Vulnerability Search Top

Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

Vulnerability Information Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":May 13, 2026, 6 p.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
229351	6.8	警告	rndlabs	-	Babo Violent におけるフォーマットストリングの脆弱性	-	CVE-2007-4378	2012-12-20 18:33	2007-08-16	Show	GitHub Exploit DB Packet Storm

229352	6.8	警告	szymon kosok	-	Szymon Kosok Best Top List の banner-upload.php における banners/ 配下の任意の PHP ファイルを実行される脆弱性	-	CVE-2007-4376	2012-12-20 18:33	2007-08-16	Show	GitHub Exploit DB Packet Storm

229353	4	警告	rndlabs	-	Babo Violent におけるメッセージを偽造される脆弱性	-	CVE-2007-4374	2012-12-20 18:33	2007-08-16	Show	GitHub Exploit DB Packet Storm

229354	6.8	警告	rndlabs	-	Babo Violent のサーバにおける認証を回避される脆弱性	-	CVE-2007-4373	2012-12-20 18:33	2007-08-16	Show	GitHub Exploit DB Packet Storm

229355	7.5	危険	racer	-	Racer の client などにおけるバッファオーバーフローの脆弱性	-	CVE-2007-4370	2012-12-20 18:33	2007-08-15	Show	GitHub Exploit DB Packet Storm

229356	5	警告	sote	-	SOTEeSKLEP の go/_files におけるディレクトリトラバーサルの脆弱性	-	CVE-2007-4369	2012-12-20 18:33	2007-08-15	Show	GitHub Exploit DB Packet Storm

229357	5	警告	wengo	-	WengoPhone におけるサービス運用妨害 (DoS) の脆弱性	-	CVE-2007-4366	2012-12-20 18:33	2007-08-15	Show	GitHub Exploit DB Packet Storm

229358	6.8	警告	prozilla	-	Prozilla Webring の category.php における SQL インジェクションの脆弱性	-	CVE-2007-4362	2012-12-20 18:33	2007-08-15	Show	GitHub Exploit DB Packet Storm

229359	6.8	警告	skilmatch staffing systems	-	SkilMatch Staffing Systems JobLister3 における SQL インジェクションの脆弱性	-	CVE-2007-4359	2012-12-20 18:33	2007-08-15	Show	GitHub Exploit DB Packet Storm

229360	4.3	警告	zoidcom	-	Zoidcom におけるサービス運用妨害 (DoS) の脆弱性	-	CVE-2007-4358	2012-12-20 18:33	2007-08-15	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:May 13, 2026, 5:05 a.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
222681	6.1	MEDIUM Network	dormsystem_project	dormsystem	tonyy dormsystem through 1.3 allows DOM XSS.	CWE-79 Cross-site Scripting	CVE-2019-17581	2024-11-21 13:32	2019-10-24	Show	GitHub Exploit DB Packet Storm

222682	6.5	MEDIUM Network	xml_language_server_project eclipse theia_xml_extension_project	xml_server_project wild_web_developer theia_xml_extension	XMLLanguageService.java in XML Language Server (aka lsp4xml) before 0.9.1, as used in Red Hat XML Language Support (aka vscode-xml) before 0.9.1 for Visual Studio and other products, allows a remote …	CWE-22 Path Traversal	CVE-2019-18212	2024-11-21 13:32	2019-10-24	Show	GitHub Exploit DB Packet Storm

222683	8.8	HIGH Network	xml_language_server_project eclipse theia_xml_extension_project	xml_server_project wild_web_developer theia_xml_extension	XML Language Server (aka lsp4xml) before 0.9.1, as used in Red Hat XML Language Support (aka vscode-xml) before 0.9.1 for Visual Studio and other products, allows XXE via a crafted XML document, with…	CWE-611 XXE	CVE-2019-18213	2024-11-21 13:32	2019-10-24	Show	GitHub Exploit DB Packet Storm

222684	6.1	MEDIUM Network	hexo-admin_project	hexo-admin	The Post editor functionality in the hexo-admin plugin versions 2.3.0 and earlier for Node.js is vulnerable to stored XSS via the content of a post.	CWE-79 Cross-site Scripting	CVE-2019-17606	2024-11-21 13:32	2019-10-24	Show	GitHub Exploit DB Packet Storm

222685	4.3	MEDIUM Network	qt debian	qtbase debian_linux	An out-of-bounds memory access in the generateDirectionalRuns() function in qtextengine.cpp in Qt qtbase 5.11.x and 5.12.x before 5.12.5 allows attackers to cause a denial of service by crashing an a…	CWE-119 Incorrect Access of Indexable Resource ('Range Error')	CVE-2019-18281	2024-11-21 13:32	2019-10-24	Show	GitHub Exploit DB Packet Storm

222686	8.8	HIGH Network	online_grading_system_project	online_grading_system	Sourcecodester Online Grading System 1.0 is affected by a Cross Site Request Forgery vulnerability due to a lack of CSRF protection. This could lead to an attacker tricking the administrator into exe…	CWE-352 Origin Validation Error	CVE-2019-18280	2024-11-21 13:32	2019-10-23	Show	GitHub Exploit DB Packet Storm

222687	7.8	HIGH Local	videolan	vlc_media_player	When executing VideoLAN VLC media player 3.0.8 with libqt on Windows, Data from a Faulting Address controls Code Flow starting at libqt_plugin!vlc_entry_license__3_0_0f+0x00000000003b9aba. NOTE: the …	NVD-CWE-noinfo	CVE-2019-18278	2024-11-21 13:32	2019-10-23	Show	GitHub Exploit DB Packet Storm

222688	8.8	HIGH Network	sitemagic	sitemagic	Sitemagic CMS 4.4.1 is affected by a Cross-Site-Request-Forgery (CSRF) issue as it doesn't implement any method to validate incoming requests, allowing the execution of critical functionalities via s…	CWE-352 Origin Validation Error	CVE-2019-18220	2024-11-21 13:32	2019-10-23	Show	GitHub Exploit DB Packet Storm

222689	7.5	HIGH Network	haproxy	haproxy	A flaw was found in HAProxy before 2.0.6. In legacy mode, messages featuring a transfer-encoding header missing the "chunked" value were not being correctly rejected. The impact was limited but if co…	CWE-444 HTTP Request Smuggling	CVE-2019-18277	2024-11-21 13:32	2019-10-23	Show	GitHub Exploit DB Packet Storm

222690	6.1	MEDIUM Network	sitemagic	sitemagic	Sitemagic CMS 4.4.1 is affected by a Cross-Site-Scripting (XSS) vulnerability, as it fails to validate user input. The affected components (index.php, upgrade.php) allow for JavaScript injection with…	CWE-79 Cross-site Scripting	CVE-2019-18219	2024-11-21 13:32	2019-10-23	Show	GitHub Exploit DB Packet Storm