Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":May 19, 2026, 6 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
229981 10 危険 SonicWALL - SonicWall SSL-VPN 200 および SSL-VPN 2000/4000 の WebCacheCleaner ActiveX コントロールにおける絶対パストラバーサルの脆弱性 CWE-22
パス・トラバーサル 		CVE-2007-5815 2012-12-20 18:33 2007-11-5 Show GitHub Exploit DB Packet Storm
229982 9.3 危険 SonicWALL - SonicWall SSL-VPN NetExtender NELaunchCtrl ActiveX コントロールにおけるバッファオーバーフローの脆弱性 CWE-119
バッファエラー 		CVE-2007-5814 2012-12-20 18:33 2007-11-5 Show GitHub Exploit DB Packet Storm
229983 6.8 警告 ssreader - SSReader の Ultra Star Reader ActiveX コントロールにおけるバッファオーバーフローの脆弱性 CWE-119
バッファエラー 		CVE-2007-5807 2012-12-20 18:33 2007-11-5 Show GitHub Exploit DB Packet Storm
229984 7.5 危険 work system e-commerce - WORK system e-commerce における脆弱性 CWE-noinfo
情報不足 		CVE-2007-5801 2012-12-20 18:33 2007-11-2 Show GitHub Exploit DB Packet Storm
229985 6.8 警告 tom willmot - WordPress 用の BackUpWordPress プラグインにおける PHP リモートファイルインクルージョンの脆弱性 CWE-94
コード・インジェクション 		CVE-2007-5800 2012-12-20 18:33 2007-11-2 Show GitHub Exploit DB Packet Storm
229986 7.1 危険 stonesoft - Stonesoft StoneGate IPS におけるシステムへ侵入される脆弱性 CWE-DesignError
CVE-2007-5793 2012-12-20 18:33 2007-11-1 Show GitHub Exploit DB Packet Storm
229987 7.1 危険 Vonage - Vonage Motorola Phone Adapter VT 2142-VD における盗聴される脆弱性 CWE-310
暗号の問題 		CVE-2007-5792 2012-12-20 18:33 2007-11-1 Show GitHub Exploit DB Packet Storm
229988 10 危険 Vonage - Vonage Motorola Phone Adapter VT 2142-VD における偽造された INVITE メッセージを送信される脆弱性 CWE-287
不適切な認証 		CVE-2007-5791 2012-12-20 18:33 2007-11-1 Show GitHub Exploit DB Packet Storm
229989 5 警告 phptoys - Micro Login System におけるパスワードを含むファイルをダウンロードされる脆弱性 CWE-264
認可・権限・アクセス制御 		CVE-2007-5787 2012-12-20 18:33 2007-11-1 Show GitHub Exploit DB Packet Storm
229990 6.8 警告 sige - Sift Unity の inc/sige_init.php における PHP リモートファイルインクルージョンの脆弱性 CWE-94
コード・インジェクション 		CVE-2007-5781 2012-12-20 18:33 2007-11-1 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:May 19, 2026, 4:16 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
223211 7.5 HIGH
Network 		rconfig rconfig A downloadFile.php download_file path traversal vulnerability in rConfig through 3.9.3 allows attackers to list files in arbitrary folders and potentially download files. NOTE: the discoverer later r… CWE-22
Path Traversal 		CVE-2019-19372 2024-11-21 13:34 2019-11-29 Show GitHub Exploit DB Packet Storm
223212 6.5 MEDIUM
Local 		linux
redhat
opensuse 		linux_kernel
enterprise_linux
leap 		In the Linux kernel before 5.2, a setxattr operation, after a mount of a crafted ext4 image, can cause a slab-out-of-bounds write access because of an ext4_xattr_set_entry use-after-free in fs/ext4/x… CWE-787
CWE-416
 Out-of-bounds Write
 Use After Free 		CVE-2019-19319 2024-11-21 13:34 2019-11-28 Show GitHub Exploit DB Packet Storm
223213 4.4 MEDIUM
Local 		linux
opensuse
canonical
debian
netapp 		linux_kernel
leap
ubuntu_linux
debian_linux
steelstore_cloud_integrated_storage
active_iq_unified_manager
data_availability_services
solidfire
hci_management_node
aff_a700s… 		In the Linux kernel 5.3.11, mounting a crafted btrfs image twice can cause an rwsem_down_write_slowpath use-after-free because (in rwsem_can_spin_on_owner in kernel/locking/rwsem.c) rwsem_owner_flags… CWE-416
 Use After Free 		CVE-2019-19318 2024-11-21 13:34 2019-11-28 Show GitHub Exploit DB Packet Storm
223214 6.1 MEDIUM
Network 		fusionpbx fusionpbx A cross-site scripting (XSS) vulnerability in app/fax/fax_files.php in FusionPBX 4.4.1 allows remote attackers to inject arbitrary web script or HTML via the id parameter. CWE-79
Cross-site Scripting 		CVE-2019-19367 2024-11-21 13:34 2019-11-28 Show GitHub Exploit DB Packet Storm
223215 6.1 MEDIUM
Network 		fusionpbx fusionpbx A cross-site scripting (XSS) vulnerability in app/xml_cdr/xml_cdr_search.php in FusionPBX 4.4.1 allows remote attackers to inject arbitrary web script or HTML via the redirect parameter. CWE-79
Cross-site Scripting 		CVE-2019-19366 2024-11-21 13:34 2019-11-28 Show GitHub Exploit DB Packet Storm
223216 5.9 MEDIUM
Network 		sqlite
canonical
redhat
oracle
siemens 		sqlite
ubuntu_linux
enterprise_linux
mysql_workbench
sinec_infrastructure_network_services 		SQLite 3.30.1 mishandles pExpr->y.pTab, as demonstrated by the TK_COLUMN case in sqlite3ExprCodeTarget in expr.c. CWE-476
 NULL Pointer Dereference 		CVE-2019-19242 2024-11-21 13:34 2019-11-28 Show GitHub Exploit DB Packet Storm
223217 9.8 CRITICAL
Network 		haproxy
canonical
debian 		haproxy
ubuntu_linux
debian_linux 		The HTTP/2 implementation in HAProxy before 2.0.10 mishandles headers, as demonstrated by carriage return (CR, ASCII 0xd), line feed (LF, ASCII 0xa), and the zero character (NUL, ASCII 0x0), aka Inte… CWE-74
Injection 		CVE-2019-19330 2024-11-21 13:34 2019-11-28 Show GitHub Exploit DB Packet Storm
223218 6.1 MEDIUM
Network 		wikimedia wikidata_query_gui In Wikibase Wikidata Query Service GUI before 0.3.6-SNAPSHOT 2019-11-07, when mathematical expressions in results are displayed directly, arbitrary JavaScript execution can occur, aka XSS. This was a… CWE-79
Cross-site Scripting 		CVE-2019-19329 2024-11-21 13:34 2019-11-28 Show GitHub Exploit DB Packet Storm
223219 6.1 MEDIUM
Network 		wikimedia wikidata_query_gui ui/editor/tooltip/Rdf.js in Wikibase Wikidata Query Service GUI before 0.3.6-SNAPSHOT 2019-11-07 allows HTML injection in tooltips for entities. NOTE: this GUI code is no longer bundled with the Wiki… CWE-79
Cross-site Scripting 		CVE-2019-19328 2024-11-21 13:34 2019-11-28 Show GitHub Exploit DB Packet Storm
223220 6.1 MEDIUM
Network 		wikimedia wikidata_query_gui ui/ResultView.js in Wikibase Wikidata Query Service GUI before 0.3.6-SNAPSHOT 2019-11-07 allows HTML injection when reporting the number of results and number of milliseconds. NOTE: this GUI code is … CWE-79
Cross-site Scripting 		CVE-2019-19327 2024-11-21 13:34 2019-11-28 Show GitHub Exploit DB Packet Storm