Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":May 21, 2026, 6:01 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
232211 7.5 危険 phpcards - phpCards の phpcards.header.php におけるディレクトリトラバーサルの脆弱性 - CVE-2006-5604 2012-12-20 18:02 2006-10-30 Show GitHub Exploit DB Packet Storm
232212 7.5 危険 Snitz - Snitz Forums 2000 の pop_mail.asp における SQL インジェクションの脆弱性 - CVE-2006-5603 2012-12-20 18:02 2006-10-30 Show GitHub Exploit DB Packet Storm
232213 4 警告 xsupplicant - xsupplicant におけるサービス運用妨害 (DoS) の脆弱性 - CVE-2006-5602 2012-12-20 18:02 2006-10-27 Show GitHub Exploit DB Packet Storm
232214 9 危険 xsupplicant - xsupplicant の eap.c におけるスタックベースのバッファオーバーフローの脆弱性 CWE-119
バッファエラー 		CVE-2006-5601 2012-12-20 18:02 2006-10-27 Show GitHub Exploit DB Packet Storm
232215 4.3 警告 webgeneius - GOOP Gallery の index.php におけるクロスサイトスクリプティングの脆弱性 - CVE-2006-5598 2012-12-20 18:02 2006-10-27 Show GitHub Exploit DB Packet Storm
232216 7.5 危険 university of british columbia - University of British Columbia iPeer における PHP リモートファイルインクルージョンの脆弱性 - CVE-2006-5594 2012-12-20 18:02 2006-10-27 Show GitHub Exploit DB Packet Storm
232217 5 警告 webasyst llc - Shop-Script の premium/index.php における CRLF インジェクションの脆弱性 - CVE-2006-5566 2012-12-20 18:02 2006-10-27 Show GitHub Exploit DB Packet Storm
232218 5 警告 Yahoo! - Yahoo! Messenger におけるサービス運用妨害 (DoS) の脆弱性 - CVE-2006-5563 2012-12-20 18:02 2006-10-27 Show GitHub Exploit DB Packet Storm
232219 7.5 危険 revilloc solutions - RevilloC MailServer におけるヒープベースのバッファオーバーフローの脆弱性 CWE-119
バッファエラー 		CVE-2006-5552 2012-12-20 18:02 2006-10-26 Show GitHub Exploit DB Packet Storm
232220 7.5 危険 qksoft - QK SMTP におけるスタックベースのバッファオーバーフローの脆弱性 - CVE-2006-5551 2012-12-20 18:02 2006-10-26 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:May 21, 2026, 4:10 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
293821 - condor_project condor The standard universe shadow (condor_shadow.std) component in Condor 7.7.3 through 7.7.6, 7.8.0 before 7.8.5, and 7.9.0 does no properly check privileges, which allows remote attackers to gain privil… CWE-264
Permissions, Privileges, and Access Controls 		CVE-2012-5390 2024-11-21 10:44 2014-06-6 Show GitHub Exploit DB Packet Storm
293822 - owncloud owncloud lib/base.php in ownCloud before 4.0.8 does not properly validate the user_id session variable, which allows remote authenticated users to read arbitrary files via vectors related to WebDAV. CWE-20
 Improper Input Validation  		CVE-2012-5336 2024-11-21 10:44 2014-06-4 Show GitHub Exploit DB Packet Storm
293823 - mediawiki mediawiki Session fixation vulnerability in the CentralAuth extension for MediaWiki before 1.18.6, 1.19.x before 1.19.3, and 1.20.x before 1.20.1 allows remote attackers to hijack web sessions via the centrala… NVD-CWE-Other
CVE-2012-5395 2024-11-21 10:44 2014-06-3 Show GitHub Exploit DB Packet Storm
293824 - mediawiki mediawiki Session fixation vulnerability in Special:UserLogin in MediaWiki before 1.18.6, 1.19.x before 1.19.3, and 1.20.x before 1.20.1 allows remote attackers to hijack web sessions via the session_id. NVD-CWE-Other
CVE-2012-5391 2024-11-21 10:44 2014-06-3 Show GitHub Exploit DB Packet Storm
293825 - dancer dancer CRLF injection vulnerability in the cookie method (lib/Dancer/Cookie.pm) in Dancer before 1.3114 allows remote attackers to inject arbitrary HTTP headers and conduct HTTP response splitting attacks v… CWE-20
 Improper Input Validation  		CVE-2012-5572 2024-11-21 10:44 2014-05-30 Show GitHub Exploit DB Packet Storm
293826 - mate-desktop mate-settings-daemon The default configuration in mate-settings-daemon 1.5.3 allows local users to change the timezone for the system via a crafted D-Bus call. CWE-264
Permissions, Privileges, and Access Controls 		CVE-2012-5560 2024-11-21 10:44 2014-05-30 Show GitHub Exploit DB Packet Storm
293827 - theforeman foreman The smart proxy in Foreman before 1.1 uses a umask set to 0, which allows local users to modify files created by the daemon via unspecified vectors. CWE-264
Permissions, Privileges, and Access Controls 		CVE-2012-5477 2024-11-21 10:44 2014-05-8 Show GitHub Exploit DB Packet Storm
293828 - cisco ios Cisco IOS Unified Border Element (CUBE) in Cisco IOS before 15.3(2)T allows remote authenticated users to cause a denial of service (input queue wedge) via a crafted series of RTCP packets, aka Bug I… CWE-20
 Improper Input Validation  		CVE-2012-5427 2024-11-21 10:44 2014-04-23 Show GitHub Exploit DB Packet Storm
293829 - cisco ios
as5400_universal_gateway
as5400hpx_universal_gateway
as5400xm_media_gateway
as5400xm_universal_gateway 		Unspecified vulnerability in Cisco IOS before 15.3(2)T on AS5400 devices allows remote authenticated users to cause a denial of service (spurious errors) via unknown vectors, aka Bug ID CSCub61009. NVD-CWE-noinfo
CVE-2012-5422 2024-11-21 10:44 2014-04-23 Show GitHub Exploit DB Packet Storm
293830 - horde groupware
kronolith_h4 		Multiple cross-site scripting (XSS) vulnerabilities in Horde Kronolith Calendar Application H4 before 3.0.18, as used in Horde Groupware Webmail Edition before 4.0.9, allow remote attackers to inject… CWE-79
Cross-site Scripting 		CVE-2012-5567 2024-11-21 10:44 2014-04-6 Show GitHub Exploit DB Packet Storm