Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":Feb. 9, 2026, 12:59 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
217431 6.9 警告 Xen プロジェクト - Xen におけるサービス運用妨害 (DoS) の脆弱性 CWE-264
認可・権限・アクセス制御 		CVE-2013-1964 2013-12-6 15:32 2013-04-18 Show GitHub Exploit DB Packet Storm
217432 7.5 危険 MyBB Group - MyBB 用 Ajax forum stat プラグインの ajaxfs.php における SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2013-6936 2013-12-6 15:17 2013-11-20 Show GitHub Exploit DB Packet Storm
217433 4.3 警告 Elecsys Corporation - Linux Kernel ベースの Director Industrial Communication Gateway デバイスの Outstation コンポーネントの DNP3 サービスにおけるサービス運用妨害 (DoS) の脆弱性 CWE-20
不適切な入力確認 		CVE-2013-2825 2013-12-6 13:46 2013-12-3 Show GitHub Exploit DB Packet Storm
217434 5.8 警告 サイボウズ - サイボウズ ガルーンにおけるセッション固定の脆弱性 CWE-264
認可・権限・アクセス制御 		CVE-2013-6004 2013-12-6 10:52 2013-12-3 Show GitHub Exploit DB Packet Storm
217435 4 警告 サイボウズ - サイボウズ ガルーンにおけるメールヘッダインジェクションの脆弱性 CWE-20
不適切な入力確認 		CVE-2013-6003 2013-12-6 10:49 2013-12-3 Show GitHub Exploit DB Packet Storm
217436 4.3 警告 サイボウズ - サイボウズ ガルーンにおけるサービス運用妨害 (DoS) の脆弱性 CWE-noinfo
情報不足 		CVE-2013-6002 2013-12-6 10:48 2013-12-3 Show GitHub Exploit DB Packet Storm
217437 6 警告 サイボウズ - サイボウズ ガルーンにおける SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2013-6001 2013-12-6 10:46 2013-12-3 Show GitHub Exploit DB Packet Storm
217438 5 警告 サイボウズ - サイボウズ ガルーンにおける複数のクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2013-6900
CVE-2013-6901
CVE-2013-6902
CVE-2013-6903
CVE-2013-6904
CVE-2013-6905
CVE-2013-6906
CVE-2013-6907
CVE-2013-6908
CVE-2013-6909
CVE-2013-6910
CVE-2013-691… 		2013-12-6 10:41 2013-12-3 Show GitHub Exploit DB Packet Storm
217439 5 警告 たっちゃんのHP - 改造版 TOWN におけるディレクトリトラバーサルの脆弱性 CWE-22
パス・トラバーサル 		CVE-2013-6000 2013-12-6 10:37 2013-11-29 Show GitHub Exploit DB Packet Storm
217440 4.9 警告 Linux - Linux Kernel の net/rose/af_rose.c における重要な情報を取得される脆弱性 CWE-200
情報漏えい 		CVE-2013-3234 2013-12-5 18:02 2013-04-7 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:April 20, 2026, 4:09 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
280001 - codeworx_technologies dcp-portal Multiple cross-site scripting (XSS) vulnerabilities in DCP-Portal 6.1.1 and earlier, with register_globals enabled, allow remote attackers to inject arbitrary web script or HTML via the (1) its_url p… NVD-CWE-Other
CVE-2006-1120 2018-10-19 01:30 2006-03-10 Show GitHub Exploit DB Packet Storm
280002 - cutephp cutenews Cross-site scripting (XSS) vulnerability in CuteNews 1.4.1 allows remote attackers to inject arbitrary web script or HTML via the query string to index.php. NVD-CWE-Other
CVE-2006-1121 2018-10-19 01:30 2006-03-10 Show GitHub Exploit DB Packet Storm
280003 - d2ksoft d2kblog Cross-site scripting (XSS) vulnerability in Default.asp in D2KBlog 1.0.3 and earlier allows remote attackers to inject arbitrary web script or HTML via the msg parameter. NVD-CWE-Other
CVE-2006-1122 2018-10-19 01:30 2006-03-10 Show GitHub Exploit DB Packet Storm
280004 - d2ksoft d2kblog SQL injection vulnerability in D2KBlog 1.0.3 and earlier allows remote attackers to execute arbitrary SQL commands via the memName parameter in a cookie. NVD-CWE-Other
CVE-2006-1123 2018-10-19 01:30 2006-03-10 Show GitHub Exploit DB Packet Storm
280005 - revilloc_solutions revilloc_mailserver Buffer overflow in RevilloC MailServer and Proxy 1.21 allows remote attackers to execute arbitrary code via a long USER command. NVD-CWE-Other
CVE-2006-1124 2018-10-19 01:30 2006-03-10 Show GitHub Exploit DB Packet Storm
280006 - ekinboard ekinboard SQL injection vulnerability in config.php in EKINboard 1.0.3 allows remote attackers to execute arbitrary SQL commands and bypass authentication via the username cookie. NVD-CWE-Other
CVE-2006-1129 2018-10-19 01:30 2006-03-10 Show GitHub Exploit DB Packet Storm
280007 - ekinboard ekinboard Cross-site scripting (XSS) vulnerability in EKINboard 1.0.3 allows remote attackers to inject arbitrary web script or HTML via a Javascript URI in a BBCode img tag. NVD-CWE-Other
CVE-2006-1130 2018-10-19 01:30 2006-03-10 Show GitHub Exploit DB Packet Storm
280008 - vbzoom vbzoom SQL injection vulnerability in show.php in vbzoom 1.11 allow remote attackers to execute arbitrary SQL commands via the MainID parameter. NOTE: the SubjectID vector is already covered by CVE-2005-472… NVD-CWE-Other
CVE-2006-1132 2018-10-19 01:30 2006-03-10 Show GitHub Exploit DB Packet Storm
280009 - vbzoom vbzoom Multiple cross-site scripting (XSS) vulnerabilities in vbzoom 1.11 allow remote attackers to inject arbitrary web script or HTML via the UserID parameter to (1) comment.php or (2) contact.php. NOTE:… NVD-CWE-Other
CVE-2006-1133 2018-10-19 01:30 2006-03-10 Show GitHub Exploit DB Packet Storm
280010 - jason_smith cyboards_php_lite SQL injection vulnerability in CyBoards PHP Lite 1.25, when magic_quotes_gpc is disabled, allows remote attackers to execute arbitrary SQL commands via the parent parameter to (1) post.php and possib… NVD-CWE-Other
CVE-2006-1134 2018-10-19 01:30 2006-03-10 Show GitHub Exploit DB Packet Storm