Vulnerability Search Top
Show Search Menu
|
You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database). |
JVN Vulnerability Information
Update Date":June 30, 2026, 6 p.m.
| No | CVSS | Level Attach Vector |
Vendor Name | Project Name | Title | CWE | CVE | Update Date | Publication Date | Impact Show |
Exploit PoC Search |
|---|---|---|---|---|---|---|---|---|---|---|---|
| 250491 | 4.3 | 警告 | バッファロー | - | Buffalo AirStation WHR-G54S のデバイス管理インターフェースにおけるクロスサイトリクエストフォージェリの脆弱性 |
CWE-352
同一生成元ポリシー違反 |
CVE-2007-4822 | 2012-06-26 15:54 | 2007-09-11 | Show | GitHub Exploit DB Packet Storm |
| 250492 | 9.3 | 危険 | EdrawSoft | - | EDraw Office Viewer コンポーネントの officeviewer.ocx におけるバッファオーバーフローの脆弱性 |
CWE-119
バッファエラー |
CVE-2007-4821 | 2012-06-26 15:54 | 2007-09-11 | Show | GitHub Exploit DB Packet Storm |
| 250493 | 7.5 | 危険 | detodas | - | Joomla! 用の Restaurante コンポーネントにおける PHP リモートファイルインクルージョンの脆弱性 |
CWE-94
コード・インジェクション |
CVE-2007-4817 | 2012-06-26 15:54 | 2007-09-11 | Show | GitHub Exploit DB Packet Storm |
| 250494 | 7.5 | 危険 | baofeng | - | Mps.dll の BaoFeng2 storm ActiveX コントロールにおけるバッファオーバーフローの脆弱性 |
CWE-119
バッファエラー |
CVE-2007-4816 | 2012-06-26 15:54 | 2007-09-11 | Show | GitHub Exploit DB Packet Storm |
| 250495 | 4.3 | 警告 | domino blogsphere | - | Domino Blogsphere におけるクロスサイトスクリプティングの脆弱性 |
CWE-79
クロスサイト・スクリプティング(XSS) |
CVE-2007-4813 | 2012-06-26 15:54 | 2007-09-11 | Show | GitHub Exploit DB Packet Storm |
| 250496 | 7.5 | 危険 | focus-sis | - | Focus/SIS における PHP リモートファイルインクルージョンの脆弱性 |
CWE-94
コード・インジェクション |
CVE-2007-4807 | 2012-06-26 15:54 | 2007-09-11 | Show | GitHub Exploit DB Packet Storm |
| 250497 | 7.5 | 危険 | focus-sis | - | Focus/SIS の modules/Discipline/CategoryBreakdownTime.php における PHP リモートファイルインクルージョンの脆弱性 |
CWE-94
コード・インジェクション |
CVE-2007-4806 | 2012-06-26 15:54 | 2007-09-11 | Show | GitHub Exploit DB Packet Storm |
| 250498 | 7.5 | 危険 | fuzzylime | - | fuzzylime (cms) の getgalldata.php におけるディレクトリトラバーサルの脆弱性 |
CWE-22
パス・トラバーサル |
CVE-2007-4805 | 2012-06-26 15:54 | 2007-09-11 | Show | GitHub Exploit DB Packet Storm |
| 250499 | 7.5 | 危険 | AuraCMS | - | AuraCMS における SQL インジェクションの脆弱性 |
CWE-89
SQLインジェクション |
CVE-2007-4804 | 2012-06-26 15:54 | 2007-09-11 | Show | GitHub Exploit DB Packet Storm |
| 250500 | 6.8 | 警告 | Atomix Productions | - | AtomixMP3 におけるバッファオーバーフローの脆弱性 |
CWE-119
バッファエラー |
CVE-2007-4803 | 2012-06-26 15:54 | 2007-09-11 | Show | GitHub Exploit DB Packet Storm |
NVD Vulnerability Information
Update Date:June 30, 2026, 4:22 a.m.
| No | CVSS | Level Attach Vector |
Vendor Name | Project Name | Title | CWE | CVE | Update Date | Publication Date | Show Affected | Exploit PoC Search |
|---|---|---|---|---|---|---|---|---|---|---|---|
| 247251 | 9.8 |
CRITICAL
Network |
microfocus | solutions_business_manager | Unauthenticated remote code execution issue in Micro Focus Solutions Business Manager (SBM) (formerly Serena Business Manager (SBM)) versions prior to 11.5. |
CWE-94
Code Injection |
CVE-2018-19641 | 2024-11-21 12:58 | 2019-03-28 | Show | GitHub Exploit DB Packet Storm |
| 247252 | 7.5 |
HIGH
Network |
gitlab | gitlab | GitLab CE/EE before 11.3.12, 11.4.x before 11.4.10, and 11.5.x before 11.5.3 allows Directory Traversal in Templates API. |
CWE-22
Path Traversal |
CVE-2018-19856 | 2024-11-21 12:58 | 2019-03-27 | Show | GitHub Exploit DB Packet Storm |
| 247253 | 4.6 |
MEDIUM
Physics |
linux debian netapp |
linux_kernel debian_linux element_software_management_node active_iq_performance_analytics_services |
The function hso_get_config_data in drivers/net/usb/hso.c in the Linux kernel through 4.19.8 reads if_num from the USB device (as a u8) and uses it to index a small array, resulting in an object out-… |
CWE-125
Out-of-bounds Read |
CVE-2018-19985 | 2024-11-21 12:58 | 2019-03-22 | Show | GitHub Exploit DB Packet Storm |
| 247254 | 4.8 |
MEDIUM
Network |
solarwinds | serv-u_ftp_server | SolarWinds Serv-U FTP Server 15.1.6.25 has reflected cross-site scripting (XSS) in the Web management interface via URL path and HTTP POST parameter. |
CWE-79
Cross-site Scripting |
CVE-2018-19934 | 2024-11-21 12:58 | 2019-03-22 | Show | GitHub Exploit DB Packet Storm |
| 247255 | 6.1 |
MEDIUM
Network |
microweber | microweber | Microweber 1.0.8 has reflected cross-site scripting (XSS) vulnerabilities. |
CWE-79
Cross-site Scripting |
CVE-2018-19917 | 2024-11-21 12:58 | 2019-03-22 | Show | GitHub Exploit DB Packet Storm |
| 247256 | 5.5 |
MEDIUM
Local |
qt opensuse fedoraproject |
qt leap fedora |
An issue was discovered in Qt 5.11. A malformed PPM image causes a division by zero and a crash in qppmhandler.cpp. |
CWE-369
Divide By Zero |
CVE-2018-19872 | 2024-11-21 12:58 | 2019-03-22 | Show | GitHub Exploit DB Packet Storm |
| 247257 | 9.8 |
CRITICAL
Network |
kentix | multisensor-lan_firmware | Kentix MultiSensor-LAN 5.63.00 devices and previous allow Authentication Bypass via an Alternate Path or Channel. |
CWE-287
Improper Authentication |
CVE-2018-19783 | 2024-11-21 12:58 | 2019-03-22 | Show | GitHub Exploit DB Packet Storm |
| 247258 | 6.1 |
MEDIUM
Network |
hms-networks |
netbiter_ws100_firmware netbiter_ws200_firmware netbiter_ec150_firmware netbiter_ec250_firmware netbiter_lc310_firmware netbiter_lc310_thingworx_firmware netbiter_lc350_firmware … |
HMS Industrial Networks Netbiter WS100 3.30.5 devices and previous have reflected XSS in the login form. |
CWE-79
Cross-site Scripting |
CVE-2018-19694 | 2024-11-21 12:58 | 2019-03-22 | Show | GitHub Exploit DB Packet Storm |
| 247259 | 6.1 |
MEDIUM
Network |
systrome |
cumilon_isg-600c_firmware cumilon_isg-600h_firmware cumilon_isg-800w_firmware |
An issue was discovered on Systrome ISG-600C, ISG-600H, and ISG-800W 1.1-R2.1_TRUNK-20180914.bin devices. There is CSRF via /ui/?g=obj_keywords_add and /ui/?g=obj_keywords_addsave with resultant XSS … |
CWE-352 CWE-79 Origin Validation Error Cross-site Scripting |
CVE-2018-19525 | 2024-11-21 12:58 | 2019-03-22 | Show | GitHub Exploit DB Packet Storm |
| 247260 | 9.8 |
CRITICAL
Network |
skyworthdigital |
dt740_firmware dt721-cb_firmware dt741-cb_firmware |
An issue was discovered on Shenzhen Skyworth DT741 Converged Intelligent Terminal (G/EPON+IPTV) SDOTBGN1, DT721-cb SDOTBGN1, and DT741-cb SDOTBGN1 devices. A long password to the Web_passwd function … |
CWE-20
Improper Input Validation |
CVE-2018-19524 | 2024-11-21 12:58 | 2019-03-22 | Show | GitHub Exploit DB Packet Storm |