Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":June 30, 2026, 10 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
250281 7.5 危険 guanxicrm - guanxiCRM Business Solution の modules/webmail2/inc/rfc822.php における PHP リモートファイルインクルージョンの脆弱性 CWE-94
コード・インジェクション 		CVE-2007-5096 2012-06-26 15:54 2007-09-26 Show GitHub Exploit DB Packet Storm
250282 4.3 警告 EGroupware - eGroupWare におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2007-5091 2012-06-26 15:54 2007-09-26 Show GitHub Exploit DB Packet Storm
250283 6.8 警告 CA Technologies - CA BrightStor HSM における SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2007-5084 2012-06-26 15:54 2007-09-26 Show GitHub Exploit DB Packet Storm
250284 10 危険 CA Technologies - CA BrightStor HSM における整数オーバーフローの脆弱性 CWE-119
バッファエラー 		CVE-2007-5083 2012-06-26 15:54 2007-09-26 Show GitHub Exploit DB Packet Storm
250285 10 危険 CA Technologies - CA BrightStor HSM におけるスタックベースのバッファオーバーフローの脆弱性 CWE-119
バッファエラー 		CVE-2007-5082 2012-06-26 15:54 2007-09-26 Show GitHub Exploit DB Packet Storm
250286 4.3 警告 egov - eGov Manager におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2007-5078 2012-06-26 15:54 2007-10-4 Show GitHub Exploit DB Packet Storm
250287 4.3 警告 Alexander Palmo - SPHPBlog におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2007-5072 2012-06-26 15:54 2007-09-24 Show GitHub Exploit DB Packet Storm
250288 7.5 危険 Alexander Palmo - Simple PHP Blog の upload_img_cgi.php における任意のコードを実行される脆弱性 CWE-16
環境設定 		CVE-2007-5071 2012-06-26 15:54 2007-09-24 Show GitHub Exploit DB Packet Storm
250289 5 警告 adam scheinberg - Adam Scheinberg Flip におけるログイン資格情報を含むファイルをダウンロードされる脆弱性 CWE-255
証明書・パスワード管理 		CVE-2007-5063 2012-06-26 15:54 2007-09-24 Show GitHub Exploit DB Packet Storm
250290 7.5 危険 adam scheinberg - Adam Scheinberg Flip の account.php における管理者アカウントを作成される脆弱性 CWE-264
認可・権限・アクセス制御 		CVE-2007-5062 2012-06-26 15:54 2007-09-24 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:June 30, 2026, 4:22 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
247641 6.1 MEDIUM
Network 		media_file_manager_project media_file_manager The Media File Manager plugin 1.4.2 for WordPress allows XSS via the dir parameter of an mrelocator_getdir action to the wp-admin/admin-ajax.php URI. CWE-79
Cross-site Scripting 		CVE-2018-19041 2024-11-21 12:57 2019-02-1 Show GitHub Exploit DB Packet Storm
247642 5.3 MEDIUM
Network 		media_file_manager_project media_file_manager The Media File Manager plugin 1.4.2 for WordPress allows directory listing via a ../ directory traversal in the dir parameter of an mrelocator_getdir action to the wp-admin/admin-ajax.php URI. CWE-22
Path Traversal 		CVE-2018-19040 2024-11-21 12:57 2019-02-1 Show GitHub Exploit DB Packet Storm
247643 7.8 HIGH
Local 		omron cx-protocol
cx-one 		Three type confusion vulnerabilities exist in CX-One Versions 4.50 and prior and CX-Protocol Versions 2.0 and prior when processing project files. An attacker could use a specially crafted project fi… CWE-704
 Incorrect Type Conversion or Cast 		CVE-2018-19027 2024-11-21 12:57 2019-01-31 Show GitHub Exploit DB Packet Storm
247644 5.3 MEDIUM
Network 		arm trusted_firmware-a ARM Trusted Firmware-A allows information disclosure. CWE-200
Information Exposure 		CVE-2018-19440 2024-11-21 12:57 2019-01-31 Show GitHub Exploit DB Packet Storm
247645 6.5 MEDIUM
Adjacent 		draeger kappa_firmware
infinity_explorer_c700_firmware
delta_xl_firmware
infinity_delta_firmware 		Drager Infinity Delta, Infinity Delta, all versions, Delta XL, all versions, Kappa, all version, and Infinity Explorer C700, all versions. Log files are accessible over an unauthenticated network con… CWE-532
 Inclusion of Sensitive Information in Log Files 		CVE-2018-19014 2024-11-21 12:57 2019-01-29 Show GitHub Exploit DB Packet Storm
247646 6.5 MEDIUM
Adjacent 		draeger kappa_firmware
infinity_explorer_c700_firmware
delta_xl_firmware
infinity_delta_firmware 		Drager Infinity Delta, Infinity Delta, all versions, Delta XL, all versions, Kappa, all version, and Infinity Explorer C700, all versions. A malformed network packet may cause the monitor to reboot. … CWE-20
 Improper Input Validation  		CVE-2018-19010 2024-11-21 12:57 2019-01-29 Show GitHub Exploit DB Packet Storm
247647 7.8 HIGH
Local 		draeger kappa_firmware
infinity_explorer_c700_firmware
delta_xl_firmware
infinity_delta_firmware 		Drager Infinity Delta, Infinity Delta, all versions, Delta XL, all versions, Kappa, all version, and Infinity Explorer C700, all versions. Via a specific dialog it is possible to break out of the kio… NVD-CWE-noinfo
CVE-2018-19012 2024-11-21 12:57 2019-01-29 Show GitHub Exploit DB Packet Storm
247648 7.3 HIGH
Local 		omron cx-supervisor An attacker could inject commands to launch programs and create, write, and read files on CX-Supervisor (Versions 3.42 and prior) through a specially crafted project file. An attacker could exploit t… CWE-78
OS Command  		CVE-2018-19015 2024-11-21 12:57 2019-01-29 Show GitHub Exploit DB Packet Storm
247649 8.8 HIGH
Adjacent 		hetronic nova-m_firmware
es-can-hl_firmware
bms-hl_firmware
mlc_firmware
dc_mobile_firmware 		Hetronic Nova-M prior to verson r161 uses fixed codes that are reproducible by sniffing and re-transmission. This can lead to unauthorized replay of a command, spoofing of an arbitrary message, or ke… CWE-287
Improper Authentication 		CVE-2018-19023 2024-11-21 12:57 2019-01-26 Show GitHub Exploit DB Packet Storm
247650 6.5 MEDIUM
Adjacent 		emerson deltav A specially crafted script could bypass the authentication of a maintenance port of Emerson DeltaV DCS Versions 11.3.1, 11.3.2, 12.3.1, 13.3.1, 14.3, R5.1, R6 and prior, which may allow an attacker t… CWE-307
mproper Restriction of Excessive Authentication Attempts 		CVE-2018-19021 2024-11-21 12:57 2019-01-26 Show GitHub Exploit DB Packet Storm