Vulnerability Search Top

Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

Vulnerability Information Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":May 15, 2026, 2:01 p.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
197121	7.5	重要 Network	WSO2	-	WSO2 Identity Server の XACML フロー機能における XML 外部エンティティの脆弱性	CWE-611 XML 外部エンティティ参照の不適切な制限	CVE-2016-4312	2017-03-7 16:17	2016-08-12	Show	GitHub Exploit DB Packet Storm

197122	8.8	重要 Network	WSO2	-	WSO2 Identity Server の XACML フロー機能におけるクロスサイトリクエストフォージェリの脆弱性	CWE-352 同一生成元ポリシー違反	CVE-2016-4311	2017-03-7 16:17	2016-08-12	Show	GitHub Exploit DB Packet Storm

197123	9.8	緊急 Network	Zend Technologies Ltd. Fedora Project	-	Zend Framework の Zend_Db_Select の order および group メソッドにおける SQL インジェクション攻撃を実行される脆弱性	CWE-89 SQLインジェクション	CVE-2016-6233	2017-03-7 15:36	2016-07-13	Show	GitHub Exploit DB Packet Storm

197124	5.9	警告 Network	Timo Sirainen	-	Dovecot の auth コンポーネントにおけるサービス運用妨害 (DoS) の脆弱性	CWE-20 不適切な入力確認	CVE-2016-8652	2017-03-7 15:29	2016-12-3	Show	GitHub Exploit DB Packet Storm

197125	6.1	警告 Network	Kabona AB	-	Kabona AB WebDatorCentral (WDC) アプリケーションにおける脆弱性	CWE-601 オープンリダイレクト	CVE-2016-8376	2017-03-7 15:18	2016-10-13	Show	GitHub Exploit DB Packet Storm

197126	8.2	重要 Network	Kabona AB	-	Kabona AB WebDatorCentral (WDC) アプリケーションにおけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2016-8356	2017-03-7 15:18	2016-10-13	Show	GitHub Exploit DB Packet Storm

197127	9.8	緊急 Network	Algorithm	-	BINOM3 Universal Multifunctional Electric Power Quality Meter における脆弱性	CWE-798 ハードコードされた認証情報の使用	CVE-2017-5167	2017-03-7 15:15	2017-01-31	Show	GitHub Exploit DB Packet Storm

197128	9.8	緊急 Network	Algorithm	-	BINOM3 Universal Multifunctional Electric Power Quality Meter におけるデバイスへのアクセス権を取得される脆弱性	CWE-200 情報漏えい	CVE-2017-5166	2017-03-7 15:15	2017-01-31	Show	GitHub Exploit DB Packet Storm

197129	7.6	重要 Network	Algorithm	-	BINOM3 Universal Multifunctional Electric Power Quality Meter におけるデバイス上で認証されていない操作を実行される脆弱性	CWE-352 同一生成元ポリシー違反	CVE-2017-5165	2017-03-7 15:15	2017-01-31	Show	GitHub Exploit DB Packet Storm

197130	6.1	警告 Network	Algorithm	-	BINOM3 Universal Multifunctional Electric Power Quality Meter におけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2017-5164	2017-03-7 15:15	2017-01-31	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:May 15, 2026, 4:28 a.m.

No	CVSS	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
350011	-	ubuntu	ubuntu_linux	passwd command in shadow in Ubuntu 5.04 through 6.06 LTS, when called with the -f, -g, or -s flag, does not check the return code of a setuid call, which might allow local users to gain root privileg…	NVD-CWE-Other	CVE-2006-3378	2008-09-6 06:06	2006-07-7	Show	GitHub Exploit DB Packet Storm

350012	-	amule	amule	Multiple unspecified vulnerabilities in aMuleWeb for AMule before 2.1.2 allow remote attackers to read arbitrary image, HTML, or PHP files via unknown vectors, probably related to directory traversal.	NVD-CWE-Other	CVE-2006-2692	2008-09-6 06:05	2006-05-31	Show	GitHub Exploit DB Packet Storm

350013	-	amule	amule	Successful exploitation requires that the full pathname of the file is known. This vulnerability is addressed in the following product release: aMule, aMule, 2.1.2	NVD-CWE-Other	CVE-2006-2692	2008-09-6 06:05	2006-05-31	Show	GitHub Exploit DB Packet Storm

350014	-	jetty	jetty	Directory traversal vulnerability in jetty 6.0.x (jetty6) beta16 allows remote attackers to read arbitrary files via a %2e%2e%5c (encoded ../) in the URL. NOTE: this might be the same issue as CVE-2…	CWE-22 Path Traversal	CVE-2006-2758	2008-09-6 06:05	2006-06-2	Show	GitHub Exploit DB Packet Storm

350015	-	jetty	jetty	jetty 6.0.x (jetty6) beta16 allows remote attackers to read arbitrary script source code via a capital P in the .jsp extension, and probably other mixed case manipulations.	NVD-CWE-Other	CVE-2006-2759	2008-09-6 06:05	2006-06-2	Show	GitHub Exploit DB Packet Storm

350016	-	xiti	xiti_tracking_script	Multiple cross-site scripting (XSS) vulnerabilities in XiTi Tracking Script 6 and 7 RC allow remote attackers to inject arbitrary web script or HTML via (1) the xtref parameter in xiti.js and (2) an …	NVD-CWE-Other	CVE-2006-2795	2008-09-6 06:05	2006-06-3	Show	GitHub Exploit DB Packet Storm

350017	-	jelsoft	vbulletin	SQL injection vulnerability in VBulletin 3.0.10 allows remote attackers to execute arbitrary SQL commands via the featureid parameter.	NVD-CWE-Other	CVE-2006-2805	2008-09-6 06:05	2006-06-3	Show	GitHub Exploit DB Packet Storm

350018	-	visiongate	visiongate_portal_system	Cross-site scripting (XSS) vulnerability in Print.PHP in VisionGate Portal System allows remote attackers to inject arbitrary web script or HTML via unspecified parameters. NOTE: The provenance of t…	NVD-CWE-Other	CVE-2006-2846	2008-09-6 06:05	2006-06-7	Show	GitHub Exploit DB Packet Storm

350019	-	skoom	i.list	Cross-site scripting (XSS) vulnerability in i.List 1.5 beta and earlier allows remote attackers to inject arbitrary web script or HTML via the banurl parameter to add.php. NOTE: the provenance of th…	NVD-CWE-Other	CVE-2006-2957	2008-09-6 06:05	2006-06-13	Show	GitHub Exploit DB Packet Storm

350020	-	arantius	vice_stats	SQL injection vulnerability in vs_search.php in Arantius Vice Stats before 1.0.1 allows remote attackers to execute arbitrary SQL commands via unknown vectors, a different issue than CVE-2006-2972.	NVD-CWE-Other	CVE-2006-2981	2008-09-6 06:05	2006-06-13	Show	GitHub Exploit DB Packet Storm