Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":Feb. 9, 2026, 12:59 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
219071 6.8 警告 IndiaNIC - WordPress 用 IndiaNIC Testimonial プラグインにおけるクロスサイトリクエストフォージェリの脆弱性 CWE-352
同一生成元ポリシー違反 		CVE-2013-5672 2013-09-12 14:31 2013-09-1 Show GitHub Exploit DB Packet Storm
219072 4.3 警告 ImageMagick - ImageMagick の coders/gif.c 内の ReadGIFImage 関数におけるサービス運用妨害 (DoS) の脆弱性 CWE-119
バッファエラー 		CVE-2013-4298 2013-09-12 14:29 2013-08-5 Show GitHub Exploit DB Packet Storm
219073 5 警告 Fedora Project - 389 Directory Server の ns-slapd におけるサービス運用妨害 (DoS) の脆弱性 CWE-20
不適切な入力確認 		CVE-2013-4283 2013-09-12 14:16 2013-08-28 Show GitHub Exploit DB Packet Storm
219074 6.9 警告 GNOME Project - GNOME Display Manager における任意のディレクトリのパーミッションを変更される脆弱性 CWE-59
リンク解釈の問題 		CVE-2013-4169 2013-09-12 13:42 2013-09-5 Show GitHub Exploit DB Packet Storm
219075 3.5 注意 AlienWP - Drupal 用 Hatch テーマにおけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2013-4138 2013-09-11 16:42 2013-07-10 Show GitHub Exploit DB Packet Storm
219076 7.2 危険 ソフォス - Sophos Web Appliance の /opt/cma/bin/clear_keys.pl の close_connections 関数における権限を取得される脆弱性 CWE-264
認可・権限・アクセス制御 		CVE-2013-4984 2013-09-11 14:45 2013-09-9 Show GitHub Exploit DB Packet Storm
219077 7.5 危険 VMware - VMware ESX および ESXi におけるバッファオーバーフローの脆弱性 CWE-119
バッファエラー 		CVE-2013-3657 2013-09-11 14:02 2013-09-6 Show GitHub Exploit DB Packet Storm
219078 6.4 警告 VMware - VMware ESX および ESXi におけるディレクトリトラバーサルの脆弱性 CWE-22
パス・トラバーサル 		CVE-2013-3658 2013-09-11 13:54 2013-09-6 Show GitHub Exploit DB Packet Storm
219079 4.3 警告 VideoWhisper.com - WordPress 用 VideoWhisper Live Streaming Integration プラグインにおけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2013-5714 2013-09-11 13:51 2013-08-23 Show GitHub Exploit DB Packet Storm
219080 5 警告 Digium - 複数の Asterisk 製品の SIP チャネルドライバにおけるサービス運用妨害 (DoS) の脆弱性 CWE-20
不適切な入力確認 		CVE-2013-5642 2013-09-11 13:50 2013-08-27 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:April 20, 2026, 4:09 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
278971 - xfairguy codeavalanche_freeforum SQL injection vulnerability in admin/default.asp in Dusan Drobac CodeAvalanche FreeForum (aka CAForum) 1.0 allows remote attackers to execute arbitrary SQL commands via the password parameter. NVD-CWE-Other
CVE-2006-2822 2018-10-19 01:43 2006-06-6 Show GitHub Exploit DB Packet Storm
278972 - a.shopkart a.shopkart Katrien De Graeve a.shopKart 2.0 (aka ashopKart20) stores sensitive information under the web root with insufficient access control, which allows remote attackers to download a database via a direct … NVD-CWE-Other
CVE-2006-2823 2018-10-19 01:43 2006-06-6 Show GitHub Exploit DB Packet Storm
278973 - drupal drupal Drupal 4.6.x before 4.6.8 and 4.7.x before 4.7.2, when running under certain Apache configurations such as when FileInfo overrides are disabled within .htaccess, allows remote attackers to execute ar… NVD-CWE-Other
CVE-2006-2831 2018-10-19 01:43 2006-06-6 Show GitHub Exploit DB Packet Storm
278974 - drupal drupal Cross-site scripting (XSS) vulnerability in the upload module (upload.module) in Drupal 4.6.x before 4.6.8 and 4.7.x before 4.7.2 allows remote attackers to inject arbitrary web script or HTML via th… NVD-CWE-Other
CVE-2006-2832 2018-10-19 01:43 2006-06-6 Show GitHub Exploit DB Packet Storm
278975 - drupal drupal Cross-site scripting (XSS) vulnerability in the taxonomy module in Drupal 4.6.8 and 4.7.2 allows remote attackers to inject arbitrary web script or HTML via inputs that are not properly validated whe… NVD-CWE-Other
CVE-2006-2833 2018-10-19 01:43 2006-06-6 Show GitHub Exploit DB Packet Storm
278976 - php-nuke ev Global variable overwrite vulnerability in PHP-Nuke allows remote attackers to conduct remote PHP file inclusion attacks via a modified phpbb_root_path parameter to the admin scripts (1) index.php, (… NVD-CWE-Other
CVE-2006-2828 2018-10-19 01:43 2006-06-6 Show GitHub Exploit DB Packet Storm
278977 - arabless saphplesson SQL injection vulnerability in saphplesson 2.0 allows remote attackers to execute arbitrary SQL commands via the (1) forumid parameter in add.php and (2) lessid parameter in show.php. NVD-CWE-Other
CVE-2006-2835 2018-10-19 01:43 2006-06-7 Show GitHub Exploit DB Packet Storm
278978 - redaxo redaxo PHP remote file inclusion vulnerability in Redaxo 2.7.4 allows remote attackers to execute arbitrary PHP code via a URL in the (1) REX[INCLUDE_PATH] parameter in (a) addons/import_export/pages/index.… NVD-CWE-Other
CVE-2006-2843 2018-10-19 01:43 2006-06-7 Show GitHub Exploit DB Packet Storm
278979 - redaxo redaxo Multiple PHP remote file inclusion vulnerabilities in Redaxo 3.0 allow remote attackers to execute arbitrary PHP code via a URL in the REX[INCLUDE_PATH] parameter to (1) simple_user/pages/index.inc.p… NVD-CWE-Other
CVE-2006-2844 2018-10-19 01:43 2006-06-7 Show GitHub Exploit DB Packet Storm
278980 - redaxo redaxo PHP remote file inclusion vulnerability in Redaxo 3.0 up to 3.2 allows remote attackers to execute arbitrary PHP code via a URL in the REX[INCLUDE_PATH] parameter to image_resize/pages/index.inc.php. NVD-CWE-Other
CVE-2006-2845 2018-10-19 01:43 2006-06-7 Show GitHub Exploit DB Packet Storm