Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":May 20, 2026, 6 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
232311 4.3 警告 ztml - ezPortal/ztml CMS の index.php におけるクロスサイトスクリプティングの脆弱性 - CVE-2006-4500 2012-12-20 18:02 2006-08-31 Show GitHub Exploit DB Packet Storm
232312 7.5 危険 phpalbum.net - PortailPHP 用の PhpAlbum における PHP リモートファイルインクルージョンの脆弱性 - CVE-2006-4498 2012-12-20 18:02 2006-08-31 Show GitHub Exploit DB Packet Storm
232313 2.1 注意 xbiff2 - xbiff2 におけるログイン資格情報などを重要な情報を取得される脆弱性 - CVE-2006-4493 2012-12-20 18:02 2006-08-31 Show GitHub Exploit DB Packet Storm
232314 7.5 危険 ultrize - MiniBill における PHP リモートファイルインクルージョンの脆弱性 - CVE-2006-4489 2012-12-20 18:02 2006-08-31 Show GitHub Exploit DB Packet Storm
232315 4.3 警告 visualshapers - Visual Shapers ezContents の loginreq2.php におけるクロスサイトスクリプティングの脆弱性 - CVE-2006-4479 2012-12-20 18:02 2006-08-31 Show GitHub Exploit DB Packet Storm
232316 7.5 危険 visualshapers - Visual Shapers ezContents の headeruserdata.php における SQL インジェクションの脆弱性 - CVE-2006-4478 2012-12-20 18:02 2006-08-31 Show GitHub Exploit DB Packet Storm
232317 7.5 危険 visualshapers - Visual Shapers ezContents における PHP リモートファイルインクルージョンの脆弱性 - CVE-2006-4477 2012-12-20 18:02 2006-08-31 Show GitHub Exploit DB Packet Storm
232318 7.5 危険 Simple Machines - SMF における任意のローカルファイルを読むディレクトリトラバーサル攻撃を実行される脆弱性 - CVE-2006-4467 2012-12-20 18:02 2006-08-19 Show GitHub Exploit DB Packet Storm
232319 6.4 警告 phpgroupware - phpGroupWare の calendar/inc/class.holidaycalc.inc.php におけるディレクトリトラバーサルの脆弱性 - CVE-2006-4458 2012-12-20 18:02 2006-08-31 Show GitHub Exploit DB Packet Storm
232320 7.5 危険 phpecard - phpECard の index.php における PHP リモートファイルインクルージョンの脆弱性 - CVE-2006-4457 2012-12-20 18:02 2006-08-31 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:May 20, 2026, 4:14 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
293631 - freefloat freefloat_ftp_server Stack-based buffer overflow in FreeFloat FTP Server 1.0 allows remote authenticated users to execute arbitrary code via a long string in a PUT command. CWE-119
Incorrect Access of Indexable Resource ('Range Error')  		CVE-2012-5106 2024-11-21 10:44 2014-06-21 Show GitHub Exploit DB Packet Storm
293632 - apereo phpcas phpCAS before 1.3.2 does not verify that the server hostname matches a domain name in the subject's Common Name (CN) or subjectAltName field of the X.509 certificate, which allows man-in-the-middle a… CWE-310
Cryptographic Issues 		CVE-2012-5583 2024-11-21 10:44 2014-06-6 Show GitHub Exploit DB Packet Storm
293633 - condor_project condor The standard universe shadow (condor_shadow.std) component in Condor 7.7.3 through 7.7.6, 7.8.0 before 7.8.5, and 7.9.0 does no properly check privileges, which allows remote attackers to gain privil… CWE-264
Permissions, Privileges, and Access Controls 		CVE-2012-5390 2024-11-21 10:44 2014-06-6 Show GitHub Exploit DB Packet Storm
293634 - owncloud owncloud lib/base.php in ownCloud before 4.0.8 does not properly validate the user_id session variable, which allows remote authenticated users to read arbitrary files via vectors related to WebDAV. CWE-20
 Improper Input Validation  		CVE-2012-5336 2024-11-21 10:44 2014-06-4 Show GitHub Exploit DB Packet Storm
293635 - mediawiki mediawiki Session fixation vulnerability in the CentralAuth extension for MediaWiki before 1.18.6, 1.19.x before 1.19.3, and 1.20.x before 1.20.1 allows remote attackers to hijack web sessions via the centrala… NVD-CWE-Other
CVE-2012-5395 2024-11-21 10:44 2014-06-3 Show GitHub Exploit DB Packet Storm
293636 - mediawiki mediawiki Session fixation vulnerability in Special:UserLogin in MediaWiki before 1.18.6, 1.19.x before 1.19.3, and 1.20.x before 1.20.1 allows remote attackers to hijack web sessions via the session_id. NVD-CWE-Other
CVE-2012-5391 2024-11-21 10:44 2014-06-3 Show GitHub Exploit DB Packet Storm
293637 - dancer dancer CRLF injection vulnerability in the cookie method (lib/Dancer/Cookie.pm) in Dancer before 1.3114 allows remote attackers to inject arbitrary HTTP headers and conduct HTTP response splitting attacks v… CWE-20
 Improper Input Validation  		CVE-2012-5572 2024-11-21 10:44 2014-05-30 Show GitHub Exploit DB Packet Storm
293638 - mate-desktop mate-settings-daemon The default configuration in mate-settings-daemon 1.5.3 allows local users to change the timezone for the system via a crafted D-Bus call. CWE-264
Permissions, Privileges, and Access Controls 		CVE-2012-5560 2024-11-21 10:44 2014-05-30 Show GitHub Exploit DB Packet Storm
293639 - theforeman foreman The smart proxy in Foreman before 1.1 uses a umask set to 0, which allows local users to modify files created by the daemon via unspecified vectors. CWE-264
Permissions, Privileges, and Access Controls 		CVE-2012-5477 2024-11-21 10:44 2014-05-8 Show GitHub Exploit DB Packet Storm
293640 - cisco ios Cisco IOS Unified Border Element (CUBE) in Cisco IOS before 15.3(2)T allows remote authenticated users to cause a denial of service (input queue wedge) via a crafted series of RTCP packets, aka Bug I… CWE-20
 Improper Input Validation  		CVE-2012-5427 2024-11-21 10:44 2014-04-23 Show GitHub Exploit DB Packet Storm