Vulnerability Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":May 8, 2026, 4 p.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
229481	7.5	危険	woltlab	-	wBB の usergroups.php における SQL インジェクションの脆弱性	-	CVE-2007-1518	2012-12-20 18:19	2007-03-20	Show	GitHub Exploit DB Packet Storm

229482	6.8	警告	viperweb	-	ViperWeb Portal の index.php における PHP リモートファイルインクルージョンの脆弱性	-	CVE-2007-1514	2012-12-20 18:19	2007-03-20	Show	GitHub Exploit DB Packet Storm

229483	7.5	危険	rhapsody irc	-	Rhapsody IRC の comm.c におけるフォーマットストリングの脆弱性	-	CVE-2007-1503	2012-12-20 18:19	2007-03-19	Show	GitHub Exploit DB Packet Storm

229484	6.8	警告	rhapsody irc	-	Rhapsody IRC におけるバッファオーバーフローの脆弱性	-	CVE-2007-1502	2012-12-20 18:19	2007-03-19	Show	GitHub Exploit DB Packet Storm

229485	4.9	警告	シマンテック	-	Symantec Norton Personal Firewall などの \Device\SymEvent ドライバにおけるサービス運用妨害 (DoS) の脆弱性	-	CVE-2007-1495	2012-12-20 18:19	2007-03-16	Show	GitHub Exploit DB Packet Storm

229486	6.8	警告	web-app.org	-	web-app.org WebAPP における管理アクセス権限を取得される脆弱性	CWE-352 同一生成元ポリシー違反	CVE-2007-1489	2012-12-20 18:19	2007-03-16	Show	GitHub Exploit DB Packet Storm

229487	7.5	危険	wbblog	-	WBBlog の index.php における SQL インジェクションの脆弱性	-	CVE-2007-1481	2012-12-20 18:19	2007-03-16	Show	GitHub Exploit DB Packet Storm

229488	1.9	注意	シマンテック	-	Symantec Norton Personal Firewall などの SYMTDI.SYS におけるサービス運用妨害 (DoS) の脆弱性	CWE-20 不適切な入力確認	CVE-2007-1476	2012-12-20 18:19	2007-03-16	Show	GitHub Exploit DB Packet Storm

229489	6.8	警告	t-systems solutions for research gmbh	-	Groupit の groupit/base/groupit.start.inc におけるリモートファイルインクルージョン攻撃を実行される脆弱性	CWE-94 コード・インジェクション	CVE-2007-1472	2012-12-20 18:19	2007-03-16	Show	GitHub Exploit DB Packet Storm

229490	7.5	危険	xigla	-	Absolute Image Gallery の gallery.asp における SQL インジェクションの脆弱性	CWE-89 SQLインジェクション	CVE-2007-1469	2012-12-20 18:19	2007-03-16	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:May 8, 2026, 4:54 a.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
213671	6.1	MEDIUM Network	zohocorp	manageengine_netflow_analyzer	An issue was discovered in Zoho ManageEngine Netflow Analyzer Professional 7.0.0.2. XSS exists in the Administration zone /netflow/jspui/popup1.jsp file via these GET parameters: bussAlert, customDev…	CWE-79 Cross-site Scripting	CVE-2019-8926	2024-11-21 13:50	2019-05-17	Show	GitHub Exploit DB Packet Storm

213672	4.3	MEDIUM Network	zohocorp	manageengine_netflow_analyzer	An issue was discovered in Zoho ManageEngine Netflow Analyzer Professional 7.0.0.2. An Absolute Path Traversal vulnerability in the Administration zone, in /netflow/servlet/CReportPDFServlet (via the…	CWE-22 Path Traversal	CVE-2019-8925	2024-11-21 13:50	2019-05-17	Show	GitHub Exploit DB Packet Storm

213673	6.1	MEDIUM Network	apachefriends	xampp	XAMPP through 5.6.8 allows XSS via the cds-fpdf.php interpret or titel parameter. NOTE: This product is discontinued.	CWE-79 Cross-site Scripting	CVE-2019-8924	2024-11-21 13:50	2019-05-17	Show	GitHub Exploit DB Packet Storm

213674	7.5	HIGH Network	netapp fedoraproject opensuse hpe ntp	data_ontap clustered_data_ontap fedora leap hpux-ntp ntp	NTP through 4.2.8p12 has a NULL Pointer Dereference.	CWE-476 NULL Pointer Dereference	CVE-2019-8936	2024-11-21 13:50	2019-05-16	Show	GitHub Exploit DB Packet Storm

213675	9.8	CRITICAL Network	apachefriends	xampp	XAMPP through 5.6.8 and previous allows SQL injection via the cds-fpdf.php jahr parameter. NOTE: This product is discontinued.	CWE-89 SQL Injection	CVE-2019-8923	2024-11-21 13:50	2019-05-15	Show	GitHub Exploit DB Packet Storm

213676	8.1	HIGH Network	ellucian	banner_web_tailor banner_enterprise_identity_services	An improper authentication vulnerability can be exploited through a race condition that occurs in Ellucian Banner Web Tailor 8.8.3, 8.8.4, and 8.9 and Banner Enterprise Identity Services 8.3, 8.3.1, …	CWE-287 CWE-362 Improper Authentication Race Condition	CVE-2019-8978	2024-11-21 13:50	2019-05-15	Show	GitHub Exploit DB Packet Storm

213677	6.5	MEDIUM Network	bosch	divar_ip_2000_firmware divar_ip_5000_firmware video_recording_manager video_management_system	A Path Traversal vulnerability located in the webserver affects several Bosch hardware and software products. The vulnerability potentially allows a remote authorized user to access arbitrary files o…	CWE-22 Path Traversal	CVE-2019-8952	2024-11-21 13:50	2019-05-14	Show	GitHub Exploit DB Packet Storm

213678	6.1	MEDIUM Network	bosch	divar_ip_2000_firmware divar_ip_5000_firmware video_recording_manager video_management_system	An Open Redirect vulnerability located in the webserver affects several Bosch hardware and software products. The vulnerability potentially allows a remote attacker to redirect users to an arbitrary …	CWE-601 Open Redirect	CVE-2019-8951	2024-11-21 13:50	2019-05-14	Show	GitHub Exploit DB Packet Storm

213679	7.5	HIGH Network	solarwinds	dameware_mini_remote_control	DWRCC in SolarWinds DameWare Mini Remote Control 10.0 x64 has a Buffer Overflow associated with the size field for the machine name.	CWE-787 Out-of-bounds Write	CVE-2019-9017	2024-11-21 13:50	2019-05-3	Show	GitHub Exploit DB Packet Storm

213680	6.1	MEDIUM Network	tibco	silver_fabric_enabler activematrix_bpm	The workspace client, openspace client, and app development client of TIBCO Software Inc.'s TIBCO ActiveMatrix BPM, TIBCO ActiveMatrix BPM Distribution for TIBCO Silver Fabric, and TIBCO Silver Fabri…	CWE-601 Open Redirect	CVE-2019-8995	2024-11-21 13:50	2019-04-25	Show	GitHub Exploit DB Packet Storm

Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed