Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":May 6, 2026, 6 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
217621 2.6 注意 New Atlanta Communications, LLC. - Windows 用 BlueDragon Server および Server JX におけるクロスサイトスクリプティングの脆弱性 - CVE-2006-2311 2014-03-11 17:43 2006-06-26 Show GitHub Exploit DB Packet Storm
217622 6.4 警告 mirabilis - ICQ Client におけるクロスアプリケーションスクリプティングの脆弱性 - CVE-2006-2303 2014-03-11 17:43 2006-05-11 Show GitHub Exploit DB Packet Storm
217623 5.8 警告 inhouse associates - IA-Calendar におけるクロスサイトスクリプティングの脆弱性 - CVE-2006-2291 2014-03-11 17:43 2006-05-10 Show GitHub Exploit DB Packet Storm
217624 2.1 注意 Avahi - Avahi におけるバッファオーバーフローの脆弱性 - CVE-2006-2289 2014-03-11 17:43 2006-05-10 Show GitHub Exploit DB Packet Storm
217625 5 警告 intervations - FileCOPA におけるバッファオーバーフローの脆弱性 - CVE-2006-2254 2014-03-11 17:43 2006-05-9 Show GitHub Exploit DB Packet Storm
217626 7.6 危険 id software - Quake 3 Engine および Quake III Arena におけるバッファオーバーフローの脆弱性 - CVE-2006-2236 2014-03-11 17:43 2006-05-8 Show GitHub Exploit DB Packet Storm
217627 7.6 危険 codemunkyx - CodeMunkyX Simple Poll における管理者権限を取得される脆弱性 - CVE-2006-2235 2014-03-11 17:43 2006-05-5 Show GitHub Exploit DB Packet Storm
217628 7.5 危険 banktown - BankTown Client Control におけるバッファオーバーフローの脆弱性 - CVE-2006-2233 2014-03-11 17:43 2006-05-5 Show GitHub Exploit DB Packet Storm
217629 5 警告 dxmsoft - XM Easy Personal FTP Server におけるバッファオーバーフローの脆弱性 - CVE-2006-2226 2014-03-11 17:43 2006-05-5 Show GitHub Exploit DB Packet Storm
217630 7.5 危険 dxmsoft - XM Easy Personal FTP Server におけるバッファオーバーフローの脆弱性 - CVE-2006-2225 2014-03-11 17:43 2006-05-5 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:May 6, 2026, 4:08 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
292151 - moodle moodle Moodle 2.3.x before 2.3.1 uses only a client-side check for whether references are permitted in a file upload, which allows remote authenticated users to bypass intended alias (aka shortcut) restrict… CWE-264
Permissions, Privileges, and Access Controls 		CVE-2012-3387 2024-11-21 10:40 2012-07-24 Show GitHub Exploit DB Packet Storm
292152 - symantec web_gateway The management console in Symantec Web Gateway 5.0.x before 5.0.3.18 allows remote attackers to change arbitrary passwords via crafted input to an application script. CWE-264
Permissions, Privileges, and Access Controls 		CVE-2012-2977 2024-11-21 10:40 2012-07-24 Show GitHub Exploit DB Packet Storm
292153 - symantec web_gateway The management console in Symantec Web Gateway 5.0.x before 5.0.3.18 allows remote attackers to execute arbitrary shell commands via crafted input to application scripts, related to an "injection" is… CWE-78
OS Command  		CVE-2012-2976 2024-11-21 10:40 2012-07-24 Show GitHub Exploit DB Packet Storm
292154 - symantec web_gateway SQL injection vulnerability in the management console in Symantec Web Gateway 5.0.x before 5.0.3.18 allows remote attackers to execute arbitrary SQL commands via unspecified vectors. CWE-89
SQL Injection 		CVE-2012-2961 2024-11-21 10:40 2012-07-24 Show GitHub Exploit DB Packet Storm
292155 - symantec web_gateway The management console in Symantec Web Gateway 5.0.x before 5.0.3.18 allows local users to gain privileges by modifying files, related to a "file inclusion" issue. CWE-264
Permissions, Privileges, and Access Controls 		CVE-2012-2957 2024-11-21 10:40 2012-07-24 Show GitHub Exploit DB Packet Storm
292156 - symantec web_gateway The management console in Symantec Web Gateway 5.0.x before 5.0.3.18 allows remote attackers to execute arbitrary commands via crafted input to application scripts. CWE-78
OS Command  		CVE-2012-2953 2024-11-21 10:40 2012-07-24 Show GitHub Exploit DB Packet Storm
292157 - wordpress wordpress WordPress before 3.4.1 does not properly restrict access to post contents such as private or draft posts, which allows remote authors or contributors to obtain sensitive information via unknown vecto… CWE-264
Permissions, Privileges, and Access Controls 		CVE-2012-3385 2024-11-21 10:40 2012-07-23 Show GitHub Exploit DB Packet Storm
292158 - wordpress wordpress Cross-site request forgery (CSRF) vulnerability in the customizer in WordPress before 3.4.1 allows remote attackers to hijack the authentication of unspecified victims via unknown vectors. CWE-352
 Origin Validation Error 		CVE-2012-3384 2024-11-21 10:40 2012-07-23 Show GitHub Exploit DB Packet Storm
292159 - wordpress wordpress The map_meta_cap function in wp-includes/capabilities.php in WordPress 3.4.x before 3.4.2, when the multisite feature is enabled, does not properly assign the unfiltered_html capability, which allows… CWE-264
Permissions, Privileges, and Access Controls 		CVE-2012-3383 2024-11-21 10:40 2012-07-23 Show GitHub Exploit DB Packet Storm
292160 - openstack essex
folsom
diablo 		virt/disk/api.py in OpenStack Compute (Nova) Folsom (2012.2), Essex (2012.1), and Diablo (2011.3) allows remote authenticated users to overwrite arbitrary files via a symlink attack on a file in an i… CWE-264
Permissions, Privileges, and Access Controls 		CVE-2012-3361 2024-11-21 10:40 2012-07-23 Show GitHub Exploit DB Packet Storm