Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":May 9, 2026, 6 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
229351 7.5 危険 XOOPS - XOOPS 用の WF-Snippets モジュールにおける SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2007-1962 2012-12-20 18:19 2007-04-11 Show GitHub Exploit DB Packet Storm
229352 7.5 危険 phpBB - phpBB 用の Mutant ポータルの mutant_functions.php における PHP リモートファイルインクルージョンの脆弱性 - CVE-2007-1961 2012-12-20 18:19 2007-04-11 Show GitHub Exploit DB Packet Storm
229353 7.5 危険 XOOPS - XOOPS 用の Rha7 Downloads モジュールにおける SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2007-1960 2012-12-20 18:19 2007-04-11 Show GitHub Exploit DB Packet Storm
229354 10 危険 tinymux - TinyMUX の command.cpp における脆弱性 - CVE-2007-1959 2012-12-20 18:19 2007-04-11 Show GitHub Exploit DB Packet Storm
229355 5 警告 tinymux - TinyMUX におけるバッファオーバーフローの脆弱性 - CVE-2007-1958 2012-12-20 18:19 2007-04-11 Show GitHub Exploit DB Packet Storm
229356 7.5 危険 UBB Systems - Groupee UBB.threads の ubbthreads.php における SQL インジェクションの脆弱性 - CVE-2007-1956 2012-12-20 18:19 2007-04-10 Show GitHub Exploit DB Packet Storm
229357 10 危険 signkorea - SignKorea SKCrypAX ActiveX コントロールモジュールにおけるスタックベースのバッファオーバーフローの脆弱性 - CVE-2007-1955 2012-12-20 18:19 2007-04-10 Show GitHub Exploit DB Packet Storm
229358 4.3 警告 webblizzard - WebBlizzard CMS の index_cms.php におけるクロスサイトスクリプティングの脆弱性 - CVE-2007-1950 2012-12-20 18:19 2007-04-10 Show GitHub Exploit DB Packet Storm
229359 7.5 危険 webblizzard - WebBlizzard CMS におけるセッションをハイジャックされる脆弱性 CWE-287
不適切な認証 		CVE-2007-1949 2012-12-20 18:19 2007-04-10 Show GitHub Exploit DB Packet Storm
229360 6.8 警告 scar4u.de - ScarAdControl の scaradcontrol.php における PHP リモートファイルインクルージョンの脆弱性 - CVE-2007-1936 2012-12-20 18:19 2007-04-10 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:May 10, 2026, 4:58 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
223251 8.8 HIGH
Network 		linkplay linkplay An issue was discovered on Zolo Halo devices via the Linkplay firmware. There is a Zolo Halo DNS rebinding attack. The device was found to be vulnerable to DNS rebinding. Combined with one of the man… NVD-CWE-noinfo
CVE-2019-15312 2024-11-21 13:28 2020-07-2 Show GitHub Exploit DB Packet Storm
223252 9.8 CRITICAL
Network 		linkplay linkplay An issue was discovered on Zolo Halo devices via the Linkplay firmware. There is Zolo Halo LAN remote code execution. The Zolo Halo Bluetooth speaker had a GoAhead web server listening on the port 80… CWE-78
OS Command  		CVE-2019-15311 2024-11-21 13:28 2020-07-2 Show GitHub Exploit DB Packet Storm
223253 9.8 CRITICAL
Network 		linkplay linkplay An issue was discovered on various devices via the Linkplay firmware. There is WAN remote code execution without user interaction. An attacker could retrieve the AWS key from the firmware and obtain … CWE-78
CWE-639
OS Command 
 Authorization Bypass Through User-Controlled Key 		CVE-2019-15310 2024-11-21 13:28 2020-07-2 Show GitHub Exploit DB Packet Storm
223254 7.2 HIGH
Network 		vikisolutions vera The Branding Module in Viki Vera 4.9.1.26180 allows an authenticated user to change the logo on the website. An attacker could use this to upload a malicious .aspx file and gain Remote Code Execution… CWE-434
 Unrestricted Upload of File with Dangerous Type  		CVE-2019-15123 2024-11-21 13:28 2020-06-13 Show GitHub Exploit DB Packet Storm
223255 6.1 MEDIUM
Network 		zohocorp manageengine_servicedesk_plus Default installations of Zoho ManageEngine ServiceDesk Plus 10.0 before 10500 are vulnerable to XSS injected by a workstation local administrator. Using the installed program names of the computer as… CWE-79
Cross-site Scripting 		CVE-2019-15083 2024-11-21 13:28 2020-05-14 Show GitHub Exploit DB Packet Storm
223256 7.5 HIGH
Network 		ushareit shareit SHAREit through 4.0.6.177 does not check the full message length from the received packet header (which is used to allocate memory for the next set of data). This could lead to a system denial of ser… CWE-770
 Allocation of Resources Without Limits or Throttling 		CVE-2019-15234 2024-11-21 13:28 2020-04-28 Show GitHub Exploit DB Packet Storm
223257 6.1 MEDIUM
Network 		zohocorp manageengine_desktop_central ManageEngine_DesktopCentral.exe in Zoho ManageEngine Desktop Central 10 allows HTML injection on the user administration page via the description of a role. CWE-79
Cross-site Scripting 		CVE-2019-15510 2024-11-21 13:28 2020-03-23 Show GitHub Exploit DB Packet Storm
223258 9.8 CRITICAL
Network 		linbit csync2 An issue was discovered in LINBIT csync2 through 2.0. csync_daemon_session in daemon.c neglects to force a failure of a hello command when the configuration requires use of SSL. NVD-CWE-noinfo
CVE-2019-15522 2024-11-21 13:28 2020-03-21 Show GitHub Exploit DB Packet Storm
223259 7.5 HIGH
Network 		inextrix astpp An issue was discovered in iNextrix ASTPP before 4.0.1. web_interface/astpp/application/config/config.php does not have strong random keys, as demonstrated by use of the 8YSDaBtDHAB3EQkxPAyTz2I5DttzA… CWE-798
CWE-327
 Use of Hard-coded Credentials
 Use of a Broken or Risky Cryptographic Algorithm 		CVE-2019-15075 2024-11-21 13:28 2020-03-21 Show GitHub Exploit DB Packet Storm
223260 6.1 MEDIUM
Network 		mantisbt mantisbt The proj_doc_edit_page.php Project Documentation feature in MantisBT before 2.21.3 has a stored cross-site scripting (XSS) vulnerability, allowing execution of arbitrary code (if CSP settings permit … CWE-79
Cross-site Scripting 		CVE-2019-15539 2024-11-21 13:28 2020-03-20 Show GitHub Exploit DB Packet Storm