Vulnerability Search Top

Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

Vulnerability Information Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":May 28, 2026, 6 p.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
204361	9.8	緊急 Network	Chef Software, Inc.	-	Chef Manage に Cookie のデシリアライズ処理に関する脆弱性	CWE-Other その他	CVE-2016-4326	2016-06-14 16:08	2016-05-17	Show	GitHub Exploit DB Packet Storm

204362	7.5	重要 Network	IDERA, Inc.	-	Uptime Infrastructure Monitor (旧称 up.time) の Linux 向けエージェントに認証欠如の問題	CWE-200 CWE-Other	CVE-2015-8268	2016-06-14 16:08	2016-05-19	Show	GitHub Exploit DB Packet Storm

204363	7.1	重要 Local	Debian Spice Project レッドハット	-	SPICE における任意のホストメモリ領域から読み書きされる脆弱性	CWE-Other その他	CVE-2016-2150	2016-06-14 16:01	2016-06-6	Show	GitHub Exploit DB Packet Storm

204364	9.8	緊急 Network	Debian Spice Project レッドハット	-	SPICE のスマートカードのインタラクションにおけるサービス運用妨害 (DoS) の脆弱性	CWE-119 バッファエラー	CVE-2016-0749	2016-06-14 16:01	2016-06-6	Show	GitHub Exploit DB Packet Storm

204365	6.1	警告 Network	VMware	-	Windows 上で稼動する VMware vCenter Server の Web Client におけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2016-2078	2016-06-14 14:18	2016-05-24	Show	GitHub Exploit DB Packet Storm

204366	8.8	重要 Network	KMC Controls	-	KMC Controls BAC-5051E デバイスのファームウェアにおけるクロスサイトリクエストフォージェリの脆弱性	CWE-352 同一生成元ポリシー違反	CVE-2016-4494	2016-06-14 14:12	2016-06-7	Show	GitHub Exploit DB Packet Storm

204367	7.5	重要 Network	ClamAV シスコシステムズ	-	Cisco E メールセキュリティアプライアンスおよび Web セキュリティアプライアンスデバイスで使用される ClamAV におけるサービス運用妨害 (DoS) の脆弱性	CWE-119 バッファエラー	CVE-2016-1405	2016-06-14 14:05	2016-05-31	Show	GitHub Exploit DB Packet Storm

204368	7.5	重要 Network	シスコシステムズ	-	Cisco IP Phone 8800 デバイスの Web アプリケーションにおけるサービス運用妨害 (DoS) の脆弱性	CWE-119 バッファエラー	CVE-2016-1421	2016-06-14 13:55	2016-06-9	Show	GitHub Exploit DB Packet Storm

204369	7.8	重要 Local	シスコシステムズ	-	Cisco Application Policy Infrastructure Controller デバイスのソフトウェアにおける root アクセス権を取得される脆弱性	CWE-noinfo 情報不足	CVE-2016-1420	2016-06-14 13:55	2016-06-9	Show	GitHub Exploit DB Packet Storm

204370	9.8	緊急 Network	GNU Project openSUSE project	-	GNU C Library の sunrpc/clnt_udp.c の clntudp_call 関数におけるスタックベースのバッファオーバーフローの脆弱性	CWE-20 不適切な入力確認	CVE-2016-4429	2016-06-14 12:23	2016-05-23	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:May 28, 2026, 4:16 a.m.

No	CVSS	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
352561	-	jetty	jetty	Directory traversal vulnerability in jetty 6.0.x (jetty6) beta16 allows remote attackers to read arbitrary files via a %2e%2e%5c (encoded ../) in the URL. NOTE: this might be the same issue as CVE-2…	CWE-22 Path Traversal	CVE-2006-2758	2008-09-6 06:05	2006-06-2	Show	GitHub Exploit DB Packet Storm

352562	-	jetty	jetty	jetty 6.0.x (jetty6) beta16 allows remote attackers to read arbitrary script source code via a capital P in the .jsp extension, and probably other mixed case manipulations.	NVD-CWE-Other	CVE-2006-2759	2008-09-6 06:05	2006-06-2	Show	GitHub Exploit DB Packet Storm

352563	-	xiti	xiti_tracking_script	Multiple cross-site scripting (XSS) vulnerabilities in XiTi Tracking Script 6 and 7 RC allow remote attackers to inject arbitrary web script or HTML via (1) the xtref parameter in xiti.js and (2) an …	NVD-CWE-Other	CVE-2006-2795	2008-09-6 06:05	2006-06-3	Show	GitHub Exploit DB Packet Storm

352564	-	jelsoft	vbulletin	SQL injection vulnerability in VBulletin 3.0.10 allows remote attackers to execute arbitrary SQL commands via the featureid parameter.	NVD-CWE-Other	CVE-2006-2805	2008-09-6 06:05	2006-06-3	Show	GitHub Exploit DB Packet Storm

352565	-	visiongate	visiongate_portal_system	Cross-site scripting (XSS) vulnerability in Print.PHP in VisionGate Portal System allows remote attackers to inject arbitrary web script or HTML via unspecified parameters. NOTE: The provenance of t…	NVD-CWE-Other	CVE-2006-2846	2008-09-6 06:05	2006-06-7	Show	GitHub Exploit DB Packet Storm

352566	-	skoom	i.list	Cross-site scripting (XSS) vulnerability in i.List 1.5 beta and earlier allows remote attackers to inject arbitrary web script or HTML via the banurl parameter to add.php. NOTE: the provenance of th…	NVD-CWE-Other	CVE-2006-2957	2008-09-6 06:05	2006-06-13	Show	GitHub Exploit DB Packet Storm

352567	-	arantius	vice_stats	SQL injection vulnerability in vs_search.php in Arantius Vice Stats before 1.0.1 allows remote attackers to execute arbitrary SQL commands via unknown vectors, a different issue than CVE-2006-2972.	NVD-CWE-Other	CVE-2006-2981	2008-09-6 06:05	2006-06-13	Show	GitHub Exploit DB Packet Storm

352568	-	vizra	vizra	Cross-site scripting (XSS) vulnerability in a_login.php in Vizra allows remote attackers to inject arbitrary web script or HTML via the message parameter.	NVD-CWE-Other	CVE-2006-2365	2008-09-6 06:04	2006-05-16	Show	GitHub Exploit DB Packet Storm

352569	-	unclassified_newsboard	unclassified_newsboard	Directory traversal vulnerability in bb_lib/abbc.css.php in Unclassified NewsBoard (UNB) 1.5.3-d and possibly earlier versions, when register_globals is enabled, allows remote attackers to include ar…	NVD-CWE-Other	CVE-2006-2406	2008-09-6 06:04	2006-05-16	Show	GitHub Exploit DB Packet Storm

352570	-	pioneers	pioneers_meta-server	Pioneers meta-server before 0.9.55, when the server-console is not installed, allows remote attackers to cause a denial of service (crash) via certain requests from an older gnocatan client to create…	NVD-CWE-Other	CVE-2006-2441	2008-09-6 06:04	2006-05-18	Show	GitHub Exploit DB Packet Storm