Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":May 17, 2026, 6 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
219541 4.3 警告 e107.org - e107 の Chatbox Plugin におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2006-0857 2014-03-11 17:43 2006-02-23 Show GitHub Exploit DB Packet Storm
219542 6.5 警告 truenorth software - TrueNorth Internet Anywhere eMailserver の IMAP サービスにおけるバッファオーバーフローの脆弱性 - CVE-2006-0853 2014-03-11 17:43 2006-02-23 Show GitHub Exploit DB Packet Storm
219543 4.3 警告 calacode - Calacode @Mail におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2006-0842 2014-03-11 17:43 2006-02-22 Show GitHub Exploit DB Packet Storm
219544 10 危険 京セラ株式会社 - Kyocera プリンタにおける管理メニューにアクセスされる脆弱性 - CVE-2006-0789 2014-03-11 17:43 2006-02-19 Show GitHub Exploit DB Packet Storm
219545 2.6 注意 mybulletinboard - MyBulletinBoard の calendar.php におけるクロスサイトスクリプティングの脆弱性 - CVE-2006-0770 2014-03-11 17:43 2006-02-18 Show GitHub Exploit DB Packet Storm
219546 5 警告 CGIWrap - CGIWrap における重要な情報を取得される脆弱性 - CVE-2006-0767 2014-03-11 17:43 2006-02-18 Show GitHub Exploit DB Packet Storm
219547 5.1 警告 BlackBerry - 複数ベンダの製品用 Motion BlackBerry Enterprise Server におけるバッファオーバーフローの脆弱性 - CVE-2006-0761 2014-03-11 17:43 2006-02-18 Show GitHub Exploit DB Packet Storm
219548 4.3 警告 fuzzymonkey
m blom		 - My Blog などの製品で使用される M. Blom HTML::BBCode におけるクロスサイトスクリプティングの脆弱性 - CVE-2006-0735 2014-03-11 17:43 2006-02-16 Show GitHub Exploit DB Packet Storm
219549 7.5 危険 virtual hosting control system - Virtual Hosting Control System における許可されていないアクセス権を取得される脆弱性 - CVE-2006-0684 2014-03-11 17:43 2006-02-15 Show GitHub Exploit DB Packet Storm
219550 7.8 危険 sony ericsson - 複数の Sony Ericsson 製品におけるバッファオーバーフローの脆弱性 - CVE-2006-0671 2014-03-11 17:43 2006-02-13 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:May 17, 2026, 4:15 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
292831 - carlosgavazzi eos-box_photovoltaic_monitoring_system_firmware
eos-box_photovoltaic_monitoring_system 		Carlo Gavazzi EOS-Box with firmware before 1.0.0.1080_2.1.10 establishes multiple hardcoded accounts, which makes it easier for remote attackers to obtain administrative access by reading a password … CWE-255
Credentials Management 		CVE-2012-6428 2024-11-21 10:46 2012-12-24 Show GitHub Exploit DB Packet Storm
292832 - carlosgavazzi eos-box_photovoltaic_monitoring_system_firmware
eos-box_photovoltaic_monitoring_system 		Multiple SQL injection vulnerabilities in Carlo Gavazzi EOS-Box with firmware before 1.0.0.1080_2.1.10 allow remote attackers to execute arbitrary SQL commands via unspecified vectors, a similar issu… CWE-89
SQL Injection 		CVE-2012-6427 2024-11-21 10:46 2012-12-24 Show GitHub Exploit DB Packet Storm
292833 - vmware vcenter_server_appliance VMware vCenter Server Appliance (vCSA) 5.0 before Update 2 does not properly parse XML documents, which allows remote authenticated users to read arbitrary files via unspecified vectors. CWE-200
Information Exposure 		CVE-2012-6325 2024-11-21 10:46 2012-12-22 Show GitHub Exploit DB Packet Storm
292834 - vmware vcenter_server_appliance Directory traversal vulnerability in VMware vCenter Server Appliance (vCSA) 5.0 before Update 2 and 5.1 before Patch 1 allows remote authenticated users to read arbitrary files via unspecified vector… CWE-22
Path Traversal 		CVE-2012-6324 2024-11-21 10:46 2012-12-22 Show GitHub Exploit DB Packet Storm
292835 - samsung
meizu 		galaxy_note_2
mx
galaxy_s2 		The kernel in Samsung Galaxy S2, Galaxy Note 2, MEIZU MX, and possibly other Android devices, when running an Exynos 4210 or 4412 processor, uses weak permissions (0666) for /dev/exynos-mem, which al… CWE-264
Permissions, Privileges, and Access Controls 		CVE-2012-6422 2024-11-21 10:46 2012-12-18 Show GitHub Exploit DB Packet Storm
292836 - xen xen Multiple HVM control operations in Xen 3.4 through 4.2 allow local HVM guest OS administrators to cause a denial of service (physical CPU consumption) via a large input. CWE-399
 Resource Management Errors 		CVE-2012-6333 2024-11-21 10:46 2012-12-13 Show GitHub Exploit DB Packet Storm
292837 - simple_gmail_login 1.1.2
1.1.3 		simple-gmail-login.php in the Simple Gmail Login plugin before 1.1.4 for WordPress allows remote attackers to obtain sensitive information via a request that lacks a timezone, leading to disclosure o… CWE-200
Information Exposure 		CVE-2012-6313 2024-11-21 10:46 2012-12-11 Show GitHub Exploit DB Packet Storm
292838 - video-lead-form uk-cookie Cross-site scripting (XSS) vulnerability in the Video Lead Form plugin for WordPress allows remote attackers to inject arbitrary web script or HTML via the errMsg parameter in a video-lead-form actio… CWE-79
Cross-site Scripting 		CVE-2012-6312 2024-11-21 10:46 2012-12-11 Show GitHub Exploit DB Packet Storm
292839 6.1 MEDIUM
Network 		arc2_project arc2 ARC (aka ARC2) through 2011-12-01 allows reflected XSS via the end_point.php query parameter in an output=htmltab action. CWE-79
Cross-site Scripting 		CVE-2012-5873 2024-11-21 10:45 2023-04-26 Show GitHub Exploit DB Packet Storm
292840 9.8 CRITICAL
Network 		arc2_project arc2 ARC (aka ARC2) through 2011-12-01 allows blind SQL Injection in getTriplePatternSQL in ARC2_StoreSelectQueryHandler.php via comments in a SPARQL WHERE clause. CWE-89
SQL Injection 		CVE-2012-5872 2024-11-21 10:45 2023-04-26 Show GitHub Exploit DB Packet Storm