Vulnerability Search Top

Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

Vulnerability Information Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":May 23, 2026, 6 p.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
232201	7.5	危険	plx web studio	-	plx Web Studio plx Pay の index.php におけるディレクトリトラバーサルの脆弱性	-	CVE-2006-6392	2012-12-20 18:02	2006-12-7	Show	GitHub Exploit DB Packet Storm

232202	6.8	警告	positive software	-	Positive Software H-Sphere のコントロールパネルにおける任意のファイルにログデータを追加される脆弱性	-	CVE-2006-6382	2012-12-20 18:02	2006-12-7	Show	GitHub Exploit DB Packet Storm

232203	7.5	危険	ultimate helpdesk	-	Ultimate HelpDesk の getfile.asp におけるディレクトリトラバーサルの脆弱性	-	CVE-2006-6381	2012-12-20 18:02	2006-12-7	Show	GitHub Exploit DB Packet Storm

232204	6.8	警告	ultimate helpdesk	-	Ultimate HelpDesk の index.asp におけるクロスサイトスクリプティングの脆弱性	-	CVE-2006-6380	2012-12-20 18:02	2006-12-7	Show	GitHub Exploit DB Packet Storm

232205	7.5	危険	widcomm	-	BTSaveMySql における設定情報を取得される脆弱性	-	CVE-2006-6378	2012-12-20 18:02	2006-12-7	Show	GitHub Exploit DB Packet Storm

232206	7.5	危険	uploadscript	-	Uploadscript における admin パスワードハッシュを取得される脆弱性	-	CVE-2006-6377	2012-12-20 18:02	2006-12-7	Show	GitHub Exploit DB Packet Storm

232207	6.8	警告	Simple Machines	-	SMF の display.php におけるクロスサイトスクリプティングの脆弱性	-	CVE-2006-6375	2012-12-20 18:02	2006-12-7	Show	GitHub Exploit DB Packet Storm

232208	7.5	危険	The phpMyAdmin Project	-	PhpMyAdmin における CRLF インジェクションの脆弱性	-	CVE-2006-6374	2012-12-20 18:02	2006-12-7	Show	GitHub Exploit DB Packet Storm

232209	5	警告	The phpMyAdmin Project	-	PhpMyAdmin における重要な情報を取得される脆弱性	-	CVE-2006-6373	2012-12-20 18:02	2006-12-7	Show	GitHub Exploit DB Packet Storm

232210	7.5	危険	sergey korostel	-	PHP Upload Center の activate.php における PHP リモートファイルインクルージョンの脆弱性	-	CVE-2006-6360	2012-12-20 18:02	2006-12-7	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:May 23, 2026, 4:08 a.m.

No	CVSS	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
291821	-	john_nunemaker	httparty	The httparty gem 0.9.0 and earlier for Ruby does not properly restrict casts of string values, which might allow remote attackers to conduct object-injection attacks and execute arbitrary code, or ca…	CWE-264 Permissions, Privileges, and Access Controls	CVE-2013-1801	2024-11-21 10:50	2013-04-10	Show	GitHub Exploit DB Packet Storm

291822	-	john_nunemaker	crack	The crack gem 0.3.1 and earlier for Ruby does not properly restrict casts of string values, which might allow remote attackers to conduct object-injection attacks and execute arbitrary code, or cause…	CWE-264 Permissions, Privileges, and Access Controls	CVE-2013-1800	2024-11-21 10:50	2013-04-10	Show	GitHub Exploit DB Packet Storm

291823	-	freedesktop	poppler	poppler/Stream.cc in poppler before 0.22.1 allows context-dependent attackers to have an unspecified impact via vectors that trigger a read of uninitialized memory by the CCITTFaxStream::lookChar fun…	CWE-119 Incorrect Access of Indexable Resource ('Range Error')	CVE-2013-1790	2024-11-21 10:50	2013-04-10	Show	GitHub Exploit DB Packet Storm

291824	-	freedesktop	poppler	splash/Splash.cc in poppler before 0.22.1 allows context-dependent attackers to cause a denial of service (NULL pointer dereference and crash) via vectors related to the (1) Splash::arbitraryTransfor…	NVD-CWE-Other	CVE-2013-1789	2024-11-21 10:50	2013-04-10	Show	GitHub Exploit DB Packet Storm

291825	-	freedesktop	poppler	poppler before 0.22.1 allows context-dependent attackers to cause a denial of service (crash) and possibly execute arbitrary code via vectors that trigger an "invalid memory access" in (1) splash/Spl…	CWE-119 Incorrect Access of Indexable Resource ('Range Error')	CVE-2013-1788	2024-11-21 10:50	2013-04-10	Show	GitHub Exploit DB Packet Storm

291826	-	apple todd_miller	mac_os_x sudo	sudo 1.3.5 through 1.7.10 and 1.8.0 through 1.8.5, when the tty_tickets option is enabled, does not properly validate the controlling terminal device, which allows local users with sudo permissions t…	CWE-264 Permissions, Privileges, and Access Controls	CVE-2013-1776	2024-11-21 10:50	2013-04-9	Show	GitHub Exploit DB Packet Storm

291827	-	linux	linux_kernel	The clone system-call implementation in the Linux kernel before 3.8.3 does not properly handle a combination of the CLONE_NEWUSER and CLONE_FS flags, which allows local users to gain privileges by ca…	CWE-264 Permissions, Privileges, and Access Controls	CVE-2013-1858	2024-11-21 10:50	2013-04-6	Show	GitHub Exploit DB Packet Storm

291828	-	postgresql	postgresql	PostgreSQL, possibly 9.2.x before 9.2.4, 9.1.x before 9.1.9, 9.0.x before 9.0.13, 8.4.x before 8.4.17, and 8.3.x before 8.3.23 incorrectly provides the superuser password to scripts related to "graph…	CWE-264 Permissions, Privileges, and Access Controls	CVE-2013-1903	2024-11-21 10:50	2013-04-5	Show	GitHub Exploit DB Packet Storm

291829	-	postgresql	postgresql	PostgreSQL, 9.2.x before 9.2.4, 9.1.x before 9.1.9, 9.0.x before 9.0.13, 8.4.x before 8.4.17, and 8.3.x before 8.3.23 generates insecure temporary files with predictable filenames, which has unspecif…	NVD-CWE-Other	CVE-2013-1902	2024-11-21 10:50	2013-04-5	Show	GitHub Exploit DB Packet Storm

291830	-	postgresql canonical	postgresql ubuntu_linux	PostgreSQL 9.2.x before 9.2.4 and 9.1.x before 9.1.9 does not properly check REPLICATION privileges, which allows remote authenticated users to bypass intended backup restrictions by calling the (1) …	CWE-264 Permissions, Privileges, and Access Controls	CVE-2013-1901	2024-11-21 10:50	2013-04-5	Show	GitHub Exploit DB Packet Storm