Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":May 18, 2026, 6 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
229871 5 警告 xigla - Absolute News Manager.NET の pages/default.aspx におけるディレクトリトラバーサルの脆弱性 CWE-22
パス・トラバーサル 		CVE-2007-6268 2012-12-20 18:34 2007-12-7 Show GitHub Exploit DB Packet Storm
229872 6.8 警告 VideoLAN - VideoLAN VLC の axvlc.dll における任意のコードを実行される脆弱性 CWE-119
バッファエラー 		CVE-2007-6262 2012-12-20 18:34 2007-11-30 Show GitHub Exploit DB Packet Storm
229873 7.5 危険 snitz forums 2000 - Snitz Forums 2000 の active.asp における SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2007-6240 2012-12-20 18:34 2007-12-5 Show GitHub Exploit DB Packet Storm
229874 5 警告 リアルネットワークス - RealNetworks RealPlayer の特定の ActiveX コントロールにおけるサービス運用妨害 (DoS) の脆弱性 CWE-20
不適切な入力確認 		CVE-2007-6235 2012-12-20 18:34 2007-12-4 Show GitHub Exploit DB Packet Storm
229875 7.5 危険 tellmatic - tellmatic における PHP リモートファイルインクルージョンの脆弱性 CWE-94
コード・インジェクション 		CVE-2007-6231 2012-12-20 18:34 2007-12-4 Show GitHub Exploit DB Packet Storm
229876 7.5 危険 Rayzz - Rayzz Script の common/classes/class_HeaderHandler.lib.php におけるディレクトリトラバーサルの脆弱性 CWE-22
パス・トラバーサル 		CVE-2007-6230 2012-12-20 18:34 2007-12-4 Show GitHub Exploit DB Packet Storm
229877 7.5 危険 Rayzz - Rayzz Script の common/classes/class_HeaderHandler.lib.php における PHP リモートファイルインクルージョンの脆弱性 CWE-94
コード・インジェクション 		CVE-2007-6229 2012-12-20 18:34 2007-12-4 Show GitHub Exploit DB Packet Storm
229878 6.8 警告 ヤフー株式会社 - Yahoo! Toolbar の yt.ythelper.2 ActiveX コントロールにおけるスタックベースのバッファオーバーフローの脆弱性 CWE-119
バッファエラー 		CVE-2007-6228 2012-12-20 18:34 2007-12-4 Show GitHub Exploit DB Packet Storm
229879 7.2 危険 Fabrice Bellard - QEMU における TranslationBlock バッファを上書きされる脆弱性 CWE-119
バッファエラー 		CVE-2007-6227 2012-12-20 18:34 2007-12-4 Show GitHub Exploit DB Packet Storm
229880 5 警告 リアルネットワークス - RealPlayer に同梱されている rmoc3260.dll におけるサービス運用妨害 (DoS) の脆弱性 CWE-20
不適切な入力確認 		CVE-2007-6224 2012-12-20 18:34 2007-12-4 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:May 18, 2026, 4:12 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
223461 4.8 MEDIUM
Network 		untangle ng_firewall When logged in as an admin user, the Untangle NG firewall 14.2.0 is vulnerable to reflected XSS at multiple places and specific user input fields. CWE-79
Cross-site Scripting 		CVE-2019-18648 2024-11-21 13:33 2019-11-15 Show GitHub Exploit DB Packet Storm
223462 7.2 HIGH
Network 		untangle ng_firewall The Untangle NG firewall 14.2.0 is vulnerable to an authenticated command injection when logged in as an admin user. CWE-77
Command Injection 		CVE-2019-18647 2024-11-21 13:33 2019-11-15 Show GitHub Exploit DB Packet Storm
223463 7.2 HIGH
Network 		untangle ng_firewall The Untangle NG firewall 14.2.0 is vulnerable to authenticated inline-query SQL injection within the timeDataDynamicColumn parameter when logged in as an admin user. CWE-89
SQL Injection 		CVE-2019-18646 2024-11-21 13:33 2019-11-15 Show GitHub Exploit DB Packet Storm
223464 6.1 MEDIUM
Network 		microstrategy microstrategy_library Microstrategy Library in MicroStrategy before 2019 before 11.1.3 has reflected XSS. CWE-79
Cross-site Scripting 		CVE-2019-18957 2024-11-21 13:33 2019-11-14 Show GitHub Exploit DB Packet Storm
223465 7.8 HIGH
Local 		scanguard scanguard_antivirus Scanguard through 2019-11-12 on Windows has Insecure Permissions for the installation directory, leading to privilege escalation via a Trojan horse executable file. CWE-732
 Incorrect Permission Assignment for Critical Resource 		CVE-2019-18895 2024-11-21 13:33 2019-11-14 Show GitHub Exploit DB Packet Storm
223466 5.5 MEDIUM
Local 		linux linux_kernel fs/btrfs/volumes.c in the Linux kernel before 5.1 allows a btrfs_verify_dev_extents NULL pointer dereference via a crafted btrfs image because fs_devices->devices is mishandled within find_device, ak… CWE-476
 NULL Pointer Dereference 		CVE-2019-18885 2024-11-21 13:33 2019-11-14 Show GitHub Exploit DB Packet Storm
223467 7.5 HIGH
Network 		snowhaze snowhaze SnowHaze before 2.6.6 is sometimes too late to honor a per-site JavaScript blocking setting, which leads to unintended JavaScript execution via a chain of webpage redirections targeted to the user's … CWE-863
 Incorrect Authorization 		CVE-2019-18949 2024-11-21 13:33 2019-11-14 Show GitHub Exploit DB Packet Storm
223468 5.3 MEDIUM
Network 		netease pomelo Pomelo v2.2.5 allows external control of critical state data. A malicious user input can corrupt arbitrary methods and attributes in template/game-server/app/servers/connector/handler/entryHandler.js… CWE-668
 Exposure of Resource to Wrong Sphere 		CVE-2019-18954 2024-11-21 13:33 2019-11-14 Show GitHub Exploit DB Packet Storm
223469 9.8 CRITICAL
Network 		sibsoft xfilesharing SibSoft Xfilesharing through 2.5.1 allows cgi-bin/up.cgi arbitrary file upload. This can be combined with CVE-2019-18951 to achieve remote code execution via a .html file, containing short codes, tha… CWE-434
 Unrestricted Upload of File with Dangerous Type  		CVE-2019-18952 2024-11-21 13:33 2019-11-14 Show GitHub Exploit DB Packet Storm
223470 7.5 HIGH
Network 		sibsoft xfilesharing SibSoft Xfilesharing through 2.5.1 allows op=page&tmpl=../ directory traversal to read arbitrary files. CWE-22
Path Traversal 		CVE-2019-18951 2024-11-21 13:33 2019-11-14 Show GitHub Exploit DB Packet Storm