Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":May 20, 2026, 6 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
232111 7.5 危険 sh-news - SH-News における PHP リモートファイルインクルージョンの脆弱性 - CVE-2006-5282 2012-12-20 18:02 2006-10-13 Show GitHub Exploit DB Packet Storm
232112 7.5 危険 phpmyagenda - phpMyAgenda の templates/header.php3 におけるディレクトリトラバーサルの脆弱性 - CVE-2006-5263 2012-12-20 18:02 2006-10-12 Show GitHub Exploit DB Packet Storm
232113 7.5 危険 phpmynews - PHPMyNews における PHP リモートファイルインクルージョンの脆弱性 - CVE-2006-5261 2012-12-20 18:02 2006-10-12 Show GitHub Exploit DB Packet Storm
232114 5.1 警告 webmedia explorer - Webmedia Explorer の includes/core.lib.php における PHP リモートファイルインクルージョンの脆弱性 - CVE-2006-5252 2012-12-20 18:02 2006-10-12 Show GitHub Exploit DB Packet Storm
232115 7.5 危険 tagit - tagit2b の tagmin/delTagUser.php における PHP リモートファイルインクルージョンの脆弱性 - CVE-2006-5249 2012-12-20 18:02 2006-10-11 Show GitHub Exploit DB Packet Storm
232116 7.8 危険 Polycom - Polycom SoundPoint IP 301 VoIP Desktop Phone におけるサービス運用妨害 (DoS) の脆弱性 - CVE-2006-5233 2012-12-20 18:02 2006-10-10 Show GitHub Exploit DB Packet Storm
232117 7.5 危険 rob hensley - Rob Hensley ackerTodo の Google Gadget login.php における SQL インジェクションの脆弱性 - CVE-2006-5228 2012-12-20 18:02 2006-10-10 Show GitHub Exploit DB Packet Storm
232118 6.8 警告 TorrentFlux - TorrentFlux の admin.php におけるクロスサイトスクリプティングの脆弱性 - CVE-2006-5227 2012-12-20 18:02 2006-10-10 Show GitHub Exploit DB Packet Storm
232119 7.5 危険 sergey lyubka - Sergey Lyubka Simple HTTPD におけるスタックベースのバッファオーバーフローの脆弱性 - CVE-2006-5216 2012-12-20 18:02 2006-10-10 Show GitHub Exploit DB Packet Storm
232120 5 警告 トレンドマイクロ - SMB および OSCE 用の CSM Suite におけるファイルを削除される脆弱性 - CVE-2006-5212 2012-12-20 18:02 2006-04-21 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:May 20, 2026, 4:14 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
291911 - ubuntu metal_as_a_service Cross-site scripting (XSS) vulnerability in the API in Ubuntu Metal as a Service (MaaS) 1.2 and 1.4 allows remote attackers to inject arbitrary web script or HTML via the op parameter to nodes/. CWE-79
Cross-site Scripting 		CVE-2013-1070 2024-11-21 10:48 2014-02-18 Show GitHub Exploit DB Packet Storm
291912 - ubuntu metal_as_a_service Ubuntu Metal as a Service (MaaS) 1.2 and 1.4 uses world-readable permissions for txlongpoll.yaml, which allows local users to obtain RabbitMQ authentication credentials by reading the file. CWE-264
Permissions, Privileges, and Access Controls 		CVE-2013-1069 2024-11-21 10:48 2014-02-18 Show GitHub Exploit DB Packet Storm
291913 - novell identity_manager_roles_based_provisioning_module Cross-site scripting (XSS) vulnerability in the Roles Based Provisioning Module 4.0.2 before Field Patch D for Novell Identity Manager (aka IDM) allows remote attackers to inject arbitrary web script… CWE-79
Cross-site Scripting 		CVE-2013-1096 2024-11-21 10:48 2013-12-28 Show GitHub Exploit DB Packet Storm
291914 - ffmpeg ffmpeg The add_doubles_metadata function in libavcodec/tiff.c in FFmpeg before 1.1 allows remote attackers to have an unspecified impact via a negative or zero count value in a TIFF image, which triggers an… CWE-189
Numeric Errors 		CVE-2013-0859 2024-11-21 10:48 2013-12-8 Show GitHub Exploit DB Packet Storm
291915 - debian
ffmpeg 		debian_linux
ffmpeg 		The atrac3_decode_init function in libavcodec/atrac3.c in FFmpeg before 1.0.4 allows remote attackers to have an unspecified impact via ATRAC3 data with the joint stereo coding mode set and fewer tha… NVD-CWE-noinfo
CVE-2013-0858 2024-11-21 10:48 2013-12-8 Show GitHub Exploit DB Packet Storm
291916 - ffmpeg ffmpeg The decode_frame_ilbm function in libavcodec/iff.c in FFmpeg before 1.1 allows remote attackers to have an unspecified impact via a crafted height value in IFF PBM/ILBM bitmap data. CWE-20
 Improper Input Validation  		CVE-2013-0857 2024-11-21 10:48 2013-12-8 Show GitHub Exploit DB Packet Storm
291917 - ffmpeg ffmpeg The lpc_prediction function in libavcodec/alac.c in FFmpeg before 1.1 allows remote attackers to have an unspecified impact via crafted Apple Lossless Audio Codec (ALAC) data, related to a large nb_s… CWE-20
 Improper Input Validation  		CVE-2013-0856 2024-11-21 10:48 2013-12-8 Show GitHub Exploit DB Packet Storm
291918 - ffmpeg ffmpeg Integer overflow in the alac_decode_close function in libavcodec/alac.c in FFmpeg before 1.1 allows remote attackers to have an unspecified impact via a large number of samples per frame in Apple Los… CWE-189
Numeric Errors 		CVE-2013-0855 2024-11-21 10:48 2013-12-8 Show GitHub Exploit DB Packet Storm
291919 - ffmpeg ffmpeg The mjpeg_decode_scan_progressive_ac function in libavcodec/mjpegdec.c in FFmpeg before 1.1 allows remote attackers to have an unspecified impact via crafted MJPEG data. CWE-20
 Improper Input Validation  		CVE-2013-0854 2024-11-21 10:48 2013-12-8 Show GitHub Exploit DB Packet Storm
291920 - ffmpeg ffmpeg The wavpack_decode_frame function in libavcodec/wavpack.c in FFmpeg before 1.1 allows remote attackers to have an unspecified impact via crafted WavPack data, which triggers an out-of-bounds array ac… CWE-189
Numeric Errors 		CVE-2013-0853 2024-11-21 10:48 2013-12-8 Show GitHub Exploit DB Packet Storm