Exploit DB Packet Storm
222883 8.8 HIGH
Network 		limesurvey limesurvey An XML injection vulnerability was found in Limesurvey before 3.17.14 that allows remote attackers to import specially crafted XML files and execute code or compromise data integrity. CWE-611
XXE 		CVE-2019-16174 2024-11-21 13:30 2019-09-10 Show GitHub Exploit DB Packet Storm
222884 6.1 MEDIUM
Network 		liferay liferay_portal Liferay Portal through 7.2.0 GA1 allows XSS via a journal article title to journal_article/page.jsp in journal/journal-taglib. CWE-79
Cross-site Scripting 		CVE-2019-16147 2024-11-21 13:30 2019-09-10 Show GitHub Exploit DB Packet Storm
222885 6.1 MEDIUM
Network 		padrinorb padrino-contrib The breadcrumbs contributed module through 0.2.0 for Padrino Framework allows XSS via a caption. CWE-79
Cross-site Scripting 		CVE-2019-16145 2024-11-21 13:30 2019-09-10 Show GitHub Exploit DB Packet Storm
222886 9.8 CRITICAL
Network 		dlink dir-868l_firmware
dir-885l_firmware
dir-895l_firmware 		SharePort Web Access on D-Link DIR-868L REVB through 2.03, DIR-885L REVA through 1.20, and DIR-895L REVA through 1.21 devices allows Authentication Bypass, as demonstrated by a direct request to fold… CWE-287
Improper Authentication 		CVE-2019-16190 2024-11-21 13:30 2019-09-10 Show GitHub Exploit DB Packet Storm
222887 5.4 MEDIUM
Network 		limesurvey limesurvey LimeSurvey before v3.17.14 allows reflected XSS for escalating privileges from a low-privileged account to, for example, SuperAdmin. This occurs in application/core/Survey_Common_Action.php, CWE-79
Cross-site Scripting 		CVE-2019-16173 2024-11-21 13:30 2019-09-10 Show GitHub Exploit DB Packet Storm
222888 5.4 MEDIUM
Network 		limesurvey limesurvey LimeSurvey before v3.17.14 allows stored XSS for escalating privileges from a low-privileged account to, for example, SuperAdmin. The attack uses a survey group in which the title contains JavaScript… CWE-79
Cross-site Scripting 		CVE-2019-16172 2024-11-21 13:30 2019-09-10 Show GitHub Exploit DB Packet Storm
222889 5.5 MEDIUM
Local 		sysstat_project
fedoraproject
opensuse
canonical
debian 		sysstat
fedora
leap
ubuntu_linux
debian_linux 		sysstat before 12.1.6 has memory corruption due to an Integer Overflow in remap_struct() in sa_common.c. CWE-787
CWE-190
 Out-of-bounds Write
 Integer Overflow or Wraparound 		CVE-2019-16167 2024-11-21 13:30 2019-09-10 Show GitHub Exploit DB Packet Storm
222890 6.5 MEDIUM
Network 		gnu cflow GNU cflow through 1.6 has a heap-based buffer over-read in the nexttoken function in parser.c. CWE-125
Out-of-bounds Read 		CVE-2019-16166 2024-11-21 13:30 2019-09-10 Show GitHub Exploit DB Packet Storm