Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":July 1, 2026, 6 p.m.

No CVSS Level
Attach Vector
Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show
Exploit
PoC
Search
208941 6.1 警告
Network
John Dyer
WordPress.org
- WordPress で使用される MediaElement.js の flash/FlashMediaElement.as におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS)
CVE-2016-4567 2016-05-25 16:57 2016-05-5 Show GitHub Exploit DB Packet Storm
208942 6.1 警告
Network
WordPress.org
Moxiecode Systems
- WordPress で使用される Plupload の plupload.flash.swf におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS)
CVE-2016-4566 2016-05-25 16:57 2016-05-15 Show GitHub Exploit DB Packet Storm
208943 8.6 重要
Network
WordPress.org - WordPress の wp-includes/http.php の wp_http_validate_url 関数におけるサーバサイドのリクエストフォージェリ攻撃を実行される脆弱性 CWE-Other
その他
CVE-2016-2222 2016-05-25 16:57 2016-02-2 Show GitHub Exploit DB Packet Storm
208944 7.4 重要
Network
WordPress.org - WordPress の wp-includes/pluggable.php の wp_validate_redirect 関数におけるオープンリダイレクトの脆弱性 CWE-Other
その他
CVE-2016-2221 2016-05-25 16:57 2016-02-2 Show GitHub Exploit DB Packet Storm
208945 6.1 警告
Network
WordPress.org - WordPress の wp-includes/class-wp-theme.php におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS)
CVE-2016-1564 2016-05-25 16:57 2016-01-6 Show GitHub Exploit DB Packet Storm
208946 6.1 警告
Network
WordPress.org - WordPress の wp-includes/wp-db.php におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS)
CVE-2015-8834 2016-05-25 16:57 2015-05-6 Show GitHub Exploit DB Packet Storm
208947 5.4 警告
Network
WordPress.org - WordPress のユーザリストのテーブルにおけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS)
CVE-2015-7989 2016-05-25 16:57 2015-09-15 Show GitHub Exploit DB Packet Storm
208948 4.3 警告
Network
WordPress.org - WordPress の XMLRPC サブシステムの wp-includes/class-wp-xmlrpc-server.php の mw_editPost 関数におけるアクセス制限を回避される脆弱性 CWE-264
認可・権限・アクセス制御
CVE-2015-5715 2016-05-25 16:57 2015-09-15 Show GitHub Exploit DB Packet Storm
208949 4.3 警告
Network
The PHP Group
Facebook
- PHP の ext/zip/php_zip.c および HHVM の ext/zip/ext_zip.cpp の ZipArchive::extractTo 関数におけるディレクトリトラバーサルの脆弱性 CWE-22
パス・トラバーサル
CVE-2014-9767 2016-05-25 16:55 2014-09-10 Show GitHub Exploit DB Packet Storm
208950 9.8 緊急
Network
The PHP Group - PHP の ext/standard/string.c の str_pad 関数における整数オーバーフローの脆弱性 CWE-189
数値処理の問題
CVE-2016-4346 2016-05-25 16:28 2016-03-3 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:July 1, 2026, 4:27 a.m.

No CVSS Level
Attach Vector
Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
345571 - mozilla
canonical
firefox
mozilla_suite
seamonkey
thunderbird
ubuntu_linux
Fixed in: Firefox 1.5.0.2 Firefox 1.0.8 Thunderbird 1.5.0.2 Thunderbird 1.0.8 SeaMonkey 1.0.1 Mozilla Suite 1.7.13 NVD-CWE-noinfo
CVE-2006-1728 2018-10-19 01:34 2006-04-14 Show GitHub Exploit DB Packet Storm
345572 - mozilla
canonical
firefox
mozilla_suite
seamonkey
ubuntu_linux
Mozilla Firefox 1.x before 1.5.0.2 and 1.0.x before 1.0.8, Mozilla Suite before 1.7.13, and SeaMonkey before 1.0.1 allows remote attackers to read arbitrary files by (1) inserting the target filename… CWE-20
 Improper Input Validation 
CVE-2006-1729 2018-10-19 01:34 2006-04-14 Show GitHub Exploit DB Packet Storm
345573 - mozilla
canonical
firefox
mozilla_suite
seamonkey
ubuntu_linux
Fixed in: Firefox 1.5.0.2 Firefox 1.0.8 SeaMonkey 1.0.1 Mozilla Suite 1.7.13 CWE-20
 Improper Input Validation 
CVE-2006-1729 2018-10-19 01:34 2006-04-14 Show GitHub Exploit DB Packet Storm
345574 - mozilla firefox
mozilla_suite
seamonkey
thunderbird
Integer overflow in Mozilla Firefox and Thunderbird 1.x before 1.5.0.2 and 1.0.x before 1.0.8, Mozilla Suite before 1.7.13, and SeaMonkey before 1.0.1 allows remote attackers to execute arbitrary cod… CWE-189
Numeric Errors
CVE-2006-1730 2018-10-19 01:34 2006-04-14 Show GitHub Exploit DB Packet Storm
345575 - mozilla firefox
mozilla_suite
seamonkey
thunderbird
Fixed in: Firefox 1.5.0.2 Firefox 1.0.8 Thunderbird 1.5.0.2 Thunderbird 1.0.8 SeaMonkey 1.0.1 Mozilla Suite 1.7.13 CWE-189
Numeric Errors
CVE-2006-1730 2018-10-19 01:34 2006-04-14 Show GitHub Exploit DB Packet Storm
345576 - mozilla firefox
mozilla_suite
seamonkey
thunderbird
Mozilla Firefox and Thunderbird 1.x before 1.5 and 1.0.x before 1.0.8, Mozilla Suite before 1.7.13, and SeaMonkey before 1.0 returns the Object class prototype instead of the global window object whe… CWE-79
Cross-site Scripting
CVE-2006-1731 2018-10-19 01:34 2006-04-14 Show GitHub Exploit DB Packet Storm
345577 - mozilla firefox
mozilla_suite
seamonkey
thunderbird
Fixed in: Firefox 1.5 Firefox 1.0.8 Thunderbird 1.5 Thunderbird 1.0.8 SeaMonkey 1.0 Mozilla Suite 1.7.13 CWE-79
Cross-site Scripting
CVE-2006-1731 2018-10-19 01:34 2006-04-14 Show GitHub Exploit DB Packet Storm
345578 - mozilla firefox
seamonkey
thunderbird
Unspecified vulnerability in Mozilla Firefox and Thunderbird 1.x before 1.5 and 1.0.x before 1.0.8, Mozilla Suite before 1.7.13, and SeaMonkey before 1.0 allows remote attackers to bypass same-origin… NVD-CWE-Other
CVE-2006-1732 2018-10-19 01:34 2006-04-14 Show GitHub Exploit DB Packet Storm
345579 - mozilla firefox
seamonkey
thunderbird
This vulnerability also affects Mozilla Suite before 1.7.13, and SeaMonkey before 1.0 This vulnerability is addressed in the following product releases: Mozilla, Firefox, 1.5 Mozilla, Firefox, 1.… NVD-CWE-Other
CVE-2006-1732 2018-10-19 01:34 2006-04-14 Show GitHub Exploit DB Packet Storm
345580 - x.org x11r6 Buffer overflow in the X render (Xrender) extension in X.org X server 6.8.0 up to allows attackers to cause a denial of service (crash), as demonstrated by the (1) XRenderCompositeTriStrip and (2) XR… NVD-CWE-Other
CVE-2006-1526 2018-10-19 01:33 2006-05-3 Show GitHub Exploit DB Packet Storm