Vulnerability Search Top

Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

Vulnerability Information Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":May 12, 2026, 4:01 p.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
229391	4.3	警告	PluXml	-	Pluxml の admin/auth.php におけるクロスサイトスクリプティングの脆弱性	-	CVE-2007-3542	2012-12-20 18:19	2007-07-3	Show	GitHub Exploit DB Packet Storm

229392	4.3	警告	rainworx	-	rwAuction Pro の search.asp におけるクロスサイトスクリプティングの脆弱性	-	CVE-2007-3540	2012-12-20 18:19	2007-07-3	Show	GitHub Exploit DB Packet Storm

229393	7.5	危険	qt-cute	-	QuickTicket およびの QuickTalk フォーラムにおける SQL インジェクションの脆弱性	CWE-89 SQLインジェクション	CVE-2007-3539	2012-12-20 18:19	2007-07-3	Show	GitHub Exploit DB Packet Storm

229394	7.5	危険	qt-cute	-	QuickTalk guestbook の qtg_msg_view.php における SQL インジェクションの脆弱性	-	CVE-2007-3538	2012-12-20 18:19	2007-07-3	Show	GitHub Exploit DB Packet Storm

229395	7.2	危険	php director	-	PHPDirector における権限を取得される脆弱性	-	CVE-2007-3530	2012-12-20 18:19	2007-07-3	Show	GitHub Exploit DB Packet Storm

229396	7.8	危険	php director	-	PHPDirector の videos.php における重要な情報を取得される脆弱性	-	CVE-2007-3529	2012-12-20 18:19	2007-07-3	Show	GitHub Exploit DB Packet Storm

229397	7.5	危険	Vastal I-Tech & Co.	-	Buddy Zone における SQL インジェクションの脆弱性	-	CVE-2007-3526	2012-12-20 18:19	2007-07-3	Show	GitHub Exploit DB Packet Storm

229398	7.8	危険	ripe website manager	-	Ripe Website Manager における設定情報を取得される脆弱性	-	CVE-2007-3525	2012-12-20 18:19	2007-07-3	Show	GitHub Exploit DB Packet Storm

229399	6.8	警告	ripe website manager	-	Ripe Website Manager における PHP リモートファイルインクルージョンの脆弱性	-	CVE-2007-3524	2012-12-20 18:19	2007-07-3	Show	GitHub Exploit DB Packet Storm

229400	6.8	警告	sphpell	-	sPHPell における PHP リモートファイルインクルージョンの脆弱性	-	CVE-2007-3522	2012-12-20 18:19	2007-07-3	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:May 12, 2026, 5:06 a.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
222871	7.2	HIGH Network	centreon	centreon_web	Centreon Web before 2.8.30, 18.10.x before 18.10.8, 19.04.x before 19.04.5 and 19.10.x before 19.10.2 allows Remote Code Execution by an administrator who can modify Macro Expression location setting…	NVD-CWE-noinfo	CVE-2019-16405	2024-11-21 13:30	2019-11-22	Show	GitHub Exploit DB Packet Storm

222872	8.8	HIGH Network	jenkins	google_compute_engine	A cross-site request forgery vulnerability in Jenkins Google Compute Engine Plugin 4.1.1 and earlier in ComputeEngineCloud#doProvision could be used to provision new agents.	CWE-352 Origin Validation Error	CVE-2019-16548	2024-11-21 13:30	2019-11-22	Show	GitHub Exploit DB Packet Storm

222873	4.3	MEDIUM Network	jenkins	google_compute_engine	Missing permission checks in various API endpoints in Jenkins Google Compute Engine Plugin 4.1.1 and earlier allow attackers with Overall/Read permission to obtain limited information about the plugi…	CWE-862 Missing Authorization	CVE-2019-16547	2024-11-21 13:30	2019-11-22	Show	GitHub Exploit DB Packet Storm

222874	5.9	MEDIUM Network	jenkins	google_compute_engine	Jenkins Google Compute Engine Plugin 4.1.1 and earlier does not verify SSH host keys when connecting agents created by the plugin, enabling man-in-the-middle attacks.	CWE-639 Authorization Bypass Through User-Controlled Key	CVE-2019-16546	2024-11-21 13:30	2019-11-22	Show	GitHub Exploit DB Packet Storm

222875	6.5	MEDIUM Network	qmetry	jenkins_qmetry_for_jira	Jenkins QMetry for JIRA - Test Management Plugin transmits credentials in its configuration in plain text as part of job configuration forms, potentially resulting in their exposure.	CWE-319 Cleartext Transmission of Sensitive Information	CVE-2019-16545	2024-11-21 13:30	2019-11-22	Show	GitHub Exploit DB Packet Storm

222876	8.8	HIGH Network	qmetry	jenkins_qmetry_for_jira	Jenkins QMetry for JIRA - Test Management Plugin 1.12 and earlier stores credentials unencrypted in job config.xml files on the Jenkins master where they can be viewed by users with Extended Read per…	CWE-522 Insufficiently Protected Credentials	CVE-2019-16544	2024-11-21 13:30	2019-11-22	Show	GitHub Exploit DB Packet Storm

222877	5.5	MEDIUM Local	jenkins	spira_importer	Jenkins Spira Importer Plugin 3.2.2 and earlier stores credentials unencrypted in its global configuration file on the Jenkins master where they can be viewed by users with access to the master file …	CWE-522 Insufficiently Protected Credentials	CVE-2019-16543	2024-11-21 13:30	2019-11-22	Show	GitHub Exploit DB Packet Storm

222878	6.5	MEDIUM Network	jenkins	anchore_container_image_scanner	Jenkins Anchore Container Image Scanner Plugin 1.0.19 and earlier stores credentials unencrypted in job config.xml files on the Jenkins master where they can be viewed by users with Extended Read per…	CWE-522 Insufficiently Protected Credentials	CVE-2019-16542	2024-11-21 13:30	2019-11-22	Show	GitHub Exploit DB Packet Storm

222879	9.9	CRITICAL Network	jenkins	jira	Jenkins JIRA Plugin 3.0.10 and earlier does not declare the correct (folder) scope for per-folder Jira site definitions, allowing users to select and use credentials with System scope.	CWE-668 Exposure of Resource to Wrong Sphere	CVE-2019-16541	2024-11-21 13:30	2019-11-22	Show	GitHub Exploit DB Packet Storm

222880	6.5	MEDIUM Network	jenkins	support_core	A path traversal vulnerability in Jenkins Support Core Plugin 2.63 and earlier allows attackers with Overall/Read permission to delete arbitrary files on the Jenkins master.	CWE-22 Path Traversal	CVE-2019-16540	2024-11-21 13:30	2019-11-22	Show	GitHub Exploit DB Packet Storm