Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":May 12, 2026, 6 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
231051 7.5 危険 tutti nova - Tutti Nova における PHP リモートファイルインクルージョンの脆弱性 - CVE-2006-4277 2012-12-20 18:02 2006-08-21 Show GitHub Exploit DB Packet Storm
231052 7.5 危険 tutti nova - Tutti Nova における PHP リモートファイルインクルージョンの脆弱性 - CVE-2006-4276 2012-12-20 18:02 2006-08-21 Show GitHub Exploit DB Packet Storm
231053 3.6 注意 シマンテック - Symantec Norton Personal Firewall におけるトロイの木馬ライプラリを追加される脆弱性 - CVE-2006-4266 2012-12-20 18:02 2006-08-21 Show GitHub Exploit DB Packet Storm
231054 7.5 危険 product scroller module - Mambo および Joomla! 用の mambo-phpshop における PHP リモートファイルインクルージョンの脆弱性 - CVE-2006-4263 2012-12-20 18:02 2006-08-21 Show GitHub Exploit DB Packet Storm
231055 5 警告 PowerDNS - PowerDNS Recursor におけるサービス運用妨害 (DoS) の脆弱性 - CVE-2006-4252 2012-12-20 18:02 2006-11-13 Show GitHub Exploit DB Packet Storm
231056 7.5 危険 PowerDNS - PowerDNS Recursor におけるバッファオーバーフローの脆弱性 - CVE-2006-4251 2012-12-20 18:02 2006-11-13 Show GitHub Exploit DB Packet Storm
231057 4.3 警告 Plone Foundation - Plone の PlonePAS における "グループを偽装される" 脆弱性 - CVE-2006-4249 2012-12-20 18:02 2006-11-2 Show GitHub Exploit DB Packet Storm
231058 6.4 警告 Plone Foundation - Plone の Password Reset Tool における他のユーザのパスワードをリセットされる脆弱性 - CVE-2006-4247 2012-12-20 18:02 2006-09-29 Show GitHub Exploit DB Packet Storm
231059 7.5 危険 sql-ledger - SQL-Ledger におけるログイン済みユーザとしてアクセス権を取得される脆弱性 CWE-287
不適切な認証 		CVE-2006-4244 2012-12-20 18:02 2006-08-30 Show GitHub Exploit DB Packet Storm
231060 7.5 危険 wtcom - WTcom の torrents.php における SQL インジェクションの脆弱性 - CVE-2006-4238 2012-12-20 18:02 2006-08-21 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:May 13, 2026, 5:05 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
292461 - siemens sipass_integrated AscoServer.exe in the server in Siemens SiPass integrated MP2.6 and earlier does not properly handle IOCP RPC messages received over an Ethernet network, which allows remote attackers to write data t… CWE-119
Incorrect Access of Indexable Resource ('Range Error')  		CVE-2012-5409 2024-11-21 10:44 2012-11-1 Show GitHub Exploit DB Packet Storm
292462 - videolan vlc_media_player libpng_plugin in VideoLAN VLC media player 2.0.3 allows remote attackers to cause a denial of service (application crash) via a crafted PNG file. CWE-119
Incorrect Access of Indexable Resource ('Range Error')  		CVE-2012-5470 2024-11-21 10:44 2012-10-26 Show GitHub Exploit DB Packet Storm
292463 - phpmyadmin phpmyadmin phpMyAdmin 3.5.x before 3.5.3 uses JavaScript code that is obtained through an HTTP session to phpmyadmin.net without SSL, which allows man-in-the-middle attackers to conduct cross-site scripting (XS… CWE-79
Cross-site Scripting 		CVE-2012-5368 2024-11-21 10:44 2012-10-25 Show GitHub Exploit DB Packet Storm
292464 - phpmyadmin phpmyadmin Multiple cross-site scripting (XSS) vulnerabilities in phpMyAdmin 3.5.x before 3.5.3 allow remote authenticated users to inject arbitrary web script or HTML via a crafted name of (1) an event, (2) a … CWE-79
Cross-site Scripting 		CVE-2012-5339 2024-11-21 10:44 2012-10-25 Show GitHub Exploit DB Packet Storm
292465 - zoner zoner_antivirus_free The Zoner AntiVirus Free application for Android does not verify that the server hostname matches a domain name in the subject's Common Name (CN) field of the X.509 certificate, which allows man-in-t… CWE-310
Cryptographic Issues 		CVE-2012-5456 2024-11-21 10:44 2012-10-25 Show GitHub Exploit DB Packet Storm
292466 - videousermanuals white-label-cms Cross-site scripting (XSS) vulnerability in wlcms-plugin.php in the White Label CMS plugin 1.5 for WordPress allows remote authenticated administrators to inject arbitrary web script or HTML via the … CWE-79
Cross-site Scripting 		CVE-2012-5388 2024-11-21 10:44 2012-10-25 Show GitHub Exploit DB Packet Storm
292467 - videousermanuals white-label-cms Cross-site request forgery (CSRF) vulnerability in wlcms-plugin.php in the White Label CMS plugin before 1.5.1 for WordPress allows remote attackers to hijack the authentication of administrators for… CWE-352
 Origin Validation Error 		CVE-2012-5387 2024-11-21 10:44 2012-10-25 Show GitHub Exploit DB Packet Storm
292468 - tibco formvine The server in TIBCO Formvine 3.1.x and 3.2.x before 3.2.1 does not properly implement access control, which allows remote attackers to obtain sensitive information or modify data via unspecified vect… CWE-264
Permissions, Privileges, and Access Controls 		CVE-2012-5302 2024-11-21 10:44 2012-10-25 Show GitHub Exploit DB Packet Storm
292469 - adobe shockwave_player Buffer overflow in Adobe Shockwave Player before 11.6.8.638 allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2012-4172, CVE-2012-4173, CVE-2012-4… CWE-119
Incorrect Access of Indexable Resource ('Range Error')  		CVE-2012-5273 2024-11-21 10:44 2012-10-24 Show GitHub Exploit DB Packet Storm
292470 - joomla joomla\! Cross-site scripting (XSS) vulnerability in the language search component in Joomla! before 3.0.1 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors, related to a … CWE-79
Cross-site Scripting 		CVE-2012-5455 2024-11-21 10:44 2012-10-23 Show GitHub Exploit DB Packet Storm