Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":May 13, 2026, 12:06 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
229611 7.5 危険 XOOPS - XOOPS 用の WiwiMod モジュールにおける PHP リモートファイルインクルージョンの脆弱性 - CVE-2007-3289 2012-12-20 18:19 2007-06-20 Show GitHub Exploit DB Packet Storm
229612 4.3 警告 skeltoac - WordPress 用の Automattic Stats プラグインにおけるクロスサイトスクリプティングの脆弱性 - CVE-2007-3288 2012-12-20 18:19 2007-06-20 Show GitHub Exploit DB Packet Storm
229613 6.8 警告 サン・マイクロシステムズ - Sun Solaris の GNOME XScreenSaver におけるコンソールへアクセスされる脆弱性 - CVE-2007-3283 2012-12-20 18:19 2007-06-19 Show GitHub Exploit DB Packet Storm
229614 9 危険 PostgreSQL.org - PostgreSQL の dblink における全てのライブラリから関数をマッピングおよび実行される脆弱性 - CVE-2007-3280 2012-12-20 18:19 2007-06-19 Show GitHub Exploit DB Packet Storm
229615 10 危険 PostgreSQL.org - PostgreSQL における関数を作成および実行される脆弱性 - CVE-2007-3279 2012-12-20 18:19 2007-06-19 Show GitHub Exploit DB Packet Storm
229616 10 危険 Wikindx project - WIKINDX 用の localization モジュールにおける特定の管理者機能にアクセスされる脆弱性 - CVE-2007-3277 2012-12-20 18:19 2007-06-19 Show GitHub Exploit DB Packet Storm
229617 4.3 警告 siteatschool - S@S の index.php におけるクロスサイトスクリプティングの脆弱性 - CVE-2007-3276 2012-12-20 18:19 2007-06-19 Show GitHub Exploit DB Packet Storm
229618 7.5 危険 yourfreescreamer - YourFreeScreamer の templates/2blue/bodyTemplate.php における PHP リモートファイルインクルージョンの脆弱性 - CVE-2007-3271 2012-12-20 18:19 2007-06-19 Show GitHub Exploit DB Packet Storm
229619 4.3 警告 sporum forum - Sporum Forum の comments.cgi におけるクロスサイトスクリプティングの脆弱性 - CVE-2007-3213 2012-12-20 18:19 2007-06-14 Show GitHub Exploit DB Packet Storm
229620 10 危険 yabb - YaBB における CRLF インジェクションの脆弱性 - CVE-2007-3208 2012-12-20 18:19 2007-06-14 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:May 13, 2026, 5:05 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
214041 7.2 HIGH
Network 		miniblog_project miniblog madskristensen MiniBlog through 2018-05-18 allows remote attackers to execute arbitrary ASPX code via an IMG element with a data: URL, because SaveFilesToDisk in app_code/handlers/PostHandler.cs writ… CWE-434
 Unrestricted Upload of File with Dangerous Type  		CVE-2019-9842 2024-11-21 13:52 2019-06-15 Show GitHub Exploit DB Packet Storm
214042 7.8 HIGH
Local 		dahuasecurity ipc-hfw1xxx_firmware
ipc-hdw1xxx_firmware
ipc-hfw2xxx_firmware 		Buffer overflow vulnerability found in some Dahua IP Camera devices IPC-HFW1XXX,IPC-HDW1XXX,IPC-HFW2XXX Build before 2018/11. The vulnerability exits in the function of redirection display for serial… CWE-119
Incorrect Access of Indexable Resource ('Range Error')  		CVE-2019-9676 2024-11-21 13:52 2019-06-13 Show GitHub Exploit DB Packet Storm
214043 5.3 MEDIUM
Network 		wpengine wpgraphql The createComment mutation in the WPGraphQL 0.2.3 plugin for WordPress allows unauthenticated users to post comments on any article, even when 'allow comment' is disabled. CWE-306
Missing Authentication for Critical Function 		CVE-2019-9881 2024-11-21 13:52 2019-06-11 Show GitHub Exploit DB Packet Storm
214044 9.1 CRITICAL
Network 		wpengine wpgraphql An issue was discovered in the WPGraphQL 0.2.3 plugin for WordPress. By querying the 'users' RootQuery, it is possible, for an unauthenticated attacker, to retrieve all WordPress users details such a… CWE-306
Missing Authentication for Critical Function 		CVE-2019-9880 2024-11-21 13:52 2019-06-11 Show GitHub Exploit DB Packet Storm
214045 9.8 CRITICAL
Network 		wpengine wpgraphql The WPGraphQL 0.2.3 plugin for WordPress allows remote attackers to register a new user with admin privileges, whenever new user registrations are allowed. This is related to the registerUser mutatio… CWE-306
Missing Authentication for Critical Function 		CVE-2019-9879 2024-11-21 13:52 2019-06-11 Show GitHub Exploit DB Packet Storm
214046 8.8 HIGH
Network 		northern cfengine Northern.tech CFEngine Enterprise 3.12.1 has Insecure Permissions. CWE-532
 Inclusion of Sensitive Information in Log Files 		CVE-2019-9929 2024-11-21 13:52 2019-06-7 Show GitHub Exploit DB Packet Storm
214047 9.8 CRITICAL
Network 		pydio pydio An issue was discovered in proxy.php in pydio-core in Pydio through 8.2.2. Through an unauthenticated request, it possible to evaluate malicious PHP code by placing it on the fourth line of a .php fi… CWE-22
CWE-434
Path Traversal
 Unrestricted Upload of File with Dangerous Type  		CVE-2019-9642 2024-11-21 13:52 2019-06-6 Show GitHub Exploit DB Packet Storm
214048 8.8 HIGH
Local 		synaptics sound_device Incorrect access control in the CxUtilSvc component of the Synaptics Sound Device drivers prior to version 2.29 allows a local attacker to increase access privileges to the Windows Registry via an un… NVD-CWE-noinfo
CVE-2019-9730 2024-11-21 13:52 2019-06-6 Show GitHub Exploit DB Packet Storm
214049 8.8 HIGH
Network 		freenetproject freenet Freenet 1483 has a MIME type bypass that allows arbitrary JavaScript execution via a crafted Freenet URI. CWE-19
 Data Processing Errors 		CVE-2019-9673 2024-11-21 13:52 2019-06-6 Show GitHub Exploit DB Packet Storm
214050 6.1 MEDIUM
Network 		gilacms gila_cms Gila CMS 1.9.1 has XSS. CWE-79
Cross-site Scripting 		CVE-2019-9647 2024-11-21 13:52 2019-06-6 Show GitHub Exploit DB Packet Storm