Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":May 7, 2026, 6 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
218141 5.5 警告 Mozilla Foundation - Bugzilla における SQL エラーを誘発される脆弱性 CWE-20
不適切な入力確認 		CVE-2006-0914 2014-03-11 17:43 2006-02-28 Show GitHub Exploit DB Packet Storm
218142 4.3 警告 brown bear software - Calcium におけるクロスサイトスクリプティングの脆弱性 - CVE-2006-0889 2014-03-11 17:43 2006-02-25 Show GitHub Exploit DB Packet Storm
218143 5 警告 south river technologies - South River WebDrive の特定のバージョンにおけるバッファオーバーフローの脆弱性 - CVE-2006-0867 2014-03-11 17:43 2006-02-23 Show GitHub Exploit DB Packet Storm
218144 4.3 警告 e107.org - e107 の Chatbox Plugin におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2006-0857 2014-03-11 17:43 2006-02-23 Show GitHub Exploit DB Packet Storm
218145 6.5 警告 truenorth software - TrueNorth Internet Anywhere eMailserver の IMAP サービスにおけるバッファオーバーフローの脆弱性 - CVE-2006-0853 2014-03-11 17:43 2006-02-23 Show GitHub Exploit DB Packet Storm
218146 4.3 警告 calacode - Calacode @Mail におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2006-0842 2014-03-11 17:43 2006-02-22 Show GitHub Exploit DB Packet Storm
218147 10 危険 京セラ株式会社 - Kyocera プリンタにおける管理メニューにアクセスされる脆弱性 - CVE-2006-0789 2014-03-11 17:43 2006-02-19 Show GitHub Exploit DB Packet Storm
218148 2.6 注意 mybulletinboard - MyBulletinBoard の calendar.php におけるクロスサイトスクリプティングの脆弱性 - CVE-2006-0770 2014-03-11 17:43 2006-02-18 Show GitHub Exploit DB Packet Storm
218149 5 警告 CGIWrap - CGIWrap における重要な情報を取得される脆弱性 - CVE-2006-0767 2014-03-11 17:43 2006-02-18 Show GitHub Exploit DB Packet Storm
218150 5.1 警告 BlackBerry - 複数ベンダの製品用 Motion BlackBerry Enterprise Server におけるバッファオーバーフローの脆弱性 - CVE-2006-0761 2014-03-11 17:43 2006-02-18 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:May 7, 2026, 4:22 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
294241 - mg12 wp-recentcomments Cross-site scripting (XSS) vulnerability in the rc_ajax function in core.php in the WP-RecentComments plugin before 2.0.7 for WordPress allows remote attackers to inject arbitrary web script or HTML … CWE-79
Cross-site Scripting 		CVE-2012-1068 2024-11-21 10:36 2012-02-15 Show GitHub Exploit DB Packet Storm
294242 - mg12 wp-recentcomments SQL injection vulnerability in the WP-RecentComments plugin 2.0.7 for WordPress allows remote attackers to execute arbitrary SQL commands via the id parameter in an rc-content action to index.php. N… CWE-89
SQL Injection 		CVE-2012-1067 2024-11-21 10:36 2012-02-15 Show GitHub Exploit DB Packet Storm
294243 - smartycms smartycms Cross-site scripting (XSS) vulnerability in the template module in SmartyCMS 0.9.4 allows remote attackers to inject arbitrary web script or HTML via the title bar. CWE-79
Cross-site Scripting 		CVE-2012-1066 2024-11-21 10:36 2012-02-15 Show GitHub Exploit DB Packet Storm
294244 - 2x applicationserver Insecure method vulnerability in TuxScripting.dll in the TuxSystem ActiveX control in 2X ApplicationServer 10.1 Build 1224 allows remote attackers to create or overwrite arbitrary files via the Expor… NVD-CWE-Other
CVE-2012-1065 2024-11-21 10:36 2012-02-15 Show GitHub Exploit DB Packet Storm
294245 - netsarang xmanager_enterprise
xlpd 		NetSarang Xlpd 4 Build 0100 and NetSarang Xmanager Enterprise 4 Build 0186 allow remote attackers to cause a denial of service (daemon crash) via a malformed LPD request. NVD-CWE-noinfo
CVE-2012-1009 2024-11-21 10:36 2012-02-15 Show GitHub Exploit DB Packet Storm
294246 - manageengine applications_manager Multiple SQL injection vulnerabilities in ManageEngine Applications Manager 9.x and 10.x allow remote attackers to execute arbitrary SQL commands via the (1) viewId parameter to fault/AlarmView.do or… CWE-89
SQL Injection 		CVE-2012-1063 2024-11-21 10:36 2012-02-14 Show GitHub Exploit DB Packet Storm
294247 - manageengine applications_manager Multiple cross-site scripting (XSS) vulnerabilities in ManageEngine Applications Manager 9.x and 10.x allow remote attackers to inject arbitrary web script or HTML via the (1) period parameter to sho… CWE-79
Cross-site Scripting 		CVE-2012-1062 2024-11-21 10:36 2012-02-14 Show GitHub Exploit DB Packet Storm
294248 - gforgegroup gforge SQL injection vulnerability in GForge Advanced Server 6.0.0 and other versions before 6.0.1 allows remote attackers to execute arbitrary SQL commands via unspecified vectors. CWE-89
SQL Injection 		CVE-2012-1061 2024-11-21 10:36 2012-02-14 Show GitHub Exploit DB Packet Storm
294249 - rik_de_boer revisioning Multiple cross-site scripting (XSS) vulnerabilities in revisioning_theme.inc in the Taxonomy module in the Revisioning module 6.x-3.13 and other versions before 6.x-3.14 for Drupal allow remote authe… CWE-79
Cross-site Scripting 		CVE-2012-1060 2024-11-21 10:36 2012-02-14 Show GitHub Exploit DB Packet Storm
294250 - oscommerce online_merchant Cross-site scripting (XSS) vulnerability in osCommerce/OM/Core/Site/Shop/Application/Cart/pages/main.php in OSCommerce Online Merchant 3.0.2 allows remote attackers to inject arbitrary web script or … CWE-79
Cross-site Scripting 		CVE-2012-1059 2024-11-21 10:36 2012-02-14 Show GitHub Exploit DB Packet Storm