Vulnerability Search Top

Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

Vulnerability Information Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":May 16, 2026, noon

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
219411	6.8	警告	toenda software development	-	toendaCMS におけるクロスサイトスクリプティングの脆弱性	-	CVE-2006-2799	2014-03-11 17:43	2006-06-3	Show	GitHub Exploit DB Packet Storm

219412	6.8	警告	hogstorps	-	Hogstorps hogstorp guestbook におけるクロスサイトスクリプティングの脆弱性	-	CVE-2006-2772	2014-03-11 17:43	2006-06-2	Show	GitHub Exploit DB Packet Storm

219413	4.3	警告	Chipmunk Scripts	-	Chipmunk guestbook におけるクロスサイトスクリプティングの脆弱性	-	CVE-2006-2757	2014-03-11 17:43	2006-06-2	Show	GitHub Exploit DB Packet Storm

219414	6.8	警告	easy-content forums	-	Easy-Content Forums におけるクロスサイトスクリプティングの脆弱性	-	CVE-2006-2696	2014-03-11 17:43	2006-05-31	Show	GitHub Exploit DB Packet Storm

219415	4.9	警告	agtc websolutions	-	PHP-AGTC Membership System におけるクロスサイトスクリプティングの脆弱性	-	CVE-2006-2687	2014-03-11 17:43	2006-05-31	Show	GitHub Exploit DB Packet Storm

219416	2.1	注意	The PHP Group	-	PHP における制限を回避される脆弱性	-	CVE-2006-2660	2014-03-11 17:43	2006-06-13	Show	GitHub Exploit DB Packet Storm

219417	7.5	危険	Alt-N	-	Alt-N MDaemon におけるバッファオーバーフローの脆弱性	-	CVE-2006-2646	2014-03-11 17:43	2006-05-30	Show	GitHub Exploit DB Packet Storm

219418	3.5	注意	andrew godwin	-	Andrew Godwin ByteHoard におけるクロスサイトスクリプティングの脆弱性	-	CVE-2006-2632	2014-03-11 17:43	2006-05-30	Show	GitHub Exploit DB Packet Storm

219419	4.3	警告	AlstraSoft	-	AlstraSoft Web Host Directory におけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2006-2618	2014-03-11 17:43	2006-05-26	Show	GitHub Exploit DB Packet Storm

219420	4.3	警告	chatty	-	Chatty におけるクロスサイトスクリプティングの脆弱性	-	CVE-2006-2606	2014-03-11 17:43	2006-05-25	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:May 16, 2026, 4 a.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
294761	-		siemens	simatic_pcs7 wincc	Multiple cross-site scripting (XSS) vulnerabilities in WebNavigator in Siemens WinCC 7.0 SP3 and earlier, as used in SIMATIC PCS7 and other products, allow remote attackers to inject arbitrary web sc…	CWE-79 Cross-site Scripting	CVE-2012-3031	2024-11-21 10:40	2012-09-18	Show	GitHub Exploit DB Packet Storm

294762	-		siemens	simatic_pcs7 wincc	WebNavigator in Siemens WinCC 7.0 SP3 and earlier, as used in SIMATIC PCS7 and other products, stores sensitive information under the web root with insufficient access control, which allows remote at…	CWE-264 Permissions, Privileges, and Access Controls	CVE-2012-3030	2024-11-21 10:40	2012-09-18	Show	GitHub Exploit DB Packet Storm

294763	-		siemens	simatic_pcs7 wincc	Cross-site request forgery (CSRF) vulnerability in WebNavigator in Siemens WinCC 7.0 SP3 and earlier, as used in SIMATIC PCS7 and other products, allows remote attackers to hijack the authentication …	CWE-352 Origin Validation Error	CVE-2012-3028	2024-11-21 10:40	2012-09-18	Show	GitHub Exploit DB Packet Storm

294764	-		cososys	endpoint_protector_appliace_4	The CoSoSys Endpoint Protector 4 appliance establishes an EPProot password based entirely on the appliance serial number, which makes it easier for remote attackers to obtain access via a brute-force…	CWE-264 Permissions, Privileges, and Access Controls	CVE-2012-2994	2024-11-21 10:40	2012-09-18	Show	GitHub Exploit DB Packet Storm

294765	5.9	MEDIUM Network	microsoft	windows_phone_7_firmware	Microsoft Windows Phone 7 does not verify the domain name in the subject's Common Name (CN) field of an X.509 certificate, which allows man-in-the-middle attackers to spoof an SSL server for the (1) …	CWE-295 Improper Certificate Validation	CVE-2012-2993	2024-11-21 10:40	2012-09-18	Show	GitHub Exploit DB Packet Storm

294766	-		trendmicro	interscan_messaging_security_suite	Cross-site request forgery (CSRF) vulnerability in saveAccountSubTab.imss in Trend Micro InterScan Messaging Security Suite 7.1-Build_Win32_1394 allows remote attackers to hijack the authentication o…	CWE-352 Origin Validation Error	CVE-2012-2996	2024-11-21 10:40	2012-09-17	Show	GitHub Exploit DB Packet Storm

294767	-		trendmicro	interscan_messaging_security_suite	Multiple cross-site scripting (XSS) vulnerabilities in Trend Micro InterScan Messaging Security Suite 7.1-Build_Win32_1394 allow remote attackers to inject arbitrary web script or HTML via (1) the wr…	CWE-79 Cross-site Scripting	CVE-2012-2995	2024-11-21 10:40	2012-09-17	Show	GitHub Exploit DB Packet Storm

294768	-		cisco	unity_connection	Cisco Unity Connection (UC) 7.1, 8.0, and 8.5 allows remote authenticated users to cause a denial of service (resource consumption and administration outage) via extended use of the product, aka Bug …	NVD-CWE-Other	CVE-2012-3096	2024-11-21 10:40	2012-09-16	Show	GitHub Exploit DB Packet Storm

294769	-		cisco	anyconnect_secure_mobility_client	The VPN downloader in the download_install component in Cisco AnyConnect Secure Mobility Client 3.1.x before 3.1.00495 on Linux accepts arbitrary X.509 server certificates without user interaction, w…	CWE-200 Information Exposure	CVE-2012-3094	2024-11-21 10:40	2012-09-16	Show	GitHub Exploit DB Packet Storm

294770	-		cisco	anyconnect_secure_mobility_client	Cisco AnyConnect Secure Mobility Client 3.1.x before 3.1.00495, and 3.2.x, does not check whether an HTTP request originally contains ScanSafe headers, which allows remote attackers to have an unspec…	NVD-CWE-noinfo	CVE-2012-3088	2024-11-21 10:40	2012-09-16	Show	GitHub Exploit DB Packet Storm