Vulnerability Search Top

Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

Vulnerability Information Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":Feb. 9, 2026, 12:59 p.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
232081	5.1	警告	hotscripts	-	CyBoards PHP Lite におけるディレクトリトラバーサルの脆弱性	CWE-22 パス・トラバーサル	CVE-2008-3710	2012-09-25 17:17	2008-08-19	Show	GitHub Exploit DB Packet Storm

232082	4.3	警告	hotscripts	-	CyBoards PHP Lite におけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2008-3709	2012-09-25 17:17	2008-08-19	Show	GitHub Exploit DB Packet Storm

232083	7.5	危険	hotscripts	-	CyBoards PHP Lite における PHP リモートファイルインクルージョンの脆弱性	CWE-94 コード・インジェクション	CVE-2008-3707	2012-09-25 17:17	2008-08-19	Show	GitHub Exploit DB Packet Storm

232084	9.3	危険	speedbit jcomsoft	-	SpeedBit DAP などの製品におけるスタックベースのバッファオーバーフローの脆弱性	CWE-119 バッファエラー	CVE-2008-3702	2012-09-25 17:17	2008-08-15	Show	GitHub Exploit DB Packet Storm

232085	6.5	警告	Kayako	-	Kayako SupportSuite の staff/index.php における SQL インジェクションの脆弱性	CWE-89 SQLインジェクション	CVE-2008-3701	2012-09-25 17:17	2008-08-15	Show	GitHub Exploit DB Packet Storm

232086	4.3	警告	Kayako	-	Kayako SupportSuite におけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2008-3700	2012-09-25 17:17	2008-08-15	Show	GitHub Exploit DB Packet Storm

232087	4.3	警告	havp	-	HAVP の sockethandler.cpp におけるサービス運用妨害 (DoS) の脆弱性	CWE-399 リソース管理の問題	CVE-2008-3688	2012-09-25 17:17	2008-08-14	Show	GitHub Exploit DB Packet Storm

232088	7.5	危険	pars4u	-	Pars4u Videosharing の categories_portal.php における SQL インジェクションの脆弱性	CWE-89 SQLインジェクション	CVE-2008-3772	2012-09-25 17:17	2008-08-22	Show	GitHub Exploit DB Packet Storm

232089	4.3	警告	pars4u	-	Pars4u Videosharing の members.php におけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2008-3771	2012-09-25 17:17	2008-08-22	Show	GitHub Exploit DB Packet Storm

232090	6.8	警告	openfreeway	-	Freeway におけるディレクトリトラバーサルの脆弱性	CWE-22 パス・トラバーサル	CVE-2008-3770	2012-09-25 17:17	2008-08-22	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:April 22, 2026, 4 a.m.

No	CVSS	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
300321	-	paul_smith_computer_services	vcap	Directory traversal vulnerability in Paul Smith Computer Services vCAP 1.9.0 Beta and earlier allows remote attackers to read arbitrary files via a .. (dot dot) in the URI.	NVD-CWE-Other	CVE-2006-5034	2017-07-20 10:33	2006-09-28	Show	GitHub Exploit DB Packet Storm

300322	-	fiwin	ss28s_wifi_voip_sip_skype_phone	The FiWin SS28S WiFi VoIP SIP/Skype Phone, firmware version 01_02_07, has a hard-coded username and password, which allows remote attackers to gain administrative access via telnet.	NVD-CWE-Other	CVE-2006-5038	2017-07-20 10:33	2006-09-28	Show	GitHub Exploit DB Packet Storm

300323	-	activision	call_of_duty call_of_duty_2 call_of_duty_united_offensive	Buffer overflow in (1) Call of Duty 1.5b and earlier, (2) Call of Duty United Offensive 1.51b and earlier, and (3) Call of Duty 2 1.3 and earlier allows remote attackers to execute arbitrary code via…	NVD-CWE-Other	CVE-2006-5058	2017-07-20 10:33	2006-09-28	Show	GitHub Exploit DB Packet Storm

300324	-	stefan_ritt	elog_web_logbook	Cross-site scripting (XSS) vulnerability in Elog 2.6.1 allows remote attackers to inject arbitrary web script or HTML by editing log entries in HTML mode.	NVD-CWE-Other	CVE-2006-5063	2017-07-20 10:33	2006-09-28	Show	GitHub Exploit DB Packet Storm

300325	-	eyeos_project	eyeos	Multiple cross-site scripting (XSS) vulnerabilities in eyeOS before 0.9.1 allow remote attackers to inject arbitrary web script or HTML via unspecified vectors involving (1) eyeNav and (2) system/bai…	NVD-CWE-Other	CVE-2006-5071	2017-07-20 10:33	2006-09-28	Show	GitHub Exploit DB Packet Storm

300326	-	eyeos_project	eyeos	This vulnerability is addressed in the following product release: eyeOS Project, eyeOS, 0.9.1	NVD-CWE-Other	CVE-2006-5071	2017-07-20 10:33	2006-09-28	Show	GitHub Exploit DB Packet Storm

300327	-	mono	mono	The System.CodeDom.Compiler classes in Novell Mono create temporary files with insecure permissions, which allows local users to overwrite arbitrary files or execute arbitrary code via a symlink atta…	NVD-CWE-Other	CVE-2006-5072	2017-07-20 10:33	2006-10-10	Show	GitHub Exploit DB Packet Storm

300328	-	sun	solaris	The Kernel SSL Proxy service (svc:/network/ssl/proxy) in Sun Solaris 10 before 20060926 allows remote attackers to cause a denial of service (system crash) via unspecified vectors related to an SSL c…	NVD-CWE-Other	CVE-2006-5075	2017-07-20 10:33	2006-09-29	Show	GitHub Exploit DB Packet Storm

300329	-	six_apart	movable_type	Cross-site scripting (XSS) vulnerability in the search function in Six Apart Movable Type 3.3 to 3.32, and Movable Type Enterprise 1.01 and 1.02, allows remote attackers to inject arbitrary web scrip…	CWE-79 Cross-site Scripting	CVE-2006-5080	2017-07-20 10:33	2006-09-29	Show	GitHub Exploit DB Packet Storm

300330	-	sugarcrm	sugar_suite	Unspecified vulnerability in Sugar Suite Open Source (SugarCRM) before 4.2.1 Patch C (20060917) has unspecified impact, related to code execution, and unspecified attack vectors.	NVD-CWE-noinfo	CVE-2006-5082	2017-07-20 10:33	2006-09-29	Show	GitHub Exploit DB Packet Storm