Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":June 16, 2026, 6 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
199721 6.1 警告
Network 		ViewVC
Debian
openSUSE project		 - ViewVC の lib/viewvc.py の nav_path 関数におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2017-5938 2017-04-7 18:13 2017-01-25 Show GitHub Exploit DB Packet Storm
199722 7.5 重要
Network 		The PHP Group - PHP におけるスクリプトファイルのアクセス権を無効にされる脆弱性 CWE-264
認可・権限・アクセス制御 		CVE-2015-8994 2017-04-7 18:07 2015-02-20 Show GitHub Exploit DB Packet Storm
199723 9.9 緊急
Network 		Softaculous - Softaculous Virtualizor の WHMCS Reseller モジュールにおける Virtualizor が管理する他の仮想マシンを制御される脆弱性 CWE-275
パーミッションの問題 		CVE-2017-6513 2017-04-7 17:39 2017-03-10 Show GitHub Exploit DB Packet Storm
199724 7.4 重要
Network 		シーメンス - Siemens SINUMERIK Integrate Operate Client における TLS セッションのデータを読まれる脆弱性 CWE-200
情報漏えい 		CVE-2017-2685 2017-04-7 17:23 2017-03-1 Show GitHub Exploit DB Packet Storm
199725 7.8 重要
Local 		eParaksts - eParakstitajs 3 および eParaksts Java lib における XML 外部エンティティの脆弱性 CWE-611
XML 外部エンティティ参照の不適切な制限 		CVE-2017-6055 2017-04-7 17:15 2017-01-27 Show GitHub Exploit DB Packet Storm
199726 8.9 重要
Network 		St. Jude Medical - St. Jude Medical Merlin@home における特定のエンドポイント間のコミュニケーションにアクセスされる脆弱性 CWE-284
不適切なアクセス制御 		CVE-2017-5149 2017-04-7 17:07 2017-01-9 Show GitHub Exploit DB Packet Storm
199727 5.5 警告
Local 		PoDoFo project - PoDoFo の PdfColor.cpp の PoDoFo::PdfColorGray::~PdfColorGray 関数におけるサービス運用妨害 (DoS) の脆弱性 CWE-476
NULL ポインタデリファレンス 		CVE-2017-6849 2017-04-7 16:52 2017-03-2 Show GitHub Exploit DB Packet Storm
199728 5.5 警告
Local 		PoDoFo project - PoDoFo の PdfXObject.cpp の PoDoFo::PdfXObject::PdfXObject 関数におけるサービス運用妨害 (DoS) の脆弱性 CWE-476
NULL ポインタデリファレンス 		CVE-2017-6848 2017-04-7 16:52 2017-03-2 Show GitHub Exploit DB Packet Storm
199729 5.5 警告
Local 		PoDoFo project - PoDoFo の PdfVariant.h の PoDoFo::PdfVariant::DelayedLoad 関数におけるサービス運用妨害 (DoS) の脆弱性 CWE-476
NULL ポインタデリファレンス 		CVE-2017-6847 2017-04-7 16:52 2017-03-2 Show GitHub Exploit DB Packet Storm
199730 5.5 警告
Local 		PoDoFo project - PoDoFo の graphicsstack.h の GraphicsStack::TGraphicsStackElement::SetNonStrokingColorSpace 関数におけるサービス運用妨害 (DoS) の脆弱性 CWE-476
NULL ポインタデリファレンス 		CVE-2017-6846 2017-04-7 16:52 2017-03-2 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:June 16, 2026, 4:13 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
357091 - openbsd openbsd The dupfdopen function in sys/kern/kern_descrip.c in OpenBSD 3.7 and 3.8 allows local users to re-open arbitrary files by using setuid programs to access file descriptors using /dev/fd/. NVD-CWE-Other
CVE-2006-0098 2008-09-6 05:58 2006-01-6 Show GitHub Exploit DB Packet Storm
357092 - enhanced_simple_php_gallery enhanced_simple_php_gallery Enhanced Simple PHP Gallery 1.7 allows remote attackers to obtain the full path of the application via a direct request to sp_helper_functions.php, which leaks the pathname in an error message. NVD-CWE-Other
CVE-2006-0113 2008-09-6 05:58 2006-01-7 Show GitHub Exploit DB Packet Storm
357093 - rockliffe mailsite Mail Management Agent (MAILMA) (aka Mail Management Server) in Rockliffe MailSite 7.0.3.1 and earlier allows remote attackers to attempt authentication with an unlimited number of user account names … NVD-CWE-Other
CVE-2006-0130 2008-09-6 05:58 2006-01-9 Show GitHub Exploit DB Packet Storm
357094 - amsn amsn aMSN (aka Alvaro's Messenger) allows remote attackers to cause a denial of service (client hang and termination of client's instant-messaging session) by repeatedly sending crafted data to the defaul… NVD-CWE-Other
CVE-2006-0138 2008-09-6 05:58 2006-01-9 Show GitHub Exploit DB Packet Storm
357095 - simpbook simpbook Cross-site scripting (XSS) vulnerability in SimpBook 1.0, with html_enable on (the default), allows remote attackers to inject arbitrary web script or HTML via the message field. NVD-CWE-Other
CVE-2006-0149 2008-09-6 05:58 2006-01-10 Show GitHub Exploit DB Packet Storm
357096 - reamday_enterprises magic_news_plus settings.php in Reamday Enterprises Magic News Plus 1.0.3 allows remote attackers to change the administrator password via a change action that specifies identical values for the passwd and admin_pas… NVD-CWE-Other
CVE-2006-0157 2008-09-6 05:58 2006-01-10 Show GitHub Exploit DB Packet Storm
357097 - qualityebiz quality_ppc Cross-site scripting (XSS) vulnerability in admin.php in QualityEBiz Quality PPC (QPPC) 1.0 build 1644 allows remote attackers to inject arbitrary web script or HTML via the cpage parameter. NOTE: t… NVD-CWE-Other
CVE-2006-0215 2008-09-6 05:58 2006-01-17 Show GitHub Exploit DB Packet Storm
357098 - qualityebiz quality_ppc admin.php in QualityEBiz Quality PPC (QPPC) 1.0 build 1644 allows remote attackers to obtain sensitive information, possibly the installation path of the application, via unspecified "meta characters… NVD-CWE-Other
CVE-2006-0216 2008-09-6 05:58 2006-01-17 Show GitHub Exploit DB Packet Storm
357099 - joomla joomla Multiple unspecified vulnerabilities in the (1) publishing component, (2) Contact Component, (3) TinyMCE Compressor, and (4) other components in Joomla! 1.0.5 and earlier have unknown impact and atta… NVD-CWE-Other
CVE-2006-0303 2008-09-6 05:58 2006-01-19 Show GitHub Exploit DB Packet Storm
357100 - chitta mimicboard_2 Multiple cross-site scripting (XSS) vulnerabilities in mimic2.cgi in mimicboard2 (Mimic2) 086 and earlier allow remote attackers to inject arbitrary web script or HTML via unspecified parameters asso… NVD-CWE-Other
CVE-2005-4858 2008-09-6 05:58 2005-12-31 Show GitHub Exploit DB Packet Storm