Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":May 18, 2026, 12:09 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
229671 6.5 警告 torrentstrike - TBSource の index.php における SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2007-5975 2012-12-20 18:33 2007-11-14 Show GitHub Exploit DB Packet Storm
229672 5 警告 really simple caldav store - RSCDS における重要な情報を取得される脆弱性 CWE-noinfo
情報不足 		CVE-2007-5953 2012-12-20 18:33 2007-11-13 Show GitHub Exploit DB Packet Storm
229673 4.3 警告 script-fun - SF-Shoutbox の main.php におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2007-5948 2012-12-20 18:33 2007-11-13 Show GitHub Exploit DB Packet Storm
229674 5 警告 usvn - USVN におけるリポジトリの内容の一覧を取得される脆弱性 CWE-264
認可・権限・アクセス制御 		CVE-2007-5945 2012-12-20 18:33 2007-11-6 Show GitHub Exploit DB Packet Storm
229675 5 警告 Simple Machines - SMF におけるプライベートフォーラムのメッセージを読まれる脆弱性 CWE-16
環境設定 		CVE-2007-5943 2012-12-20 18:33 2007-11-13 Show GitHub Exploit DB Packet Storm
229676 4.6 警告 TUG - TeXLive で使用されている feynmf の feynmf.pl における任意のファイルを上書きされる脆弱性 CWE-59
リンク解釈の問題 		CVE-2007-5940 2012-12-20 18:33 2007-11-6 Show GitHub Exploit DB Packet Storm
229677 6.8 警告 TUG
teTeX		 - teTeX および TeXlive 2007 の dviljk におけるバッファオーバーフローの脆弱性 CWE-119
バッファエラー 		CVE-2007-5937 2012-12-20 18:33 2007-11-13 Show GitHub Exploit DB Packet Storm
229678 3.6 注意 TUG
teTeX		 - teTeX および TeXlive 2007 の dvips における重要な情報を取得される脆弱性 CWE-264
認可・権限・アクセス制御 		CVE-2007-5936 2012-12-20 18:33 2007-11-13 Show GitHub Exploit DB Packet Storm
229679 7.8 危険 pioneers - Pioneers におけるサービス運用妨害 (DoS) の脆弱性 CWE-20
不適切な入力確認 		CVE-2007-5933 2012-12-20 18:33 2007-11-13 Show GitHub Exploit DB Packet Storm
229680 6.8 警告 picoflat cms - Domenico Mancini PicoFlat CMS の index.php における特定のファイルをインクルードされる脆弱性 CWE-22
パス・トラバーサル 		CVE-2007-5920 2012-12-20 18:33 2007-11-9 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:May 18, 2026, 4:12 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
222691 8.8 HIGH
Network 		nopcommerce nopcommerce RoxyFileman, as shipped with nopCommerce v4.2.0, is vulnerable to CSRF because GET requests can be used for renames and deletions. CWE-352
 Origin Validation Error 		CVE-2019-19685 2024-11-21 13:35 2019-12-10 Show GitHub Exploit DB Packet Storm
222692 8.8 HIGH
Network 		nopcommerce nopcommerce nopCommerce v4.2.0 allows privilege escalation via file upload in Presentation/Nop.Web/Admin/Areas/Controllers/PluginController.cs via Admin/FacebookAuthentication/Configure because it is possible to… CWE-434
 Unrestricted Upload of File with Dangerous Type  		CVE-2019-19684 2024-11-21 13:35 2019-12-10 Show GitHub Exploit DB Packet Storm
222693 9.1 CRITICAL
Network 		nopcommerce nopcommerce RoxyFileman, as shipped with nopCommerce v4.2.0, is vulnerable to ../ path traversal via d or f to Admin/RoxyFileman/ProcessRequest because of Libraries/Nop.Services/Media/RoxyFileman/FileRoxyFileman… CWE-22
Path Traversal 		CVE-2019-19683 2024-11-21 13:35 2019-12-10 Show GitHub Exploit DB Packet Storm
222694 4.8 MEDIUM
Network 		nopcommerce nopcommerce nopCommerce through 4.20 allows XSS in the SaveStoreMappings of the components \Presentation\Nop.Web\Areas\Admin\Controllers\NewsController.cs and \Presentation\Nop.Web\Areas\Admin\Controllers\BlogCo… CWE-79
Cross-site Scripting 		CVE-2019-19682 2024-11-21 13:35 2019-12-10 Show GitHub Exploit DB Packet Storm
222695 5.4 MEDIUM
Network 		xpand-it xray_test_mangaement In "Xray Test Management for Jira" prior to version 3.5.5, remote authenticated attackers can cause XSS in the Pre-Condition Summary entry point via the summary field of a Create Pre-Condition action… CWE-79
Cross-site Scripting 		CVE-2019-19679 2024-11-21 13:35 2019-12-10 Show GitHub Exploit DB Packet Storm
222696 5.4 MEDIUM
Network 		xpand-it xray_test_mangaement In "Xray Test Management for Jira" prior to version 3.5.5, remote authenticated attackers can cause XSS in the generic field entry point via the Generic Test Definition field of a new Generic Test is… CWE-79
Cross-site Scripting 		CVE-2019-19678 2024-11-21 13:35 2019-12-10 Show GitHub Exploit DB Packet Storm
222697 5.5 MEDIUM
Local 		sqlite
netapp
oracle
tenable
siemens 		sqlite
cloud_backup
ontap_select_deploy_administration_utility
mysql_workbench
tenable.sc
sinec_infrastructure_network_services 		alter.c in SQLite through 3.30.1 allows attackers to trigger infinite recursion via certain types of self-referential views in conjunction with ALTER TABLE statements. CWE-674
 Uncontrolled Recursion 		CVE-2019-19645 2024-11-21 13:35 2019-12-10 Show GitHub Exploit DB Packet Storm
222698 7.8 HIGH
Local 		virustotal
fedoraproject 		yara
fedora 		In the macho_parse_file functionality in macho/macho.c of YARA 3.11.0, command_size may be inconsistent with the real size. A specially crafted MachO file can cause an out-of-bounds memory access, re… CWE-125
Out-of-bounds Read 		CVE-2019-19648 2024-11-21 13:35 2019-12-9 Show GitHub Exploit DB Packet Storm
222699 7.8 HIGH
Local 		radare
fedoraproject 		radare2
fedora 		radare2 through 4.0.0 lacks validation of the content variable in the function r_asm_pseudo_incbin at libr/asm/asm.c, ultimately leading to an arbitrary write. This allows remote attackers to cause a… CWE-476
 NULL Pointer Dereference 		CVE-2019-19647 2024-11-21 13:35 2019-12-9 Show GitHub Exploit DB Packet Storm
222700 8.8 HIGH
Network 		supermicro x8sti-f_bios
x8sti-f_firmware 		On SuperMicro X8STi-F motherboards with IPMI firmware 2.06 and BIOS 02.68, the Virtual Media feature allows OS Command Injection by authenticated attackers who can send HTTP requests to the IPMI IP a… CWE-78
OS Command  		CVE-2019-19642 2024-11-21 13:35 2019-12-8 Show GitHub Exploit DB Packet Storm