Vulnerability Search Top

Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

Vulnerability Information Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":Feb. 9, 2026, 12:59 p.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
216551	4.9	警告	WordPress.org	-	WordPress の wp-includes/capabilities.php におけるアクセス制限を回避される脆弱性	CWE-264 認可・権限・アクセス制御	CVE-2010-5296	2014-01-22 18:43	2010-09-4	Show	GitHub Exploit DB Packet Storm

216552	4.3	警告	WordPress.org	-	WordPress の wp-admin/plugins.php におけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2010-5295	2014-01-22 18:41	2010-11-14	Show	GitHub Exploit DB Packet Storm

216553	4.3	警告	WordPress.org	-	WordPress の wp-admin/includes/file.php におけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2010-5294	2014-01-22 18:38	2010-11-14	Show	GitHub Exploit DB Packet Storm

216554	5.8	警告	WordPress.org	-	WordPress の wp-includes/comment.php におけるスパム制限を回避される脆弱性	CWE-264 認可・権限・アクセス制御	CVE-2010-5293	2014-01-22 18:35	2010-11-30	Show	GitHub Exploit DB Packet Storm

216555	4.3	警告	シスコシステムズ	-	Cisco Secure Access Control System のポータルにおけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2014-0668	2014-01-22 16:37	2014-01-21	Show	GitHub Exploit DB Packet Storm

216556	2.6	注意	TYPO3 Association	-	TYPO3 の Extbase Framework の ActionController ベースクラスにおけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2013-7078	2014-01-22 16:32	2013-12-10	Show	GitHub Exploit DB Packet Storm

216557	3.3	注意	libimobiledevice	-	libimobiledevice の userpref.c における任意のファイルを上書きされる脆弱性	CWE-59 リンク解釈の問題	CVE-2013-2142	2014-01-22 16:31	2013-08-14	Show	GitHub Exploit DB Packet Storm

216558	2.6	注意	Drupal	-	Drupal におけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2013-0244	2014-01-22 16:31	2013-01-16	Show	GitHub Exploit DB Packet Storm

216559	2.7	注意	Fabrice Bellard Xen プロジェクト	-	Xen および QEMU の qemu-xen の qdisk PV ディスクバックエンドにおけるサービス運用妨害 (DoS) の脆弱性	CWE-399 リソース管理の問題	CVE-2013-4375	2014-01-22 16:22	2013-10-10	Show	GitHub Exploit DB Packet Storm

216560	1.9	注意	Linux	-	Linux Kernel の drivers/net/hamradio/yam.c の yam_ioctl 関数における重要な情報を取得される脆弱性	CWE-399 リソース管理の問題	CVE-2014-1446	2014-01-22 16:05	2014-01-15	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:April 26, 2026, 4:08 a.m.

No	CVSS	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
280671	-	limbo_cms	limbo_cms	SQL injection vulnerability in the weblinks option (weblinks.html.php) in Limbo CMS allows remote attackers to execute arbitrary SQL commands via the catid parameter.	CWE-89 CWE-16 SQL Injection Configuration	CVE-2006-2363	2018-10-19 01:39	2006-05-16	Show	GitHub Exploit DB Packet Storm

280672	-	microsoft	dhcp_client_service	Buffer overflow in the DHCP Client service for Microsoft Windows 2000 SP4, Windows XP SP1 and SP2, and Server 2003 up to SP1 allows remote attackers to execute arbitrary code via a crafted DHCP respo…	CWE-119 Incorrect Access of Indexable Resource ('Range Error')	CVE-2006-2372	2018-10-19 01:39	2006-07-12	Show	GitHub Exploit DB Packet Storm

280673	-	microsoft	windows_98 windows_98se windows_me	Integer overflow in the PolyPolygon function in Graphics Rendering Engine on Microsoft Windows 98 and Me allows remote attackers to execute arbitrary code via a Windows Metafile (WMF) or EMF image wi…	CWE-189 Numeric Errors	CVE-2006-2376	2018-10-19 01:39	2006-06-14	Show	GitHub Exploit DB Packet Storm

280674	-	microsoft	outlook_express	Unspecified vulnerability in Microsoft Outlook Express 6 and earlier allows remote attackers to execute arbitrary code via a crafted contact record in a Windows Address Book (WAB) file.	NVD-CWE-Other	CVE-2006-2386	2018-10-19 01:39	2006-12-13	Show	GitHub Exploit DB Packet Storm

280675	-	microsoft	outlook_express	If a end user is logged on with administrative user rights, an attacker who successfully exploited this vulnerability could take complete control of an affected system.	NVD-CWE-Other	CVE-2006-2386	2018-10-19 01:39	2006-12-13	Show	GitHub Exploit DB Packet Storm

280676	-	microsoft	excel excel_viewer	Microsoft Office Excel 2000 through 2004 allows user-assisted attackers to execute arbitrary code via malformed cell comments, which lead to modification of "critical data offsets" during the rebuild…	CWE-94 Code Injection	CVE-2006-2388	2018-10-19 01:39	2006-07-14	Show	GitHub Exploit DB Packet Storm

280677	-	emc	retrospect_client	Buffer overflow in EMC Retrospect Client 5.1 through 7.5 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a crafted packet to port 497.	NVD-CWE-Other	CVE-2006-2391	2018-10-19 01:39	2006-05-16	Show	GitHub Exploit DB Packet Storm

280678	-	emc	retrospect_client	Failed exploit attempts will likely crash the application, denying further service to legitimate users.	NVD-CWE-Other	CVE-2006-2391	2018-10-19 01:39	2006-05-16	Show	GitHub Exploit DB Packet Storm

280679	-	empire_server	empire_server	The client_cmd function in Empire 4.3.2 and earlier allows remote attackers to cause a denial of service (application crash) by causing long text strings to be appended to the player->client buffer, …	NVD-CWE-Other	CVE-2006-2393	2018-10-19 01:39	2006-05-16	Show	GitHub Exploit DB Packet Storm

280680	-	turnkey_web_tools	php_live_helper	Cross-site scripting (XSS) vulnerability in chat.php in PHP Live Helper allows remote attackers to inject arbitrary web script or HTML via the PHPSESSID parameter.	NVD-CWE-Other	CVE-2006-2394	2018-10-19 01:39	2006-05-16	Show	GitHub Exploit DB Packet Storm