Vulnerability Search Top

Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

Vulnerability Information Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":June 30, 2026, 6 p.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
206811	7.8	重要 Local	マイクロソフト	-	Microsoft Windows 10 における管理者のアクセス権を取得される脆弱性	CWE-264 認可・権限・アクセス制御	CVE-2016-3346	2016-09-15 15:29	2016-09-13	Show	GitHub Exploit DB Packet Storm

206812	7.8	重要 Local	マイクロソフト	-	Microsoft Windows 10 の Graphics Device Interface における任意のコードを実行される脆弱性	CWE-119 バッファエラー	CVE-2016-3356	2016-09-15 13:42	2016-09-13	Show	GitHub Exploit DB Packet Storm

206813	7.8	重要 Local	マイクロソフト	-	複数の Microsoft Windows 製品の Graphics Device Interface における権限昇格の脆弱性	CWE-264 認可・権限・アクセス制御	CVE-2016-3355	2016-09-15 13:42	2016-09-13	Show	GitHub Exploit DB Packet Storm

206814	3.3	低 Local	マイクロソフト	-	複数の Microsoft Windows 製品の Graphics Device Interface における ASLR 保護メカニズムを回避される脆弱性	CWE-Other その他	CVE-2016-3354	2016-09-15 13:42	2016-09-13	Show	GitHub Exploit DB Packet Storm

206815	7.8	重要 Local	マイクロソフト	-	複数の Microsoft Windows 製品のカーネルモードドライバにおける権限昇格の脆弱性	CWE-264 認可・権限・アクセス制御	CVE-2016-3349	2016-09-15 13:42	2016-09-13	Show	GitHub Exploit DB Packet Storm

206816	7.8	重要 Local	マイクロソフト	-	複数の Microsoft Windows 製品のカーネルモードドライバにおける権限昇格の脆弱性	CWE-264 認可・権限・アクセス制御	CVE-2016-3348	2016-09-15 13:42	2016-09-13	Show	GitHub Exploit DB Packet Storm

206817	7.5	重要 Network	マイクロソフト	-	Microsoft Edge の Chakra JavaScript エンジンにおける任意のコードを実行される脆弱性	CWE-119 バッファエラー	CVE-2016-3377	2016-09-15 12:30	2016-09-13	Show	GitHub Exploit DB Packet Storm

206818	7.5	重要 Network	マイクロソフト	-	Microsoft Edge の Chakra JavaScript エンジンにおける任意のコードを実行される脆弱性	CWE-119 バッファエラー	CVE-2016-3350	2016-09-15 12:30	2016-09-13	Show	GitHub Exploit DB Packet Storm

206819	7.5	重要 Network	マイクロソフト	-	Microsoft Edge における任意のコードを実行される脆弱性	CWE-119 バッファエラー	CVE-2016-3330	2016-09-15 12:30	2016-09-13	Show	GitHub Exploit DB Packet Storm

206820	7.5	重要 Network	マイクロソフト	-	Microsoft Edge における任意のコードを実行される脆弱性	CWE-119 バッファエラー	CVE-2016-3294	2016-09-15 12:30	2016-09-13	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:June 30, 2026, 4:22 a.m.

No	CVSS	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
345921	-	jetbox	jetbox_cms	Jetbox CMS allows remote attackers to obtain sensitive information via a direct request for certain files, which reveal the path in an error message.	NVD-CWE-Other	CVE-2006-4740	2018-10-18 06:39	2006-09-14	Show	GitHub Exploit DB Packet Storm

345922	-	idevspot	phplinkexchange	PHP remote file inclusion vulnerability in bits_listings.php in IDevSpot PhpLinkExchange 1.0 allows remote attackers to execute arbitrary code via the svr_rootPhpStart parameter.	NVD-CWE-Other	CVE-2006-4741	2018-10-18 06:39	2006-09-14	Show	GitHub Exploit DB Packet Storm

345923	-	idevspot	phplinkexchange	Cross-site scripting (XSS) vulnerability in user_add.php in IDevSpot PhpLinkExchange 1.0 allows remote attackers to inject arbitrary web script or HTML via the msg parameter.	NVD-CWE-Other	CVE-2006-4742	2018-10-18 06:39	2006-09-14	Show	GitHub Exploit DB Packet Storm

345924	-	wordpress	wordpress	WordPress 2.0.2 through 2.0.5 allows remote attackers to obtain sensitive information via a direct request for (1) 404.php, (2) akismet.php, (3) archive.php, (4) archives.php, (5) attachment.php, (6)…	NVD-CWE-Other	CVE-2006-4743	2018-10-18 06:39	2006-09-14	Show	GitHub Exploit DB Packet Storm

345925	-	abidia	abidia_wireless o-anywhere	Abidia (1) O-Anywhere and (2) Abidia Wireless transmit authentication credentials in cleartext, which allows remote attackers to obtain sensitive information by sniffing.	NVD-CWE-Other	CVE-2006-4744	2018-10-18 06:39	2006-09-14	Show	GitHub Exploit DB Packet Storm

345926	-	scarybear	pocketexpense_pro	ScaryBear PocketExpense Pro 3.9.1 uses an internally recorded key to protect a data file whose contents are stored in plaintext, which allows local users to disable authentication and access the file…	NVD-CWE-Other	CVE-2006-4745	2018-10-18 06:39	2006-09-14	Show	GitHub Exploit DB Packet Storm

345927	-	comscripts	web_server_creator	PHP remote file inclusion vulnerability in news/include/customize.php in Web Server Creator 0.1 allows remote attackers to execute arbitrary PHP code via a URL in the l parameter.	NVD-CWE-Other	CVE-2006-4746	2018-10-18 06:39	2006-09-14	Show	GitHub Exploit DB Packet Storm

345928	-	idevspot	textads	Multiple cross-site scripting (XSS) vulnerabilities in IdevSpot TextAds allow remote attackers to inject arbitrary web script or HTML via (1) the id parameter in delete.php and (2) the error paramete…	NVD-CWE-Other	CVE-2006-4747	2018-10-18 06:39	2006-09-14	Show	GitHub Exploit DB Packet Storm

345929	-	f-art_agency	blog_cms	Multiple SQL injection vulnerabilities in F-ART BLOG:CMS 4.1 allow remote attackers to execute arbitrary SQL commands via the (1) xagent, (2) xpath, (3) xreferer, and (4) xdns parameters in (a) admin…	NVD-CWE-Other	CVE-2006-4748	2018-10-18 06:39	2006-09-14	Show	GitHub Exploit DB Packet Storm

345930	-	bugada_andrea	php_advanced_transfer_manager	Multiple PHP remote file inclusion vulnerabilities in PHP Advanced Transfer Manager (phpATM) 1.20 allow remote attackers to execute arbitrary PHP code via the include_location parameter in (1) activa…	NVD-CWE-Other	CVE-2006-4749	2018-10-18 06:39	2006-09-14	Show	GitHub Exploit DB Packet Storm