Vulnerability Search Top

Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

Vulnerability Information Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":June 30, 2026, 6 p.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
226481	10	危険	op5	-	op5 Monitor および op5 Appliance の system-portal の license.php における任意のコマンドを実行される脆弱性	CWE-94 コード・インジェクション	CVE-2012-0261	2014-01-7 14:27	2012-01-20	Show	GitHub Exploit DB Packet Storm

226482	7.5	危険	Synology Inc.	-	Synology DiskStation Manager の FileBrowser コンポーネントにおけるディレクトリトラバーサルの脆弱性	CWE-22 パス・トラバーサル	CVE-2013-6987	2014-01-7 12:07	2013-12-19	Show	GitHub Exploit DB Packet Storm

226483	4.3	警告	Mislav Marohnic	-	Ruby 用 will_paginate gem におけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2013-6459	2014-01-7 11:39	2013-09-18	Show	GitHub Exploit DB Packet Storm

226484	4.3	警告	CloudBees	-	CloudBees Jenkins のデフォルトの markup formatter におけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2013-5573	2014-01-7 11:20	2013-12-17	Show	GitHub Exploit DB Packet Storm

226485	6.5	警告	Zenphoto	-	Zenphoto の zp-core/zp-extensions/wordpress_import.php における SQL インジェクションの脆弱性	CWE-89 SQLインジェクション	CVE-2013-7242	2014-01-7 10:50	2013-10-1	Show	GitHub Exploit DB Packet Storm

226486	4.3	警告	Zenphoto	-	Zenphoto の zp-core/zp-extensions/mergedRSS.php 内の export 関数におけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2013-7241	2014-01-7 10:49	2013-10-1	Show	GitHub Exploit DB Packet Storm

226487	6.5	警告	シスコシステムズ	-	Cisco Unified Presence Server の Web インターフェースにおける SQL インジェクションの脆弱性	CWE-89 SQLインジェクション	CVE-2013-6983	2014-01-6 18:30	2014-01-3	Show	GitHub Exploit DB Packet Storm

226488	6.8	警告	The JForum Team	-	JForum の Admin モジュールの admBase/login.page におけるクロスサイトリクエストフォージェリの脆弱性	CWE-352 同一生成元ポリシー違反	CVE-2013-7209	2014-01-6 18:29	2013-12-26	Show	GitHub Exploit DB Packet Storm

226489	6.8	警告	WordPress.org	-	WordPress の wp-admin/options-discussion.php の retrospam コンポーネントにおけるクロスサイトリクエストフォージェリの脆弱性	CWE-352 同一生成元ポリシー違反	CVE-2013-7233	2014-01-6 18:28	2013-12-17	Show	GitHub Exploit DB Packet Storm

226490	7.5	危険	Esri	-	ESRI ArcGIS for Server における SQL インジェクションの脆弱性	CWE-89 SQLインジェクション	CVE-2013-7232	2014-01-6 18:27	2013-12-19	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:June 30, 2026, 4:22 a.m.

No	CVSS	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
345751	-	deerfield icewarp merak	visnetic_mail_server web_mail mail_server	Absolute path directory traversal vulnerability in (1) MERAK Mail Server for Windows 8.3.8r with before IceWarp Web Mail 5.6.1 and (2) VisNetic MailServer before 8.5.0.5 allows remote authenticated u…	NVD-CWE-Other	CVE-2006-0818	2018-10-19 01:29	2006-07-21	Show	GitHub Exploit DB Packet Storm

345752	-	gnome	dwarf_http_server	Dwarf HTTP Server 1.3.2 allows remote attackers to obtain the source code of JSP files via (1) dot, (2) space, (3) slash, or (4) NULL characters in the filename extension of an HTTP request.	NVD-CWE-Other	CVE-2006-0819	2018-10-19 01:29	2006-03-14	Show	GitHub Exploit DB Packet Storm

345753	-	gnome	dwarf_http_server	Cross-site scripting (XSS) vulnerability in Dwarf HTTP Server 1.3.2 allows remote attackers to inject arbitrary web script or HTML via unspecified error messages.	NVD-CWE-Other	CVE-2006-0820	2018-10-19 01:29	2006-03-14	Show	GitHub Exploit DB Packet Storm

345754	-	geeklog	geeklog	Multiple SQL injection vulnerabilities in Geeklog 1.4.0 before 1.4.0sr1 and 1.3.11 before 1.3.11sr4 allow remote attackers to inject arbitrary SQL commands via the (1) userid variable to users.php or…	NVD-CWE-Other	CVE-2006-0823	2018-10-19 01:29	2006-02-22	Show	GitHub Exploit DB Packet Storm

345755	-	geeklog	geeklog	Multiple unspecified vulnerabilities in lib-common.php in Geeklog 1.4.0 before 1.4.0sr1 and 1.3.11 before 1.3.11sr4 allow remote attackers to include arbitrary local files and execute arbitrary code …	NVD-CWE-Other	CVE-2006-0824	2018-10-19 01:29	2006-02-22	Show	GitHub Exploit DB Packet Storm

345756	-	e-blah	platinum	Cross-site scripting vulnerability in E-Blah Platinum 9.7 allows remote attackers to inject arbitrary web script or HTML via the referer (HTTP_REFERER), which is not sanitized when the log file is vi…	NVD-CWE-Other	CVE-2006-0829	2018-10-19 01:29	2006-02-22	Show	GitHub Exploit DB Packet Storm

345757	-	tasarim_rehberi	tasarim_rehberi	PHP remote file include vulnerability in index.php in Tasarim Rehberi allows remote attackers to execute arbitrary PHP code via a URL in the (1) sayfaadi or (2) sayfa parameter. NOTE: this might be …	NVD-CWE-Other	CVE-2006-0831	2018-10-19 01:29	2006-02-22	Show	GitHub Exploit DB Packet Storm

345758	-	wpc.easy	wpc.easy	Multiple SQL injection vulnerabilities in admin.asp in WPC.easy allow remote attackers to execute arbitrary SQL commands via the (1) uid and (2) pwd parameter.	NVD-CWE-Other	CVE-2006-0832	2018-10-19 01:29	2006-02-22	Show	GitHub Exploit DB Packet Storm

345759	-	uniden	uip1868p	Uniden UIP1868P VoIP Telephone and Router has a default password of admin for the web-based configuration utility, which allows remote attackers to obtain sensitive information on the device such as …	NVD-CWE-Other	CVE-2006-0834	2018-10-19 01:29	2006-02-22	Show	GitHub Exploit DB Packet Storm

345760	-	mozilla	thunderbird	Mozilla Thunderbird 1.5 allows user-assisted attackers to cause an unspecified denial of service by tricking the user into importing an LDIF file with a long field into the address book, as demonstra…	NVD-CWE-Other	CVE-2006-0836	2018-10-19 01:29	2006-02-22	Show	GitHub Exploit DB Packet Storm