Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":May 30, 2026, 6 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
233011 5.1 警告 phpBB - phpBB 用の Nivisec Static Topics モジュールにおける PHP リモートファイルインクルージョンの脆弱性 CWE-94
コード・インジェクション 		CVE-2006-5191 2012-12-20 18:02 2006-10-10 Show GitHub Exploit DB Packet Storm
233012 5 警告 webgeneius - webGENEius GOOP Gallery の download.php におけるディレクトリトラバーサルの脆弱性 - CVE-2006-5188 2012-12-20 18:02 2006-10-10 Show GitHub Exploit DB Packet Storm
233013 5.1 警告 phpmyprofiler - phpMyProfiler の functions.php における PHP リモートファイルインクルージョンの脆弱性 - CVE-2006-5186 2012-12-20 18:02 2006-10-10 Show GitHub Exploit DB Packet Storm
233014 7.5 危険 pkr internet - PKR Internet Taskjitsu における SQL インジェクションの脆弱性 - CVE-2006-5184 2012-12-20 18:02 2006-09-27 Show GitHub Exploit DB Packet Storm
233015 5.1 警告 powerportal - John Himmelman PowerPortal におけるクロスサイトスクリプティングの脆弱性 - CVE-2006-5169 2012-12-20 18:02 2006-10-10 Show GitHub Exploit DB Packet Storm
233016 4.3 警告 Pebble - Simon Brown Pebble の検索機能におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2006-5168 2012-12-20 18:02 2006-10-10 Show GitHub Exploit DB Packet Storm
233017 5.1 警告 skrypty - Skrypty PPA Gallery の inc/functions.inc.php における PHP リモートファイルインクルージョンの脆弱性 - CVE-2006-5165 2012-12-20 18:02 2006-10-5 Show GitHub Exploit DB Packet Storm
233018 6.8 警告 sum effect software - Sum Effect Software digiSHOP の cart.php におけるクロスサイトスクリプティングの脆弱性 - CVE-2006-5164 2012-12-20 18:02 2006-10-5 Show GitHub Exploit DB Packet Storm
233019 5.1 警告 トレンドマイクロ - TrendMicro OSCE の ActiveX コントロールにおけるフォーマットストリングの脆弱性 - CVE-2006-5157 2012-12-20 18:02 2006-10-5 Show GitHub Exploit DB Packet Storm
233020 7.5 危険 videodb - VideoDB の core/pdf.php における PHP リモートファイルインクルージョンの脆弱性 - CVE-2006-5155 2012-12-20 18:02 2006-10-5 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:May 30, 2026, 4:16 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
293201 7.5 HIGH
Network 		tp-link tl-sc_3130_firmware
tl-sc_3130g_firmware
tl-sc_3171g_firmware
tl-sc_4171g_firmware 		A Security Bypass vulnerability exists in TP-LINK IP Cameras TL-SC 3130, TL-SC 3130G, 3171G, 4171G, and 3130 1.6.18P12 due to default hard-coded credentials for the administrative Web interface, whic… CWE-798
 Use of Hard-coded Credentials 		CVE-2013-2572 2024-11-21 10:51 2020-01-30 Show GitHub Exploit DB Packet Storm
293202 9.8 CRITICAL
Network 		zavio f3105_firmware
f312a_firmware 		A Command Injection vulnerability exists in Zavio IP Cameras through 1.6.3 in the General.Time.NTP.Server parameter to the sub_C8C8 function of the binary /opt/cgi/view/param, which could let a remov… CWE-78
OS Command  		CVE-2013-2570 2024-11-21 10:51 2020-01-30 Show GitHub Exploit DB Packet Storm
293203 7.5 HIGH
Network 		zavio f3105_firmware
f312a_firmware 		A Security Bypass vulnerability exists in Zavio IP Cameras through 1.6.3 because the RTSP protocol authentication is disabled by default, which could let a malicious user obtain unauthorized access t… CWE-287
Improper Authentication 		CVE-2013-2569 2024-11-21 10:51 2020-01-30 Show GitHub Exploit DB Packet Storm
293204 9.8 CRITICAL
Network 		zavio f3105_firmware
f312a_firmware 		A Command Injection vulnerability exists in Zavio IP Cameras through 1.6.3 via the ap parameter to /cgi-bin/mft/wireless_mft.cgi, which could let a remote malicious user execute arbitrary code. CWE-78
OS Command  		CVE-2013-2568 2024-11-21 10:51 2020-01-30 Show GitHub Exploit DB Packet Storm
293205 7.5 HIGH
Network 		zavio f3105_firmware
f312a_firmware 		An Authentication Bypass vulnerability exists in the web interface in Zavio IP Cameras through 1.6.03 due to a hardcoded admin account found in boa.conf, which lets a remote malicious user obtain sen… CWE-798
 Use of Hard-coded Credentials 		CVE-2013-2567 2024-11-21 10:51 2020-01-30 Show GitHub Exploit DB Packet Storm
293206 9.8 CRITICAL
Network 		hcomm xpient_iris Iris 3.8 before build 1548, as used in Xpient point of sale (POS) systems, allows remote attackers to execute arbitrary commands via a crafted request to TCP port 7510, as demonstrated by opening the… CWE-20
 Improper Input Validation  		CVE-2013-2571 2024-11-21 10:51 2020-01-29 Show GitHub Exploit DB Packet Storm
293207 7.5 HIGH
Network 		simplehrm simplehrm SimpleHRM 2.3 and earlier could allow remote attackers to bypass the authentication process in 'user_manager.php' via spoofing a cookie. CWE-200
Information Exposure 		CVE-2013-2499 2024-11-21 10:51 2020-01-28 Show GitHub Exploit DB Packet Storm
293208 7.5 HIGH
Network 		aws-dms aws_xms Directory traversal vulnerability in AWS XMS 2.5 allows remote attackers to view arbitrary files via the 'what' parameter. CWE-22
Path Traversal 		CVE-2013-2474 2024-11-21 10:51 2020-01-28 Show GitHub Exploit DB Packet Storm
293209 7.2 HIGH
Network 		fudforum fudforum PHP Code Injection vulnerability in FUDforum Bulletin Board Software 3.0.4 could allow remote attackers to execute arbitrary code on the system. CWE-94
Code Injection 		CVE-2013-2267 2024-11-21 10:51 2020-01-28 Show GitHub Exploit DB Packet Storm
293210 7.1 HIGH
Local 		monkey-project monkey Monkey HTTP Daemon has local security bypass CWE-668
 Exposure of Resource to Wrong Sphere 		CVE-2013-2183 2024-11-21 10:51 2019-12-11 Show GitHub Exploit DB Packet Storm