Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":July 1, 2026, 4:01 p.m.

No CVSS Level
Attach Vector
Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show
Exploit
PoC
Search
237521 7.5 危険 wowroster - WoWRoster の conf.php における PHP リモートファイルインクルージョンの脆弱性 - CVE-2006-3998 2012-12-20 18:02 2006-07-17 Show GitHub Exploit DB Packet Storm
237522 7.5 危険 wowroster - WoWRoster の hsList.php における PHP リモートファイルインクルージョンの脆弱性 - CVE-2006-3997 2012-12-20 18:02 2006-07-17 Show GitHub Exploit DB Packet Storm
237523 6.8 警告 user home pages - Mambo または Joomla! 用の User Home Pages コンポーネントにおける PHP リモートファイルインクルージョンの脆弱性 CWE-94
コード・インジェクション
CVE-2006-3995 2012-12-20 18:02 2006-08-4 Show GitHub Exploit DB Packet Storm
237524 7.5 危険 xmb software - XMB の u2u.inc.php における SQL インジェクションの脆弱性 - CVE-2006-3994 2012-12-20 18:02 2006-08-4 Show GitHub Exploit DB Packet Storm
237525 5.1 警告 tsep - Olaf Noehring TSEP の copyright.php における PHP リモートファイルインクルージョンの脆弱性 - CVE-2006-3993 2012-12-20 18:02 2006-08-4 Show GitHub Exploit DB Packet Storm
237526 7.5 危険 voc-project - Cisco Unified Wireless IP Phone 7921 における PHP リモートファイルインクルージョンの脆弱性 - CVE-2006-3991 2012-12-20 18:02 2006-08-4 Show GitHub Exploit DB Packet Storm
237527 7.5 危険 phpsavant - Paul M. Jones Savant2 における PHP リモートファイルインクルージョンの脆弱性 - CVE-2006-3990 2012-12-20 18:02 2006-08-4 Show GitHub Exploit DB Packet Storm
237528 5 警告 scott weedon - Scott Weedon Ajax Chat の visitor/livesupport/chat.php におけるディレクトリトラバーサルの脆弱性 - CVE-2006-3972 2012-12-20 18:02 2006-08-2 Show GitHub Exploit DB Packet Storm
237529 6.8 警告 scott weedon - Scott Weedon Ajax Chat の visitor/livesupport/chat.php におけるクロスサイトスクリプティングの脆弱性 - CVE-2006-3971 2012-12-20 18:02 2006-08-2 Show GitHub Exploit DB Packet Storm
237530 5 警告 サン・マイクロシステムズ - Sun Solaris 10 3/05 HW2 の暗号化プロバイダにおけるアプリケーションがデータ変更を検出しない脆弱性 - CVE-2006-3968 2012-12-20 18:02 2006-08-1 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:July 1, 2026, 4:27 a.m.

No CVSS Level
Attach Vector
Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
3521 6.5 MEDIUM
Network
gitlab gitlab GitLab has remediated an issue in GitLab CE/EE affecting all versions from 17.10 before 18.10.8, 18.11 before 18.11.5, and 19.0 before 19.0.2 that under certain conditions could have allowed an authe… CWE-770
 Allocation of Resources Without Limits or Throttling
CVE-2026-1500 2026-06-15 10:46 2026-06-11 Show GitHub Exploit DB Packet Storm
3522 4.3 MEDIUM
Network
gitlab gitlab GitLab has remediated an issue in GitLab CE/EE affecting all versions from 17.0 before 18.10.8, 18.11 before 18.11.5, and 19.0 before 19.0.2 that could have allowed an authenticated user to cause den… CWE-1021
 Improper Restriction of Rendered UI Layers or Frames
CVE-2026-10733 2026-06-15 10:46 2026-06-11 Show GitHub Exploit DB Packet Storm
3523 8.7 HIGH
Network
gitlab gitlab GitLab has remediated an issue in GitLab EE affecting all versions from 17.1 before 18.10.8, 18.11 before 18.11.5, and 19.0 before 19.0.2 that under certain conditions could have allowed an authentic… CWE-79
Cross-site Scripting
CVE-2026-10087 2026-06-15 10:46 2026-06-11 Show GitHub Exploit DB Packet Storm
3524 5.3 MEDIUM
Local
- - A flaw has been found in IObit Malware Fighter up to 13.2.0. Affected by this vulnerability is an unknown functionality of the component DLL Handler. This manipulation causes permission issues. The a… CWE-266
CWE-275
 Incorrect Privilege Assignment
 Permission Issues
CVE-2026-12201 2026-06-15 10:16 2026-06-15 Show GitHub Exploit DB Packet Storm
3525 7.3 HIGH
Network
- - A security vulnerability has been detected in Ritlabs TinyWeb Server up to 1.94 on Win32. This impacts an unknown function in the library libeay32.dll.html of the component Header Handler. The manipu… CWE-119
CWE-121
Incorrect Access of Indexable Resource ('Range Error') 
Stack-based Buffer Overflow
CVE-2026-12200 2026-06-15 10:16 2026-06-15 Show GitHub Exploit DB Packet Storm
3526 7.3 HIGH
Network
- - A weakness has been identified in Microweber up to 2.0.20. This affects the function userfiles_path of the file /api_nosession/thumbnail_img of the component API Endpoint. Executing a manipulation of… CWE-22
Path Traversal
CVE-2026-12198 2026-06-15 09:16 2026-06-15 Show GitHub Exploit DB Packet Storm
3527 7.2 HIGH
Network
- - A security flaw has been discovered in Ruijie EG105G-P 2.340. The impacted element is the function nslookup of the file /cgi-bin/luci/api/diagnose of the component JSON-RPC Diagnose Endpoint. Perform… CWE-74
CWE-77
Injection
Command Injection
CVE-2026-12197 2026-06-15 09:16 2026-06-15 Show GitHub Exploit DB Packet Storm
3528 7.8 HIGH
Local
- - A vulnerability was identified in VS Revo RevoUninstaller 2.5.x/2.6.x. The affected element is the function IOCtl_Handler in the library RevoDetector.sys of the component IOCTL Handler. Such manipula… CWE-119
CWE-122
Incorrect Access of Indexable Resource ('Range Error') 
Heap-based Buffer Overflow
CVE-2026-12193 2026-06-15 09:16 2026-06-15 Show GitHub Exploit DB Packet Storm
3529 8.8 HIGH
Adjacent
- - A vulnerability was determined in GALAYOU Y4 1.0.0. Impacted is an unknown function of the component Web Server. This manipulation causes buffer overflow. The attack is only possible within the local… CWE-119
CWE-120
Incorrect Access of Indexable Resource ('Range Error') 
Classic Buffer Overflow
CVE-2026-12192 2026-06-15 09:16 2026-06-15 Show GitHub Exploit DB Packet Storm
3530 5.3 MEDIUM
Network
- - Crypt::PBKDF2 versions before 0.261630 for Perl have a weak default algorithm and number of iterations. The default algorithm is HMAC-SHA1, which should only be used for legacy systems. These versi… CWE-916
 Use of Password Hash With Insufficient Computational Effort
CVE-2026-9641 2026-06-15 00:16 2026-06-13 Show GitHub Exploit DB Packet Storm