Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":May 18, 2026, 6 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
203621 7.4 重要
Network 		WordPress.org - WordPress の wp-includes/pluggable.php の wp_validate_redirect 関数におけるオープンリダイレクトの脆弱性 CWE-Other
その他 		CVE-2016-2221 2016-05-25 16:57 2016-02-2 Show GitHub Exploit DB Packet Storm
203622 6.1 警告
Network 		WordPress.org - WordPress の wp-includes/class-wp-theme.php におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2016-1564 2016-05-25 16:57 2016-01-6 Show GitHub Exploit DB Packet Storm
203623 6.1 警告
Network 		WordPress.org - WordPress の wp-includes/wp-db.php におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2015-8834 2016-05-25 16:57 2015-05-6 Show GitHub Exploit DB Packet Storm
203624 5.4 警告
Network 		WordPress.org - WordPress のユーザリストのテーブルにおけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2015-7989 2016-05-25 16:57 2015-09-15 Show GitHub Exploit DB Packet Storm
203625 4.3 警告
Network 		WordPress.org - WordPress の XMLRPC サブシステムの wp-includes/class-wp-xmlrpc-server.php の mw_editPost 関数におけるアクセス制限を回避される脆弱性 CWE-264
認可・権限・アクセス制御 		CVE-2015-5715 2016-05-25 16:57 2015-09-15 Show GitHub Exploit DB Packet Storm
203626 4.3 警告
Network 		The PHP Group
Facebook		 - PHP の ext/zip/php_zip.c および HHVM の ext/zip/ext_zip.cpp の ZipArchive::extractTo 関数におけるディレクトリトラバーサルの脆弱性 CWE-22
パス・トラバーサル 		CVE-2014-9767 2016-05-25 16:55 2014-09-10 Show GitHub Exploit DB Packet Storm
203627 9.8 緊急
Network 		The PHP Group - PHP の ext/standard/string.c の str_pad 関数における整数オーバーフローの脆弱性 CWE-189
数値処理の問題 		CVE-2016-4346 2016-05-25 16:28 2016-03-3 Show GitHub Exploit DB Packet Storm
203628 9.8 緊急
Network 		The PHP Group - PHP の ext/filter/sanitizing_filters.c の php_filter_encode_url 関数における整数オーバーフローの脆弱性 CWE-189
数値処理の問題 		CVE-2016-4345 2016-05-25 16:28 2016-03-3 Show GitHub Exploit DB Packet Storm
203629 9.8 緊急
Network 		The PHP Group - PHP の ext/xml/xml.c の xml_utf8_encode 関数における整数オーバーフローの脆弱性 CWE-189
数値処理の問題 		CVE-2016-4344 2016-05-25 16:28 2016-03-3 Show GitHub Exploit DB Packet Storm
203630 9.8 緊急
Network 		The PHP Group - PHP のフォーマットプリンタにおけるメモリ二重解放の脆弱性 CWE-Other
その他 		CVE-2015-8880 2016-05-25 16:28 2015-12-17 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:May 18, 2026, 4:12 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
348231 - vtiger vtiger_crm Multiple cross-site scripting (XSS) vulnerabilities in vtiger CRM 4.2.4, and possibly earlier, allow remote attackers to inject arbitrary web script or HTML via the (1) description parameter in unspe… NVD-CWE-Other
CVE-2006-4587 2011-03-8 11:41 2006-09-7 Show GitHub Exploit DB Packet Storm
348232 - vtiger vtiger_crm vtiger CRM 4.2.4, and possibly earlier, allows remote attackers to bypass authentication and access administrative modules via a direct request to index.php with a modified module parameter, as demon… NVD-CWE-Other
CVE-2006-4588 2011-03-8 11:41 2006-09-7 Show GitHub Exploit DB Packet Storm
348233 - bare_concept_media pheap_cms PHP remote file inclusion vulnerability in settings.php in Pheap 1.2, and possibly earlier, allows remote attackers to execute arbitrary PHP code via a URL in the lpref parameter. NOTE: the provenan… NVD-CWE-Other
CVE-2006-4621 2011-03-8 11:41 2006-09-7 Show GitHub Exploit DB Packet Storm
348234 - alwil avast_antivirus Heap-based buffer overflow in alwil avast! Anti-virus Engine before 4.7.869 allows remote attackers to execute arbitrary code via a crafted LHA file that contains extended headers with file and direc… NVD-CWE-Other
CVE-2006-4626 2011-03-8 11:41 2006-09-8 Show GitHub Exploit DB Packet Storm
348235 - alwil avast_antivirus This vulnerability is addressed in the following product releases: ALWIL, avast! antivirus, 4.7.869 (for Desktops) ALWIL, avast! antivirus, Server 4.7.660 (for Servers) NVD-CWE-Other
CVE-2006-4626 2011-03-8 11:41 2006-09-8 Show GitHub Exploit DB Packet Storm
348236 - uni-vert phpleague SQL injection vulnerability in consult/joueurs.php in Uni-Vert PhpLeague 0.82 and earlier allows remote attackers to execute arbitrary SQL commands via the id_joueur parameter. NOTE: the provenance … NVD-CWE-Other
CVE-2006-4643 2011-03-8 11:41 2006-09-9 Show GitHub Exploit DB Packet Storm
348237 - ibm director Multiple unspecified vulnerabilities in IBM Director before 5.10 allow remote attackers to cause a denial of service (crash) via unspecified vectors involving (1) malformed WMI CIM server requests an… NVD-CWE-Other
CVE-2006-4682 2011-03-8 11:41 2006-09-12 Show GitHub Exploit DB Packet Storm
348238 - ibm director This vulnerability is addressed in the following product release: IBM, Director, 5.10 NVD-CWE-Other
CVE-2006-4682 2011-03-8 11:41 2006-09-12 Show GitHub Exploit DB Packet Storm
348239 - ibm director IBM Director before 5.10 allows remote attackers to obtain sensitive information from HTTP headers via HTTP TRACE. NVD-CWE-Other
CVE-2006-4683 2011-03-8 11:41 2006-09-12 Show GitHub Exploit DB Packet Storm
348240 - zope zope The docutils module in Zope (Zope2) 2.7.0 through 2.7.9 and 2.8.0 through 2.8.8 does not properly handle web pages with reStructuredText (reST) markup, which allows remote attackers to read arbitrary… NVD-CWE-Other
CVE-2006-4684 2011-03-8 11:41 2006-09-20 Show GitHub Exploit DB Packet Storm