Vulnerability Search Top

Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

Vulnerability Information Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":May 12, 2026, 4:01 p.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
199801	6.1	警告 Network	defa-online-image-protector project	-	WordPress 用 defa-online-image-protector プラグインにおける反射型クロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2016-1000129	2016-10-19 16:52	2016-02-9	Show	GitHub Exploit DB Packet Storm

199802	6.1	警告 Network	anti-plagiarism project	-	WordPress 用 anti-plagiarism プラグインにおける反射型クロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2016-1000128	2016-10-19 16:52	2016-02-9	Show	GitHub Exploit DB Packet Storm

199803	6.1	警告 Network	ajax-random-post project	-	WordPress 用 ajax-random-post プラグインにおける反射型クロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2016-1000127	2016-10-19 16:52	2016-02-9	Show	GitHub Exploit DB Packet Storm

199804	6.1	警告 Network	Admin Font Editor	-	WordPress 用 Admin Font Editor プラグインにおける反射型クロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2016-1000126	2016-10-19 16:52	2016-02-9	Show	GitHub Exploit DB Packet Storm

199805	7.5	重要 Network	OpenStack	-	複数の OpenStack 製品のイメージパーサにおけるサービス運用妨害 (DoS) の脆弱性	CWE-399 リソース管理の問題	CVE-2015-5162	2016-10-19 16:26	2015-04-27	Show	GitHub Exploit DB Packet Storm

199806	7.8	重要 Local	インテル	-	Intel SSD Toolbox の updater サブシステムにおける権限を取得される脆弱性	CWE-264 認可・権限・アクセス制御	CVE-2016-8101	2016-10-19 14:19	2016-10-4	Show	GitHub Exploit DB Packet Storm

199807	5.5	警告 Local	インテル	-	Intel Integrated Performance Primitives Cryptography における RSA 秘密鍵を取得される脆弱性	CWE-200 情報漏えい	CVE-2016-8100	2016-10-19 14:19	2016-10-4	Show	GitHub Exploit DB Packet Storm

199808	7.8	重要 Local	マイクロソフト	-	Microsoft Windows 10 の Windows 診断ハブの標準コレクターサービスにおける権限昇格の脆弱性	CWE-264 認可・権限・アクセス制御	CVE-2016-7188	2016-10-18 18:11	2016-10-11	Show	GitHub Exploit DB Packet Storm

199809	9.8	緊急 Network	マイクロソフト	-	複数の Microsoft 製品の Graphics コンポーネントにおける任意のコードを実行される脆弱性	CWE-20 不適切な入力確認	CVE-2016-7182	2016-10-18 18:11	2016-10-11	Show	GitHub Exploit DB Packet Storm

199810	7.8	重要 Local	マイクロソフト	-	複数の Microsoft 製品の Graphics Device Interface における任意のコードを実行される脆弱性	CWE-264 認可・権限・アクセス制御	CVE-2016-3396	2016-10-18 18:11	2016-10-11	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:May 12, 2026, 5:06 a.m.

No	CVSS	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
346911	-	-	-	Multiple cross-site scripting (XSS) vulnerabilities in templates/notepads/notepads.inc in Horde Mnemo Note Manager H3 before 2.0.3 allow remote authenticated users to inject arbitrary web script or H…	NVD-CWE-Other	CVE-2005-4192	2011-03-8 11:27	2005-12-13	Show	GitHub Exploit DB Packet Storm

346912	-	innovateware	sights_n_sounds_streaming_media_server	Buffer overflow in MediaServerList.exe in Sights 'n Sounds Streaming Media Server 2.0.3.a allows remote attackers to cause a denial of service (application crash) via a long query string.	NVD-CWE-Other	CVE-2005-4194	2011-03-8 11:27	2005-12-13	Show	GitHub Exploit DB Packet Storm

346913	-	php_web_scripts	link_up_gold	Cross-site scripting (XSS) vulnerability in Link Up Gold 2.5 and earlier allows remote attackers to inject arbitrary web script or HTML via (1) link parameter to tell_friend.php, (2) phrase[] paramet…	NVD-CWE-Other	CVE-2005-4231	2011-03-8 11:27	2005-12-14	Show	GitHub Exploit DB Packet Storm

346914	-	powerdev	encapsgallery	SQL injection vulnerability in gallery.php in EncapsGallery 1.0.0 and earlier allows remote attackers to execute arbitrary SQL commands via the id parameter.	NVD-CWE-Other	CVE-2005-4234	2011-03-8 11:27	2005-12-14	Show	GitHub Exploit DB Packet Storm

346915	-	whmcompletesolution	whmcompletesolution	Cross-site scripting (XSS) vulnerability in knowledgebase.php in WHMCompleteSolution 2.1 and earlier allows remote attackers to inject arbitrary web script or HTML via the search parameters.	NVD-CWE-Other	CVE-2005-4235	2011-03-8 11:27	2005-12-14	Show	GitHub Exploit DB Packet Storm

346916	-	cartkeeper	ckgold_shopping_cart	Cross-site scripting (XSS) vulnerability in search.php in CKGOLD allows remote attackers to inject arbitrary web script or HTML via the search parameters.	NVD-CWE-Other	CVE-2005-4236	2011-03-8 11:27	2005-12-14	Show	GitHub Exploit DB Packet Storm

346917	-	servers-r-us	mysqlauction	Cross-site scripting (XSS) vulnerability in MySQL Auction 3.0 and earlier allows remote attackers to inject arbitrary web script or HTML via unspecified search module parameters, possibly the keyword…	NVD-CWE-Other	CVE-2005-4237	2011-03-8 11:27	2005-12-14	Show	GitHub Exploit DB Packet Storm

346918	-	mantis	mantis	Cross-site scripting (XSS) vulnerability in view_filters_page.php in Mantis 1.0.0rc3 and earlier allows remote attackers to inject arbitrary web script or HTML via the target_field parameter.	NVD-CWE-Other	CVE-2005-4238	2011-03-8 11:27	2005-12-14	Show	GitHub Exploit DB Packet Storm

346919	-	php_jackknife	php_jackknife	Cross-site scripting (XSS) vulnerability in Search/DisplayResults.php in PHP JackKnife 2.21 and earlier allows remote attackers to inject arbitrary web script or HTML via URL-encoded values in the sK…	NVD-CWE-Other	CVE-2005-4239	2011-03-8 11:27	2005-12-14	Show	GitHub Exploit DB Packet Storm

346920	-	vcd-db	vcd-db	Cross-site scripting (XSS) vulnerability in the category page in VCD-db 0.98 and earlier allows remote attackers to inject arbitrary web script or HTML via the batch parameter.	NVD-CWE-Other	CVE-2005-4241	2011-03-8 11:27	2005-12-14	Show	GitHub Exploit DB Packet Storm