Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":May 27, 2026, 6 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
232951 10 危険 WordPress.org - WordPress における脆弱性 CWE-noinfo
情報不足 		CVE-2006-4028 2012-12-20 18:02 2006-07-29 Show GitHub Exploit DB Packet Storm
232952 7.5 危険 Red Graphic Systems - SAPID CMS における PHP リモートファイルインクルージョンの脆弱性 CWE-94
コード・インジェクション 		CVE-2006-4026 2012-12-20 18:02 2006-08-8 Show GitHub Exploit DB Packet Storm
232953 7.5 危険 xennobb - XennoBB の profile.php における SQL インジェクションの脆弱性 - CVE-2006-4025 2012-12-20 18:02 2006-08-8 Show GitHub Exploit DB Packet Storm
232954 2.6 注意 scatterchat - ScatterChat の cryptographic モジュールにおける大量のメッセージのパターンを特定される脆弱性 - CVE-2006-4021 2012-12-20 18:02 2006-08-17 Show GitHub Exploit DB Packet Storm
232955 4.3 警告 toenda software development - toendaCMS stable および unstable の /toendaCMS におけるクロスサイトスクリプティングの脆弱性 - CVE-2006-4016 2012-12-20 18:02 2006-08-7 Show GitHub Exploit DB Packet Storm
232956 5 警告 シマンテック - SBAS におけるサービス運用妨害 (DoS) の脆弱性 - CVE-2006-4014 2012-12-20 18:02 2006-07-27 Show GitHub Exploit DB Packet Storm
232957 7.6 危険 シマンテック - SBAS におけるディレクトリトラバーサルの脆弱性 CWE-22
パス・トラバーサル 		CVE-2006-4013 2012-12-20 18:02 2006-07-27 Show GitHub Exploit DB Packet Storm
232958 5.1 警告 savewebportal - circeOS SaveWeb Portal における PHP リモートファイルインクルージョンの脆弱性 - CVE-2006-4012 2012-12-20 18:02 2006-08-7 Show GitHub Exploit DB Packet Storm
232959 7.5 危険 VWar - Vwar の war.php における SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2006-4010 2012-12-20 18:02 2006-08-7 Show GitHub Exploit DB Packet Storm
232960 4.3 警告 VWar - Vwar の war.php におけるクロスサイトスクリプティングの脆弱性 - CVE-2006-4009 2012-12-20 18:02 2006-08-7 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:May 27, 2026, 4:52 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
292981 - dell openmanage_server_administrator Open redirect vulnerability in Dell OpenManage Server Administrator (OMSA) before 7.3.0 allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via a URL in the … CWE-20
 Improper Input Validation  		CVE-2013-0740 2024-11-21 10:48 2014-04-11 Show GitHub Exploit DB Packet Storm
292982 - cartpauj mingle-forum Multiple SQL injection vulnerabilities in wpf.class.php in the Mingle Forum plugin before 1.0.34 for WordPress allow remote attackers to execute arbitrary SQL commands via the id parameter in a viewt… CWE-89
SQL Injection 		CVE-2013-0735 2024-11-21 10:48 2014-04-3 Show GitHub Exploit DB Packet Storm
292983 - tracker-software pdf-xchange_viewer Heap-based buffer overflow in Tracker Software PDF-XChange before 2.5.208 allows remote attackers to execute arbitrary code via a crafted Define Huffman Table header in a JPEG image file stream in a … CWE-119
Incorrect Access of Indexable Resource ('Range Error')  		CVE-2013-0729 2024-11-21 10:48 2014-04-3 Show GitHub Exploit DB Packet Storm
292984 - gpeasy gpeasy_cms Cross-site scripting (XSS) vulnerability in the NewSectionPrompt function in include/tool/editing_page.php in gpEasy CMS 3.5.2 and earlier allows remote attackers to inject arbitrary web script or HT… CWE-79
Cross-site Scripting 		CVE-2013-0807 2024-11-21 10:48 2014-03-29 Show GitHub Exploit DB Packet Storm
292985 - cartpauj mingle-forum Multiple cross-site scripting (XSS) vulnerabilities in the Mingle Forum plugin before 1.0.34 for WordPress allow remote attackers to inject arbitrary web script or HTML via the (1) search_words param… CWE-79
Cross-site Scripting 		CVE-2013-0734 2024-11-21 10:48 2014-03-29 Show GitHub Exploit DB Packet Storm
292986 - nuance pdf_reader Heap-based buffer overflow in PDFCore8.dll in Nuance PDF Reader before 8.1 allows remote attackers to execute arbitrary code via crafted font table directory values in a TTF file, related to naming t… CWE-119
Incorrect Access of Indexable Resource ('Range Error')  		CVE-2013-0732 2024-11-21 10:48 2014-03-28 Show GitHub Exploit DB Packet Storm
292987 - combodo itop Multiple cross-site scripting (XSS) vulnerabilities in the search feature in iTop (aka IT Operations Portal) 2.0, 1.2.1, 1.2, and earlier allow remote attackers to inject arbitrary web script or HTML… CWE-79
Cross-site Scripting 		CVE-2013-0805 2024-11-21 10:48 2014-03-21 Show GitHub Exploit DB Packet Storm
292988 - ubuntu metal_as_a_service Cross-site scripting (XSS) vulnerability in the API in Ubuntu Metal as a Service (MaaS) 1.2 and 1.4 allows remote attackers to inject arbitrary web script or HTML via the op parameter to nodes/. CWE-79
Cross-site Scripting 		CVE-2013-1070 2024-11-21 10:48 2014-02-18 Show GitHub Exploit DB Packet Storm
292989 - ubuntu metal_as_a_service Ubuntu Metal as a Service (MaaS) 1.2 and 1.4 uses world-readable permissions for txlongpoll.yaml, which allows local users to obtain RabbitMQ authentication credentials by reading the file. CWE-264
Permissions, Privileges, and Access Controls 		CVE-2013-1069 2024-11-21 10:48 2014-02-18 Show GitHub Exploit DB Packet Storm
292990 - novell identity_manager_roles_based_provisioning_module Cross-site scripting (XSS) vulnerability in the Roles Based Provisioning Module 4.0.2 before Field Patch D for Novell Identity Manager (aka IDM) allows remote attackers to inject arbitrary web script… CWE-79
Cross-site Scripting 		CVE-2013-1096 2024-11-21 10:48 2013-12-28 Show GitHub Exploit DB Packet Storm