Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":Feb. 9, 2026, 12:59 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
227801 6.8 警告 scott weedon - Scott Weedon Ajax Chat の visitor/livesupport/chat.php におけるクロスサイトスクリプティングの脆弱性 - CVE-2006-3971 2012-12-20 18:02 2006-08-2 Show GitHub Exploit DB Packet Storm
227802 5 警告 サン・マイクロシステムズ - Sun Solaris 10 3/05 HW2 の暗号化プロバイダにおけるアプリケーションがデータ変更を検出しない脆弱性 - CVE-2006-3968 2012-12-20 18:02 2006-08-1 Show GitHub Exploit DB Packet Storm
227803 7.5 危険 x-scripts - X-Scripts X-Poll の top.php における SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2006-3960 2012-12-20 18:02 2006-08-1 Show GitHub Exploit DB Packet Storm
227804 7.5 危険 x-scripts - X-Scripts X-Protection の protect.php における SQL インジェクションの脆弱性 - CVE-2006-3959 2012-12-20 18:02 2006-08-1 Show GitHub Exploit DB Packet Storm
227805 4.3 警告 pkr internet - Taskjitsu におけるクロスサイトスクリプティングの脆弱性 CWE-noinfo
情報不足 		CVE-2006-3958 2012-12-20 18:02 2006-07-6 Show GitHub Exploit DB Packet Storm
227806 4.3 警告 total online solutions - AWBS の contact.php におけるクロスサイトスクリプティングの脆弱性 - CVE-2006-3956 2012-12-20 18:02 2006-08-1 Show GitHub Exploit DB Packet Storm
227807 7.5 危険 x-scripts - X-Scripts X-Statistics の x-statistics.php における SQL インジェクションの脆弱性 - CVE-2006-3950 2012-12-20 18:02 2006-08-1 Show GitHub Exploit DB Packet Storm
227808 4.3 警告 PHPNUKE - PHP-Nuke INP の modules.php におけるクロスサイトスクリプティングの脆弱性 - CVE-2006-3948 2012-12-20 18:02 2006-08-1 Show GitHub Exploit DB Packet Storm
227809 5 警告 Opera Software ASA - Windows 上で稼動する Opera の CSS 機能におけるサービス運用妨害 (DoS) の脆弱性 - CVE-2006-3945 2012-12-20 18:02 2006-07-31 Show GitHub Exploit DB Packet Storm
227810 5 警告 マイクロソフト - Windows 上で稼動する Microsoft Internet Explorer 6 におけるサービス運用妨害 (DoS) の脆弱性 - CVE-2006-3944 2012-12-20 18:02 2006-07-31 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:April 23, 2026, 4 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
248551 - - - Password Pusher is an open source application to communicate sensitive information over the web. A cross-site scripting (XSS) vulnerability was identified in the PasswordPusher application, affecting… CWE-79
Cross-site Scripting 		CVE-2024-51989 2024-11-9 04:01 2024-11-8 Show GitHub Exploit DB Packet Storm
248552 - - - The Safe SVG WordPress plugin before 2.2.6 has its sanitisation code is only running for paths that call wp_handle_upload, but not for example for code that uses wp_handle_sideload which is often use… - CVE-2024-8378 2024-11-9 04:01 2024-11-8 Show GitHub Exploit DB Packet Storm
248553 - - - There exists an auth bypass in Google Quickshare where an attacker can upload an unknown file type to a victim. The root cause of the vulnerability lies in the fact that when a Payload Transfer frame… - CVE-2024-10668 2024-11-9 04:01 2024-11-8 Show GitHub Exploit DB Packet Storm
248554 - - - The Jetpack WordPress plugin does not have proper authorisation in one of its REST endpoint, allowing any authenticated users, such as subscriber to read arbitrary feedbacks data sent via the Jetpack… - CVE-2024-9926 2024-11-9 04:01 2024-11-8 Show GitHub Exploit DB Packet Storm
248555 - - - A flaw was found in moodle. A local file may include risks when restoring block backups. - CVE-2024-43440 2024-11-9 04:01 2024-11-7 Show GitHub Exploit DB Packet Storm
248556 - - - A flaw was found in Feedback. Bulk messaging in the activity's non-respondents report did not verify message recipients belonging to the set of users returned by the report. - CVE-2024-43438 2024-11-9 04:01 2024-11-7 Show GitHub Exploit DB Packet Storm
248557 - - - A SQL injection risk flaw was found in the XMLDB editor tool available to site administrators. - CVE-2024-43436 2024-11-9 04:01 2024-11-7 Show GitHub Exploit DB Packet Storm
248558 - - - The bulk message sending feature in Moodle's Feedback module's non-respondents report had an incorrect CSRF token check, leading to a CSRF vulnerability. - CVE-2024-43434 2024-11-9 04:01 2024-11-7 Show GitHub Exploit DB Packet Storm
248559 - - - A vulnerability was found in Moodle. Insufficient capability checks made it possible to delete badges that a user does not have permission to access. - CVE-2024-43431 2024-11-9 04:01 2024-11-7 Show GitHub Exploit DB Packet Storm
248560 - - - To address a cache poisoning risk in Moodle, additional validation for local storage was required. - CVE-2024-43428 2024-11-9 04:01 2024-11-7 Show GitHub Exploit DB Packet Storm