Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":July 1, 2026, 6 p.m.

No CVSS Level
Attach Vector
Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show
Exploit
PoC
Search
212331 5 警告 日立
オラクル
- Oracle Java SE および Java SE Embedded における 2D に関する脆弱性 CWE-noinfo
情報不足
CVE-2015-4840 2015-11-5 17:07 2015-10-20 Show GitHub Exploit DB Packet Storm
212332 10 危険 サン・マイクロシステムズ
日立
オラクル
- Oracle Java SE および Java SE Embedded における CORBA に関する脆弱性 CWE-noinfo
情報不足
CVE-2015-4835 2015-11-5 17:07 2015-10-20 Show GitHub Exploit DB Packet Storm
212333 6.4 警告 サン・マイクロシステムズ
日立
オラクル
- Oracle Java SE および Java SE Embedded における Libraries に関する脆弱性 CWE-noinfo
情報不足
CVE-2015-4806 2015-11-5 17:07 2015-10-20 Show GitHub Exploit DB Packet Storm
212334 10 危険 サン・マイクロシステムズ
日立
オラクル
- Oracle Java SE および Java SE Embedded における Serialization に関する脆弱性 CWE-noinfo
情報不足
CVE-2015-4805 2015-11-5 17:07 2015-10-20 Show GitHub Exploit DB Packet Storm
212335 5 警告 サン・マイクロシステムズ
日立
オラクル
- Oracle Java SE および Java SE Embedded における JGSS に関する脆弱性 CWE-noinfo
情報不足
CVE-2015-4734 2015-11-5 17:07 2015-10-20 Show GitHub Exploit DB Packet Storm
212336 7.6 危険 日立
オラクル
- 複数の Oracle Java 製品 における Security に関する脆弱性 CWE-noinfo
情報不足
CVE-2015-4748 2015-11-5 17:03 2015-07-14 Show GitHub Exploit DB Packet Storm
212337 4.3 警告 日立
オラクル
- 複数の Oracle Java 製品 における JNDI に関する脆弱性 CWE-noinfo
情報不足
CVE-2015-4749 2015-11-5 17:03 2015-07-14 Show GitHub Exploit DB Packet Storm
212338 2.6 注意 日立
オラクル
- 複数の Oracle Java 製品 における JSSE に関する脆弱性 CWE-noinfo
情報不足
CVE-2015-2625 2015-11-5 17:03 2015-07-14 Show GitHub Exploit DB Packet Storm
212339 5 警告 日立
オラクル
- Oracle Java SE および Java SE Embedded における JMX に関する脆弱性 CWE-noinfo
情報不足
CVE-2015-2621 2015-11-5 17:03 2015-07-14 Show GitHub Exploit DB Packet Storm
212340 5 警告 日立
オラクル
- 複数の Oracle Java 製品における 2D に関する脆弱性 CWE-noinfo
情報不足
CVE-2015-2619 2015-11-5 17:03 2015-07-14 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:July 1, 2026, 4:27 a.m.

No CVSS Level
Attach Vector
Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
346131 - jetbox jetbox_cms Multiple cross-site scripting (XSS) vulnerabilities in Jetbox CMS allow remote attackers to inject arbitrary web script or HTML, as demonstrated via the OriginalImageData parameter to phpthumb.php. NVD-CWE-Other
CVE-2006-4739 2018-10-18 06:39 2006-09-14 Show GitHub Exploit DB Packet Storm
346132 - jetbox jetbox_cms Jetbox CMS allows remote attackers to obtain sensitive information via a direct request for certain files, which reveal the path in an error message. NVD-CWE-Other
CVE-2006-4740 2018-10-18 06:39 2006-09-14 Show GitHub Exploit DB Packet Storm
346133 - idevspot phplinkexchange PHP remote file inclusion vulnerability in bits_listings.php in IDevSpot PhpLinkExchange 1.0 allows remote attackers to execute arbitrary code via the svr_rootPhpStart parameter. NVD-CWE-Other
CVE-2006-4741 2018-10-18 06:39 2006-09-14 Show GitHub Exploit DB Packet Storm
346134 - idevspot phplinkexchange Cross-site scripting (XSS) vulnerability in user_add.php in IDevSpot PhpLinkExchange 1.0 allows remote attackers to inject arbitrary web script or HTML via the msg parameter. NVD-CWE-Other
CVE-2006-4742 2018-10-18 06:39 2006-09-14 Show GitHub Exploit DB Packet Storm
346135 - wordpress wordpress WordPress 2.0.2 through 2.0.5 allows remote attackers to obtain sensitive information via a direct request for (1) 404.php, (2) akismet.php, (3) archive.php, (4) archives.php, (5) attachment.php, (6)… NVD-CWE-Other
CVE-2006-4743 2018-10-18 06:39 2006-09-14 Show GitHub Exploit DB Packet Storm
346136 - abidia abidia_wireless
o-anywhere
Abidia (1) O-Anywhere and (2) Abidia Wireless transmit authentication credentials in cleartext, which allows remote attackers to obtain sensitive information by sniffing. NVD-CWE-Other
CVE-2006-4744 2018-10-18 06:39 2006-09-14 Show GitHub Exploit DB Packet Storm
346137 - scarybear pocketexpense_pro ScaryBear PocketExpense Pro 3.9.1 uses an internally recorded key to protect a data file whose contents are stored in plaintext, which allows local users to disable authentication and access the file… NVD-CWE-Other
CVE-2006-4745 2018-10-18 06:39 2006-09-14 Show GitHub Exploit DB Packet Storm
346138 - comscripts web_server_creator PHP remote file inclusion vulnerability in news/include/customize.php in Web Server Creator 0.1 allows remote attackers to execute arbitrary PHP code via a URL in the l parameter. NVD-CWE-Other
CVE-2006-4746 2018-10-18 06:39 2006-09-14 Show GitHub Exploit DB Packet Storm
346139 - idevspot textads Multiple cross-site scripting (XSS) vulnerabilities in IdevSpot TextAds allow remote attackers to inject arbitrary web script or HTML via (1) the id parameter in delete.php and (2) the error paramete… NVD-CWE-Other
CVE-2006-4747 2018-10-18 06:39 2006-09-14 Show GitHub Exploit DB Packet Storm
346140 - f-art_agency blog_cms Multiple SQL injection vulnerabilities in F-ART BLOG:CMS 4.1 allow remote attackers to execute arbitrary SQL commands via the (1) xagent, (2) xpath, (3) xreferer, and (4) xdns parameters in (a) admin… NVD-CWE-Other
CVE-2006-4748 2018-10-18 06:39 2006-09-14 Show GitHub Exploit DB Packet Storm