Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":Feb. 9, 2026, 12:59 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
217701 7.2 危険 VMware - Linux 上で稼働する VMware Workstation および VMware Player におけるホスト OS の権限を取得される脆弱性 CWE-264
認可・権限・アクセス制御 		CVE-2013-5972 2013-11-20 17:14 2013-11-14 Show GitHub Exploit DB Packet Storm
217702 5.8 警告 Google - Google Chrome におけるサンドボックスの制限を回避される脆弱性 CWE-264
認可・権限・アクセス制御 		CVE-2013-6802 2013-11-20 16:56 2013-11-14 Show GitHub Exploit DB Packet Storm
217703 4.3 警告 Percipient Studios - Umbraco CMS 用 Percipient Studios ImageGen の imagegen.ashx におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2013-0741 2013-11-20 16:46 2013-10-31 Show GitHub Exploit DB Packet Storm
217704 3.5 注意 D-Link Systems, Inc. - D-Link DSL-2760U ゲートウェイにおけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2013-5223 2013-11-20 15:18 2013-11-12 Show GitHub Exploit DB Packet Storm
217705 7.6 危険 D-Link Systems, Inc. - D-Link DSL-2740B ゲートウェイのファームウェアにおける認証を回避される脆弱性 CWE-264
認可・権限・アクセス制御 		CVE-2013-2271 2013-11-20 15:18 2013-11-14 Show GitHub Exploit DB Packet Storm
217706 6.8 警告 Sunil Nanda - WordPress 用 Blue Wrench Video Widget プラグインにおけるクロスサイトリクエストフォージェリの脆弱性 CWE-352
同一生成元ポリシー違反 		CVE-2013-6797 2013-11-20 15:01 2013-10-23 Show GitHub Exploit DB Packet Storm
217707 4.3 警告 Softaculous - Softaculous Webuzo の File Manager モジュールの filemanager/login.php におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2013-6042 2013-11-20 14:34 2013-10-3 Show GitHub Exploit DB Packet Storm
217708 4.3 警告 Beanbag - Review Board におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2013-4519 2013-11-20 14:21 2013-11-5 Show GitHub Exploit DB Packet Storm
217709 5.7 警告 Xen プロジェクト - Xen におけるサービス運用妨害 (DoS) の脆弱性 CWE-20
不適切な入力確認 		CVE-2013-4551 2013-11-20 14:09 2013-11-8 Show GitHub Exploit DB Packet Storm
217710 6.8 警告 BlackBerry - Windows または Mac OS X 上で稼働する BlackBerry Link における任意のファイルを読まれる脆弱性 CWE-352
同一生成元ポリシー違反 		CVE-2013-3694 2013-11-20 13:39 2013-11-12 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:April 25, 2026, 4:08 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
279371 - hummingbird enterprise_collaboration Hummingbird Collaboration (aka Hummingbird Enterprise Collaboration) 5.21 and earlier allows remote attackers to misrepresent the type and name of a file via modified doc_ext and id parameters, which… NVD-CWE-Other
CVE-2006-0173 2018-10-20 00:43 2006-01-12 Show GitHub Exploit DB Packet Storm
279372 - hummingbird collaboration
enterprise_collaboration 		Hummingbird Collaboration (aka Hummingbird Enterprise Collaboration) 5.21 and earlier allows remote attackers to obtain sensitive information (intranet IP addresses and enumerations of valid paramete… NVD-CWE-Other
CVE-2006-0174 2018-10-20 00:43 2006-01-12 Show GitHub Exploit DB Packet Storm
279373 - webwiz web_wiz_forums Cross-site scripting (XSS) vulnerability in search_form.asp in Web Wiz Forums 6.34 allows remote attackers to inject arbitrary web script or HTML via the search parameter. CWE-79
Cross-site Scripting 		CVE-2006-0175 2018-10-20 00:43 2006-01-12 Show GitHub Exploit DB Packet Storm
279374 - xmame xmame Buffer overflow in certain functions in src/fileio.c and src/unix/fileio.c in xmame before 11 January 2006 may allow local users to gain privileges via a long (1) -lang, (2) -ctrlr, (3) -pb, or (4) -… NVD-CWE-Other
CVE-2006-0176 2018-10-20 00:43 2006-01-12 Show GitHub Exploit DB Packet Storm
279375 - calogic calogic_calendars Cross-site scripting (XSS) vulnerability in CaLogic Calendars 1.2.2 allows remote attackers to inject arbitrary web script or HTML via the Title field on the "Adding New Event" page, and possibly oth… NVD-CWE-Other
CVE-2006-0180 2018-10-20 00:43 2006-01-12 Show GitHub Exploit DB Packet Storm
279376 - acal calendar_project login.php in ACal Calendar Project 2.2.5 allows remote attackers to bypass authentication by setting the ACalAuthenticate cookie variable to "inside". NVD-CWE-Other
CVE-2006-0182 2018-10-20 00:43 2006-01-12 Show GitHub Exploit DB Packet Storm
279377 - acal calendar_project Direct static code injection vulnerability in edit.php in ACal Calendar Project 2.2.5 allows authenticated users to execute arbitrary PHP code via (1) the edit=header value, which modifies header.php… NVD-CWE-Other
CVE-2006-0183 2018-10-20 00:43 2006-01-12 Show GitHub Exploit DB Packet Storm
279378 - microsoft visual_studio_.net By design, Microsoft Visual Studio 2005 automatically executes code in the Load event of a user-defined control (UserControl1_Load function), which allows user-assisted attackers to execute arbitrary… NVD-CWE-Other
CVE-2006-0187 2018-10-20 00:43 2006-01-12 Show GitHub Exploit DB Packet Storm
279379 - estara softphone Buffer overflow in eStara Softphone 3.0.1.14 through 3.0.1.46 allows remote attackers to execute arbitrary code via a long attribute (aka "a") field in the SDP data of a SIP packet on UDP port 5060. NVD-CWE-Other
CVE-2006-0189 2018-10-20 00:43 2006-01-13 Show GitHub Exploit DB Packet Storm
279380 - estara softphone This is the vendor provided solution: "eStara has released Softphone version 3.0.1.47 to resolve the buffer overflow demonstrated in parsing SDP with long "a=" lines. Licensed customers can downl… NVD-CWE-Other
CVE-2006-0189 2018-10-20 00:43 2006-01-13 Show GitHub Exploit DB Packet Storm