Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":June 6, 2026, 6 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
246541 4.3 警告 Drupal - Drupal 用の Shoutbox モジュールにおけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2007-6298 2012-06-26 15:54 2007-12-5 Show GitHub Exploit DB Packet Storm
246542 9.3 危険 Xiph.Org - FLAC libFLAC における任意のコードを実行される脆弱性 CWE-399
リソース管理の問題 		CVE-2007-6279 2012-06-26 15:54 2007-12-7 Show GitHub Exploit DB Packet Storm
246543 9.3 危険 アドビシステムズ - Adobe Form Designer および Form Client におけるバッファオーバーフローの脆弱性 CWE-119
バッファエラー 		CVE-2007-6253 2012-06-26 15:54 2008-03-11 Show GitHub Exploit DB Packet Storm
246544 9.3 危険 マイクロソフト
AOL		 - AmpX.dll で使用される AOLMediaPlaybackControl.exe におけるスタックベースのバッファオーバーフローの脆弱性 CWE-119
バッファエラー 		CVE-2007-6250 2012-06-26 15:54 2008-01-9 Show GitHub Exploit DB Packet Storm
246545 9.3 危険 Xiph.Org - FLAC libFLAC におけるクライアントに任意のファイルを強制ダウンロードされる脆弱性 CWE-20
CWE-264
CVE-2007-6278 2012-06-26 15:54 2007-12-7 Show GitHub Exploit DB Packet Storm
246546 9.3 危険 Xiph.Org - FLAC libFLAC におけるバッファオーバーフローの脆弱性 CWE-119
バッファエラー 		CVE-2007-6277 2012-06-26 15:54 2007-12-7 Show GitHub Exploit DB Packet Storm
246547 7.5 危険 bcoos - bcoos の modules/adresses/ratefile.php における SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2007-6275 2012-06-26 15:54 2007-12-7 Show GitHub Exploit DB Packet Storm
246548 4.3 警告 bcoos - bcoos の Event Calendar の modules/ecal/display.php におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2007-6274 2012-06-26 15:54 2007-12-7 Show GitHub Exploit DB Packet Storm
246549 2.1 注意 シトリックス・システムズ - Citrix EdgeSight for Presentation Server などの製品における重要な情報を取得される脆弱性 CWE-255
証明書・パスワード管理 		CVE-2007-6267 2012-06-26 15:54 2007-12-7 Show GitHub Exploit DB Packet Storm
246550 7.5 危険 bcoos - bcoos における SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2007-6266 2012-06-26 15:54 2007-12-7 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:June 6, 2026, 4:18 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
220241 5.3 MEDIUM
Network 		mailvelope mailvelope Mailvelope prior to 3.3.0 does not require user interaction to import public keys shown on web page. This functionality can be tricked to either hide a key import from the user or obscure which key w… CWE-320
 Key Management Errors 		CVE-2019-9150 2024-11-21 13:51 2019-07-10 Show GitHub Exploit DB Packet Storm
220242 6.5 MEDIUM
Network 		mailvelope mailvelope Mailvelope prior to 3.3.0 allows private key operations without user interaction via its client-API. By modifying an URL parameter in Mailvelope, an attacker is able to sign (and encrypt) arbitrary m… CWE-347
CWE-863
 Improper Verification of Cryptographic Signature
 Incorrect Authorization 		CVE-2019-9149 2024-11-21 13:51 2019-07-10 Show GitHub Exploit DB Packet Storm
220243 4.3 MEDIUM
Network 		mailvelope mailvelope Mailvelope prior to 3.3.0 accepts or operates with invalid PGP public keys: Mailvelope allows importing keys that contain users without a valid self-certification. Keys that are obviously invalid are… CWE-295
Improper Certificate Validation  		CVE-2019-9148 2024-11-21 13:51 2019-07-10 Show GitHub Exploit DB Packet Storm
220244 4.3 MEDIUM
Network 		mailvelope mailvelope Mailvelope prior to 3.1.0 is vulnerable to a clickjacking attack against the settings page. As the settings page is intended to be accessible from web applications, the browser's extension isolation … CWE-1021
 Improper Restriction of Rendered UI Layers or Frames 		CVE-2019-9147 2024-11-21 13:51 2019-07-10 Show GitHub Exploit DB Packet Storm
220245 9.8 CRITICAL
Network 		jetbrains intellij_idea In several JetBrains IntelliJ IDEA versions, a Spring Boot run configuration with the default setting allowed remote attackers to execute code when the configuration is running, because a JMX server … CWE-668
 Exposure of Resource to Wrong Sphere 		CVE-2019-9186 2024-11-21 13:51 2019-07-4 Show GitHub Exploit DB Packet Storm
220246 5.7 MEDIUM
Adjacent 		gemalto ezio_ds3_server Gemalto DS3 Authentication Server 2.6.1-SP01 has Broken Access Control. CWE-294
Authentication Bypass by Capture-replay  		CVE-2019-9158 2024-11-21 13:51 2019-06-6 Show GitHub Exploit DB Packet Storm
220247 5.7 MEDIUM
Adjacent 		gemalto ezio_ds3_server Gemalto DS3 Authentication Server 2.6.1-SP01 allows Local File Disclosure. CWE-22
Path Traversal 		CVE-2019-9157 2024-11-21 13:51 2019-06-6 Show GitHub Exploit DB Packet Storm
220248 8.0 HIGH
Adjacent 		gemalto ezio_ds3_server Gemalto DS3 Authentication Server 2.6.1-SP01 allows OS Command Injection. CWE-78
OS Command  		CVE-2019-9156 2024-11-21 13:51 2019-06-6 Show GitHub Exploit DB Packet Storm
220249 8.8 HIGH
Network 		primasystems flexair Prima Systems FlexAir, Versions 2.4.9api3 and prior. The application allows the upload of arbitrary Python scripts when configuring the main central controller. These scripts can be immediately execu… CWE-434
 Unrestricted Upload of File with Dangerous Type  		CVE-2019-9189 2024-11-21 13:51 2019-06-6 Show GitHub Exploit DB Packet Storm
220250 7.5 HIGH
Network 		ikiwiki ikiwiki ikiwiki before 3.20170111.1 and 3.2018x and 3.2019x before 3.20190228 allows SSRF via the aggregate plugin. The impact also includes reading local files via file: URIs. CWE-918
Server-Side Request Forgery (SSRF)  		CVE-2019-9187 2024-11-21 13:51 2019-06-6 Show GitHub Exploit DB Packet Storm