Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":May 18, 2026, 6 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
229771 7.5 危険 phpcredo - PHCDownload の search.php における SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2007-6670 2012-12-20 18:34 2008-01-7 Show GitHub Exploit DB Packet Storm
229772 4.3 警告 phpcredo - PHCDownload の search.php におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2007-6669 2012-12-20 18:34 2008-01-7 Show GitHub Exploit DB Packet Storm
229773 7.5 危険 Zenphoto - Zenphoto の rss.php における SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2007-6666 2012-12-20 18:34 2008-01-4 Show GitHub Exploit DB Packet Storm
229774 7.5 危険 webportal - WebPortal CMS の index.php における SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2007-6664 2012-12-20 18:34 2008-01-4 Show GitHub Exploit DB Packet Storm
229775 7.5 危険 pragmaticutopia - Joomla! 用の Pragmatic Utopia PU Arcade コンポーネントにおける SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2007-6663 2012-12-20 18:34 2008-01-4 Show GitHub Exploit DB Packet Storm
229776 7.5 危険 xcms - XCMS の cpie.php における静的コードを直接挿入する攻撃を実行される脆弱性 CWE-94
コード・インジェクション 		CVE-2007-6652 2012-12-20 18:34 2008-01-4 Show GitHub Exploit DB Packet Storm
229777 5 警告 sanybee gallery - SanyBee Gallery の index.php におけるディレクトリトラバーサルの脆弱性 CWE-22
パス・トラバーサル 		CVE-2007-6648 2012-12-20 18:34 2008-01-4 Show GitHub Exploit DB Packet Storm
229778 7.5 危険 W-Agora - w-Agora の index.php における SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2007-6647 2012-12-20 18:34 2008-01-4 Show GitHub Exploit DB Packet Storm
229779 6.8 警告 xml2owl - xml2owl の showCode.php における任意のコマンドを実行される脆弱性 CWE-94
コード・インジェクション 		CVE-2007-6632 2012-12-20 18:34 2008-01-3 Show GitHub Exploit DB Packet Storm
229780 6.8 警告 pnphpbb - PNphpBB2 の printview.php におけるディレクトリトラバーサルの脆弱性 CWE-22
パス・トラバーサル 		CVE-2007-6624 2012-12-20 18:34 2008-01-3 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:May 18, 2026, 4:12 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
223041 4.8 MEDIUM
Network 		sangoma freepbx In userman 13.0.76.43 through 15.0.20 in Sangoma FreePBX, XSS exists in the user management screen of the Administrator web site, i.e., the/admin/config.php?display=userman URI. An attacker with suff… CWE-79
Cross-site Scripting 		CVE-2019-19552 2024-11-21 13:34 2019-12-7 Show GitHub Exploit DB Packet Storm
223042 9.8 CRITICAL
Network 		cesnet
redhat
fedoraproject 		libyang
enterprise_linux
fedora 		In all versions of libyang before 1.0-r5, a stack-based buffer overflow was discovered in the way libyang parses YANG files with a leaf of type "identityref". An application that uses libyang to pars… CWE-787
 Out-of-bounds Write 		CVE-2019-19334 2024-11-21 13:34 2019-12-7 Show GitHub Exploit DB Packet Storm
223043 4.8 MEDIUM
Network 		sangoma freepbx In userman 13.0.76.43 through 15.0.20 in Sangoma FreePBX, XSS exists in the User Management screen of the Administrator web site. An attacker with access to the User Control Panel application can sub… CWE-79
Cross-site Scripting 		CVE-2019-19551 2024-11-21 13:34 2019-12-7 Show GitHub Exploit DB Packet Storm
223044 9.8 CRITICAL
Network 		cesnet
redhat 		libyang
enterprise_linux 		In all versions of libyang before 1.0-r5, a stack-based buffer overflow was discovered in the way libyang parses YANG files with a leaf of type "bits". An application that uses libyang to parse untru… CWE-787
 Out-of-bounds Write 		CVE-2019-19333 2024-11-21 13:34 2019-12-7 Show GitHub Exploit DB Packet Storm
223045 6.5 MEDIUM
Network 		norton password_manager Norton Password Manager, prior to 6.6.2.5, may be susceptible to an information disclosure issue, which is a type of vulnerability whereby there is an unintentional disclosure of information to an ac… NVD-CWE-noinfo
CVE-2019-19546 2024-11-21 13:34 2019-12-6 Show GitHub Exploit DB Packet Storm
223046 6.3 MEDIUM
Network 		norton password_manager Norton Password Manager, prior to 6.6.2.5, may be susceptible to a cross origin resource sharing (CORS) vulnerability, which is a type of issue that allows restricted resources on a web page to be re… CWE-346
 Origin Validation Error 		CVE-2019-19545 2024-11-21 13:34 2019-12-6 Show GitHub Exploit DB Packet Storm
223047 6.1 MEDIUM
Network 		sceditor sceditor SCEditor 2.1.3 allows XSS. CWE-79
Cross-site Scripting 		CVE-2019-19466 2024-11-21 13:34 2019-12-6 Show GitHub Exploit DB Packet Storm
223048 9.8 CRITICAL
Network 		sqlite
netapp
oracle
siemens 		sqlite
cloud_backup
ontap_select_deploy_administration_utility
mysql_workbench
sinec_infrastructure_network_services 		lookupName in resolve.c in SQLite 3.30.1 omits bits from the colUsed bitmask in the case of a generated column, which allows attackers to cause a denial of service or possibly have unspecified other … CWE-681
 Incorrect Conversion between Numeric Types 		CVE-2019-19317 2024-11-21 13:34 2019-12-5 Show GitHub Exploit DB Packet Storm
223049 7.5 HIGH
Network 		wireshark
opensuse
oracle
debian 		wireshark
leap
solaris
zfs_storage_appliance
debian_linux 		In Wireshark 3.0.0 to 3.0.6 and 2.6.0 to 2.6.12, the CMS dissector could crash. This was addressed in epan/dissectors/asn1/cms/packet-cms-template.c by ensuring that an object identifier is set to NU… CWE-909
 Missing Initialization of Resource 		CVE-2019-19553 2024-11-21 13:34 2019-12-5 Show GitHub Exploit DB Packet Storm
223050 7.8 HIGH
Local 		openbsd openbsd OpenBSD 6.6, in a non-default configuration where S/Key or YubiKey authentication is enabled, allows local users to become root by leveraging membership in the auth group. This occurs because root's … CWE-732
 Incorrect Permission Assignment for Critical Resource 		CVE-2019-19522 2024-11-21 13:34 2019-12-5 Show GitHub Exploit DB Packet Storm