Vulnerability Search Top

Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

Vulnerability Information Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":May 17, 2026, noon

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
231001	7.5	危険	php-update	-	PHP-Update の code/guestadd.php における SQL インジェクションの脆弱性	CWE-89 SQLインジェクション	CVE-2006-6880	2012-12-20 18:02	2006-12-31	Show	GitHub Exploit DB Packet Storm

231002	6	警告	php-update	-	PHP-Update の admin/uploads.php における任意のコードをアップロードおよび実行される脆弱性	-	CVE-2006-6879	2012-12-20 18:02	2006-12-31	Show	GitHub Exploit DB Packet Storm

231003	7.5	危険	php-update	-	PHP-Update の admin/uploads.php における権限を取得される脆弱性	-	CVE-2006-6878	2012-12-20 18:02	2006-12-31	Show	GitHub Exploit DB Packet Storm

231004	6.8	警告	Zen Cart	-	Zen Cart Web Shopping Cart におけるクロスサイトスクリプティングの脆弱性	-	CVE-2006-6868	2012-12-20 18:02	2006-12-30	Show	GitHub Exploit DB Packet Storm

231005	7.5	危険	vladimir meshakov	-	Vladimir Menshakov buratinable templator における PHP リモートファイルインクルージョンの脆弱性	-	CVE-2006-6867	2012-12-20 18:02	2006-12-31	Show	GitHub Exploit DB Packet Storm

231006	7.8	危険	stphp	-	STphp EasyNews におけるユーザ名などを取得される脆弱性	-	CVE-2006-6866	2012-12-20 18:02	2006-12-31	Show	GitHub Exploit DB Packet Storm

231007	7.8	危険	softartisans	-	SAFileUp の SAFileUpSamples/util/viewsrc.asp におけるディレクトリトラバーサルの脆弱性	-	CVE-2006-6865	2012-12-20 18:02	2006-12-31	Show	GitHub Exploit DB Packet Storm

231008	10	危険	website designs for less	-	Website Designs For Less Click N' Print Coupons の coupon_detail.asp における SQL インジェクションの脆弱性	-	CVE-2006-6859	2012-12-20 18:02	2006-12-31	Show	GitHub Exploit DB Packet Storm

231009	7.5	危険	webtext	-	WebText CMS における wt/users/ 配下のスクリプトへ任意の PHP コードを挿入される脆弱性	-	CVE-2006-6856	2012-12-20 18:02	2006-12-31	Show	GitHub Exploit DB Packet Storm

231010	7.5	危険	shadowed works	-	Shadowed Portal の include.php における PHP リモートファイルインクルージョンの脆弱性	-	CVE-2006-6850	2012-12-20 18:02	2006-12-31	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:May 17, 2026, 4:15 a.m.

No	CVSS	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
292191	-	ibm	lotus_domino	Cross-site request forgery (CSRF) vulnerability in webadmin.nsf (aka the Web Administrator client) in IBM Domino 8.5.x allows remote authenticated users to hijack the authentication of administrators.	CWE-352 Origin Validation Error	CVE-2013-0489	2024-11-21 10:47	2013-03-27	Show	GitHub Exploit DB Packet Storm

292192	-	ibm	lotus_domino	Cross-site scripting (XSS) vulnerability in webadmin.nsf (aka the Web Administrator client) in IBM Domino 8.5.x allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.	CWE-79 Cross-site Scripting	CVE-2013-0488	2024-11-21 10:47	2013-03-27	Show	GitHub Exploit DB Packet Storm

292193	-	ibm	lotus_domino	The Java Console in IBM Domino 8.5.x allows remote authenticated users to hijack temporary credentials by leveraging knowledge of configuration details, aka SPR KLYH8TNNDN.	CWE-287 Improper Authentication	CVE-2013-0487	2024-11-21 10:47	2013-03-27	Show	GitHub Exploit DB Packet Storm

292194	-	ibm	lotus_domino	Memory leak in the HTTP server in IBM Domino 8.5.x allows remote attackers to cause a denial of service (memory consumption and daemon crash) via GET requests, aka SPR KLYH92NKZY.	CWE-399 Resource Management Errors	CVE-2013-0486	2024-11-21 10:47	2013-03-27	Show	GitHub Exploit DB Packet Storm

292195	-	ibm	lotus_inotes	Multiple cross-site scripting (XSS) vulnerabilities in IBM iNotes 8.5.x allow local users to inject arbitrary web script or HTML via a shared mail file, aka SPR DKEN8PDNTX.	CWE-79 Cross-site Scripting	CVE-2013-0525	2024-11-21 10:47	2013-03-27	Show	GitHub Exploit DB Packet Storm

292196	-	canonical samba ibm	ubuntu_linux samba storwize	The SMB2 implementation in Samba 3.6.x before 3.6.6, as used on the IBM Storwize V7000 Unified 1.3 before 1.3.2.3 and 1.4 before 1.4.0.1 and possibly other products, does not properly enforce CIFS sh…	CWE-264 Permissions, Privileges, and Access Controls	CVE-2013-0454	2024-11-21 10:47	2013-03-27	Show	GitHub Exploit DB Packet Storm

292197	-	openstack canonical	essex folsom grizzly ubuntu_linux	OpenStack Compute (Nova) Grizzly, Folsom (2012.2), and Essex (2012.1) allows remote authenticated users to gain access to a VM in opportunistic circumstances by using the VNC token for a deleted VM t…	CWE-264 Permissions, Privileges, and Access Controls	CVE-2013-0335	2024-11-21 10:47	2013-03-23	Show	GitHub Exploit DB Packet Storm

292198	-	ibm	tivoli_endpoint_manager	Cross-site scripting (XSS) vulnerability in Web Reports in IBM Tivoli Endpoint Manager (TEM) before 8.2.1372 allows remote authenticated users to inject arbitrary web script or HTML via a crafted URL.	CWE-79 Cross-site Scripting	CVE-2013-0453	2024-11-21 10:47	2013-03-22	Show	GitHub Exploit DB Packet Storm

292199	-	fedoraproject	sssd	The Simple Access Provider in System Security Services Daemon (SSSD) 1.9.0 through 1.9.4, when the Active Directory provider is used, does not properly enforce the simple_deny_groups option, which al…	CWE-264 Permissions, Privileges, and Access Controls	CVE-2013-0287	2024-11-21 10:47	2013-03-22	Show	GitHub Exploit DB Packet Storm

292200	-	siemens	simatic_pcs7 wincc	Directory traversal vulnerability in the web server in Siemens WinCC before 7.2, as used in SIMATIC PCS7 before 8.0 SP1 and other products, allows remote authenticated users to read arbitrary files v…	CWE-22 Path Traversal	CVE-2013-0679	2024-11-21 10:47	2013-03-22	Show	GitHub Exploit DB Packet Storm