Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":May 31, 2026, 6 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
232601 6.8 警告 sergey oblomov - Total Commander 用の ISO プラグインの LoadTree などの関数におけるスタックベースのバッファオーバーフローの脆弱性 - CVE-2006-6837 2012-12-20 18:02 2006-12-31 Show GitHub Exploit DB Packet Storm
232602 7.5 危険 yrch - Yrch! の plugins/metasearch/plug.inc.php における PHP リモートファイルインクルージョンの脆弱性 - CVE-2006-6823 2012-12-20 18:02 2006-12-29 Show GitHub Exploit DB Packet Storm
232603 7.5 危険 vladimir menshakov - Vladimir Menshakov buratinable templator の process.php における PHP リモートファイルインクルージョンの脆弱性 - CVE-2006-6809 2012-12-20 18:02 2006-12-29 Show GitHub Exploit DB Packet Storm
232604 6.8 警告 WordPress.org - WordPress の wp-admin/templates.php におけるクロスサイトスクリプティングの脆弱性 - CVE-2006-6808 2012-12-20 18:02 2006-12-28 Show GitHub Exploit DB Packet Storm
232605 7.5 危険 softwebsnepal - Softwebs Nepal Ananda Real Estate の list.asp における SQL インジェクションの脆弱性 - CVE-2006-6807 2012-12-20 18:02 2006-12-28 Show GitHub Exploit DB Packet Storm
232606 6.8 警告 sh-news - SH-News の misc.php における PHP リモートファイルインクルージョンの脆弱性 - CVE-2006-6801 2012-12-20 18:02 2006-12-28 Show GitHub Exploit DB Packet Storm
232607 7.5 危険 The Cacti Group - Cacti における SQL インジェクションの脆弱性 - CVE-2006-6799 2012-12-20 18:02 2006-12-28 Show GitHub Exploit DB Packet Storm
232608 7.5 危険 PHP Outburst - UPB の chat/login.php における任意の PHP コードを挿入される脆弱性 - CVE-2006-6790 2012-12-20 18:02 2006-12-27 Show GitHub Exploit DB Packet Storm
232609 7.5 危険 phpbbxtra - Phpbbxtra の includes/archive/archive_topic.php における PHP リモートファイルインクルージョンの脆弱性 - CVE-2006-6789 2012-12-20 18:02 2006-12-27 Show GitHub Exploit DB Packet Storm
232610 6.8 警告 timberwolf - TimberWolf の shownews.php におけるクロスサイトスクリプティングの脆弱性 - CVE-2006-6778 2012-12-20 18:02 2006-12-27 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:May 31, 2026, 4:16 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
294051 - redhat
canonical
opensuse 		icedtea-web
ubuntu_linux
opensuse 		The IcedTea-Web plugin before 1.2.3 and 1.3.x before 1.3.2 allows remote attackers to execute arbitrary code via a crafted file that validates as both a GIF and a Java JAR file, aka "GIFAR." NVD-CWE-noinfo
CVE-2013-1927 2024-11-21 10:50 2013-04-30 Show GitHub Exploit DB Packet Storm
294052 - redhat
canonical
opensuse 		icedtea-web
ubuntu_linux
opensuse 		The IcedTea-Web plugin before 1.2.3 and 1.3.x before 1.3.2 uses the same class loader for applets with the same codebase path but from different domains, which allows remote attackers to obtain sensi… NVD-CWE-noinfo
CVE-2013-1926 2024-11-21 10:50 2013-04-30 Show GitHub Exploit DB Packet Storm
294053 - gnu glibc Stack-based buffer overflow in the getaddrinfo function in sysdeps/posix/getaddrinfo.c in GNU C Library (aka glibc or libc6) 2.17 and earlier allows remote attackers to cause a denial of service (cra… CWE-119
Incorrect Access of Indexable Resource ('Range Error')  		CVE-2013-1914 2024-11-21 10:50 2013-04-30 Show GitHub Exploit DB Packet Storm
294054 - linux
redhat 		linux_kernel
enterprise_linux
enterprise_mrg 		The ext4_orphan_del function in fs/ext4/namei.c in the Linux kernel before 3.7.3 does not properly handle orphan-list entries for non-journal filesystems, which allows physically proximate attackers … CWE-399
 Resource Management Errors 		CVE-2013-2015 2024-11-21 10:50 2013-04-29 Show GitHub Exploit DB Packet Storm
294055 - linux
redhat 		linux_kernel
enterprise_linux 		The do_video_set_spu_palette function in fs/compat_ioctl.c in the Linux kernel before 3.6.5 on unspecified architectures lacks a certain error check, which might allow local users to obtain sensitive… CWE-200
Information Exposure 		CVE-2013-1928 2024-11-21 10:50 2013-04-29 Show GitHub Exploit DB Packet Storm
294056 - xmlsoft libxml2 Multiple use-after-free vulnerabilities in libxml2 2.9.0 and possibly other versions might allow context-dependent attackers to cause a denial of service (crash) and possibly execute arbitrary code v… CWE-399
 Resource Management Errors 		CVE-2013-1969 2024-11-21 10:50 2013-04-26 Show GitHub Exploit DB Packet Storm
294057 - blinkwebeffects social-media-widget Social Media Widget (social-media-widget) plugin 4.0 for WordPress contains an externally introduced modification (Trojan Horse), which allows remote attackers to force the upload of arbitrary files. NVD-CWE-noinfo
CVE-2013-1949 2024-11-21 10:50 2013-04-26 Show GitHub Exploit DB Packet Storm
294058 - rob_westgeest md2pdf converter.rb in the md2pdf gem 0.0.1 for Ruby allows context-dependent attackers to execute arbitrary commands via shell metacharacters in a filename. NVD-CWE-noinfo
CVE-2013-1948 2024-11-21 10:50 2013-04-26 Show GitHub Exploit DB Packet Storm
294059 - kelly_d._redding kelredd-pruview kelredd-pruview gem 0.3.8 for Ruby allows context-dependent attackers to execute arbitrary commands via shell metacharacters in a filename argument to (1) document.rb, (2) video.rb, or (3) video_imag… CWE-78
OS Command  		CVE-2013-1947 2024-11-21 10:50 2013-04-26 Show GitHub Exploit DB Packet Storm
294060 - documentcloud karteek-docsplit The extract_from_ocr function in lib/docsplit/text_extractor.rb in the Karteek Docsplit (karteek-docsplit) gem 0.5.4 for Ruby allows context-dependent attackers to execute arbitrary commands via shel… CWE-78
OS Command  		CVE-2013-1933 2024-11-21 10:50 2013-04-26 Show GitHub Exploit DB Packet Storm