Vulnerability Search Top

Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

Vulnerability Information Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":June 6, 2026, 10 a.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
204611	7.5	重要 Network	WordPress.org	-	WordPress の oEmbed プロトコルの実装におけるサービス運用妨害 (DoS) の脆弱性	CWE-noinfo 情報不足	CVE-2016-5836	2016-06-30 15:31	2016-06-21	Show	GitHub Exploit DB Packet Storm

204612	7.5	重要 Network	WordPress.org	-	WordPress における重要なリビジョン履歴情報を取得される脆弱性	CWE-200 情報漏えい	CVE-2016-5835	2016-06-30 15:31	2016-06-21	Show	GitHub Exploit DB Packet Storm

204613	6.1	警告 Network	WordPress.org	-	WordPress の wp-includes/post-template.php の wp_get_attachment_link 関数におけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2016-5834	2016-06-30 15:31	2016-06-21	Show	GitHub Exploit DB Packet Storm

204614	6.1	警告 Network	WordPress.org	-	WordPress の wp-admin/includes/class-wp-media-list-table.php の column_title 関数におけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2016-5833	2016-06-30 15:31	2016-06-21	Show	GitHub Exploit DB Packet Storm

204615	7.5	重要 Network	WordPress.org	-	WordPress のカスタマイザーにおけるリダイレクト制限を回避される脆弱性	CWE-noinfo 情報不足	CVE-2016-5832	2016-06-30 15:30	2016-06-21	Show	GitHub Exploit DB Packet Storm

204616	8.5	重要 Network	Fabrice Bellard	-	QEMU の hw/ide/ahci.c におけるサービス運用妨害 (DoS) の脆弱性	CWE-Other その他	CVE-2016-1568	2016-06-30 15:10	2016-01-11	Show	GitHub Exploit DB Packet Storm

204617	7.5	危険	アップル Google サイボウズ VMware	-	libxml2 におけるヒープベースのバッファオーバーフローの脆弱性	CWE-119 バッファエラー	CVE-2011-3919	2016-06-30 15:05	2012-01-5	Show	GitHub Exploit DB Packet Storm

204618	9.3	危険	アップル VMware xmlsoft.org オラクル	-	libxml および libxml2 の xpath.c における整数オーバーフローの脆弱性	CWE-189 数値処理の問題	CVE-2011-1944	2016-06-30 15:05	2011-09-2	Show	GitHub Exploit DB Packet Storm

204619	5	警告	サイボウズ Google VMware	-	Google Chrome などで使用される libxml2 におけるサービス運用妨害 (DoS) の脆弱性	CWE-119 バッファエラー	CVE-2011-3905	2016-06-30 15:05	2011-12-13	Show	GitHub Exploit DB Packet Storm

204620	7.5	危険	アップル Google サイボウズ	-	libxml2 におけるサービス運用妨害 (DoS) の脆弱性	CWE-399 リソース管理の問題	CVE-2011-2821	2016-06-30 15:05	2011-08-22	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:June 6, 2026, 4:18 a.m.

No	CVSS	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
348961	-	iatek	portalapp	PortalApp places user credentials under the web root with insufficient access control, which allows remote attackers to gain access to sensitive information via a direct request to 8275.mdb.	NVD-CWE-Other	CVE-2004-1786	2017-07-11 10:31	2004-01-4	Show	GitHub Exploit DB Packet Storm

348962	-	postnuke_software_foundation	postcalendar	SQL injection vulnerability in PostCalendar 4.0.0 allows remote attackers to execute arbitrary SQL commands via search queries.	NVD-CWE-Other	CVE-2004-1787	2017-07-11 10:31	2004-12-31	Show	GitHub Exploit DB Packet Storm

348963	-	zyxel	zywall10	Cross-site scripting (XSS) vulnerability in the web management interface in ZyWALL 10 4.07 allows remote attackers to inject arbitrary web script or HTML via the rpAuth_1 page.	NVD-CWE-Other	CVE-2004-1789	2017-07-11 10:31	2004-12-31	Show	GitHub Exploit DB Packet Storm

348964	-	edimax	full_rate_adsl_router	Cross-site scripting (XSS) vulnerability in the web management interface in Edimax AR-6004 ADSL Routers allows remote attackers to inject arbitrary web script or HTML via the URL.	NVD-CWE-Other	CVE-2004-1790	2017-07-11 10:31	2004-12-31	Show	GitHub Exploit DB Packet Storm

348965	-	yatsoft	switch_off	swnet.dll in YaSoft Switch Off 2.3 and earlier allows remote attackers to cause a denial of service (infinite loop) via a long packet with two CRLF sequences to the service management port (TCP 8000).	NVD-CWE-Other	CVE-2004-1792	2017-07-11 10:31	2004-12-31	Show	GitHub Exploit DB Packet Storm

348966	-	yatsoft	switch_off	Stack-based buffer overflow in swnet.dll in YaSoft Switch Off 2.3 and earlier allows remote authenticated users to execute arbitrary code via a long message parameter in a SendMsg action to action.ht…	NVD-CWE-Other	CVE-2004-1793	2017-07-11 10:31	2004-12-31	Show	GitHub Exploit DB Packet Storm

348967	-	vcard4j	vcard4j	Cross-site scripting (XSS) vulnerability in the VCard4J Toolkit allows remote attackers to inject arbitrary web script or HTML via the NICKNAME tag in a vCard.	NVD-CWE-Other	CVE-2004-1794	2017-07-11 10:31	2004-12-31	Show	GitHub Exploit DB Packet Storm

348968	-	hotnews	hotnews	PHP remote file inclusion vulnerability in HotNews 0.7.2 and earlier allows remote attackers to execute arbitrary PHP code via the (1) config[header] parameter to hotnews-engine.inc.php3 or (2) confi…	NVD-CWE-Other	CVE-2004-1796	2017-07-11 10:31	2004-12-31	Show	GitHub Exploit DB Packet Storm

348969	-	-	-	Cross-site scripting (XSS) vulnerability in search.php for FreznoShop 1.3.0 RC1 and earlier allows remote attackers to inject arbitrary web script or HTML via the search parameter.	NVD-CWE-Other	CVE-2004-1797	2017-07-11 10:31	2004-12-31	Show	GitHub Exploit DB Packet Storm

348970	-	-	-	Unknown vulnerability in Sysbotz SimpleData 4.0.1 and possibly earlier versions allows remote attackers to gain access via a crafted URL and a certain cookie.	NVD-CWE-Other	CVE-2004-1800	2017-07-11 10:31	2004-12-31	Show	GitHub Exploit DB Packet Storm