Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":July 1, 2026, 4:01 p.m.

No CVSS Level
Attach Vector
Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show
Exploit
PoC
Search
251491 7.5 危険 grafxsoftware - CWB PRO における PHP リモートファイルインクルーションの脆弱性 - CVE-2007-1809 2012-06-26 15:46 2007-04-2 Show GitHub Exploit DB Packet Storm
251492 7.5 危険 camportail - Camportail の show.php における SQL インジェクションの脆弱性 - CVE-2007-1808 2012-06-26 15:46 2007-04-2 Show GitHub Exploit DB Packet Storm
251493 7.5 危険 シスコシステムズ - Cisco Secure ACS におけるネットワークアクセス権を取得される脆弱性 - CVE-2007-1800 2012-06-26 15:46 2007-03-30 Show GitHub Exploit DB Packet Storm
251494 7.5 危険 alexscriptengine - Picture-Engine の wall.php における SQL インジェクションの脆弱性 - CVE-2007-1791 2012-06-26 15:46 2007-03-31 Show GitHub Exploit DB Packet Storm
251495 6.8 警告 Flyspray - Flyspray における重要な情報 (プライベートプロジェクトの概要) を取得される脆弱性 - CVE-2007-1789 2012-06-26 15:46 2007-03-31 Show GitHub Exploit DB Packet Storm
251496 6.8 警告 Flyspray - Flyspray における認証を回避される脆弱性 - CVE-2007-1788 2012-06-26 15:46 2007-03-16 Show GitHub Exploit DB Packet Storm
251497 7.1 危険 CA Technologies - CA BrightStor ARCserve Backup の RPC サービスにおける任意のコードを実行される脆弱性 - CVE-2007-1785 2012-06-26 15:46 2007-03-30 Show GitHub Exploit DB Packet Storm
251498 7.5 危険 advanced website creator - AWC の MySQL バックエンドにおける SQL インジェクションの脆弱性 - CVE-2007-1779 2012-06-26 15:46 2007-03-29 Show GitHub Exploit DB Packet Storm
251499 10 危険 eve-nuke - PHP-Nuke のEN-Forums モジュールにおける PHP リモートファイルインクルージョンの脆弱性 - CVE-2007-1778 2012-06-26 15:46 2007-03-29 Show GitHub Exploit DB Packet Storm
251500 6.8 警告 designforjoomla - Joomla! 用の DesignForJoomla.com D4J eZine コンポーネントの index.php における SQL インジェクションの脆弱性 CWE-89
SQLインジェクション
CVE-2007-1776 2012-06-26 15:46 2007-03-29 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:July 1, 2026, 4:27 a.m.

No CVSS Level
Attach Vector
Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
247811 4.8 MEDIUM
Network
phome empirecms admin\db\DoSql.php in EmpireCMS through 7.5 allows XSS via crafted SQL syntax to admin/admin.php. CWE-79
Cross-site Scripting
CVE-2018-19461 2024-11-21 12:57 2019-06-8 Show GitHub Exploit DB Packet Storm
247812 7.8 HIGH
Local
foxitsoftware foxit_pdf_sdk_activex A use after free in the TextBox field Mouse Enter action in IReader_ContentProvider can occur for specially crafted PDF files in Foxit Reader SDK (ActiveX) Professional 5.4.0.1031. An attacker can le… CWE-416
 Use After Free
CVE-2018-19452 2024-11-21 12:57 2019-06-8 Show GitHub Exploit DB Packet Storm
247813 7.8 HIGH
Local
foxitsoftware foxit_pdf_sdk_activex A command injection can occur for specially crafted PDF files in Foxit Reader SDK (ActiveX) Professional 5.4.0.1031 when using the Open File action on a Field. An attacker can leverage this to gain r… CWE-77
Command Injection
CVE-2018-19451 2024-11-21 12:57 2019-06-8 Show GitHub Exploit DB Packet Storm
247814 6.1 MEDIUM
Network
mycolorway simditor Simditor through 2.3.21 allows DOM XSS via an onload attribute within a malformed SVG element. CWE-79
Cross-site Scripting
CVE-2018-19048 2024-11-21 12:57 2019-05-13 Show GitHub Exploit DB Packet Storm
247815 7.5 HIGH
Network
virginmedia hub_3.0_firmware On Virgin Media wireless router 3.0 hub devices, the web interface is vulnerable to denial of service. When POST requests are sent and keep the connection open, the router lags and becomes unusable t… CWE-400
 Uncontrolled Resource Consumption
CVE-2018-19037 2024-11-21 12:57 2019-05-13 Show GitHub Exploit DB Packet Storm
247816 7.5 HIGH
Network
wplaunchpad
opensuse
wpbackupplus
leap
The WP Backup+ (aka WPbackupplus) plugin through 2018-11-22 for WordPress allows remote attackers to obtain sensitive information from server folders and files, as demonstrated by download.sql. CWE-200
Information Exposure
CVE-2018-19456 2024-11-21 12:57 2019-05-8 Show GitHub Exploit DB Packet Storm
247817 7.0 HIGH
Local
zohocorp manageengine_admanager_plus Zoho ManageEngine ADManager Plus 6.6 Build 6657 allows local users to gain privileges (after a reboot) by placing a Trojan horse file into the permissive bin directory. CWE-732
 Incorrect Permission Assignment for Critical Resource
CVE-2018-19374 2024-11-21 12:57 2019-05-1 Show GitHub Exploit DB Packet Storm
247818 8.8 HIGH
Network
gitlab gitlab GitLab Community and Enterprise Edition 8.9 and later and before 11.5.0-rc12, 11.4.6, and 11.3.10 has Incorrect Access Control. NVD-CWE-noinfo
CVE-2018-19359 2024-11-21 12:57 2019-04-26 Show GitHub Exploit DB Packet Storm
247819 9.8 CRITICAL
Network
neatorobotics botvac_connected_firmware A Buffer Overflow in Network::AuthenticationClient::VerifySignature in /bin/astro in Neato Botvac Connected 2.2.0 allows a remote attacker to execute arbitrary code with root privileges via a crafted… CWE-119
Incorrect Access of Indexable Resource ('Range Error') 
CVE-2018-19442 2024-11-21 12:57 2019-04-26 Show GitHub Exploit DB Packet Storm
247820 6.1 MEDIUM
Network
mybb mybb A reflected XSS vulnerability in index.php in MyBB 1.8.x through 1.8.19 allows remote attackers to inject JavaScript via the 'upsetting[bburl]' parameter. CWE-79
Cross-site Scripting
CVE-2018-19202 2024-11-21 12:57 2019-04-12 Show GitHub Exploit DB Packet Storm