Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":June 3, 2026, 6:08 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
240111 4.3 警告 オラクル - Oracle Portal の PORTAL.wwv_main.render_warning_screen におけるクロスサイトスクリプティングの脆弱性 - CVE-2007-1506 2012-09-25 16:47 2007-03-19 Show GitHub Exploit DB Packet Storm
240112 9.3 危険 マカフィー - McAfee ePO などの製品におけるスタックベースのオーバーフローの脆弱性 - CVE-2007-1498 2012-09-25 16:47 2007-03-16 Show GitHub Exploit DB Packet Storm
240113 6.8 警告 nukescripts - NukeSentinel におけるクロスサイトスクリプティングの脆弱性 - CVE-2007-1494 2012-09-25 16:47 2007-03-16 Show GitHub Exploit DB Packet Storm
240114 7.5 危険 nukescripts - NukeSentinel の nukesentinel.php における任意の SQL コマンドを実行される脆弱性 - CVE-2007-1493 2012-09-25 16:47 2007-03-16 Show GitHub Exploit DB Packet Storm
240115 7.1 危険 マイクロソフト - Microsoft Windows XP の winmm.dll におけるサービス運用妨害 (DoS) の脆弱性 - CVE-2007-1492 2012-09-25 16:47 2007-03-16 Show GitHub Exploit DB Packet Storm
240116 7.5 危険 k5n.us - WebCalendar における PHP リモートファイルインクルージョンの脆弱性 CWE-94
コード・インジェクション 		CVE-2007-1483 2012-09-25 16:47 2007-03-16 Show GitHub Exploit DB Packet Storm
240117 4.3 警告 liqua - WBBlog の index.php におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2007-1482 2012-09-25 16:47 2007-03-16 Show GitHub Exploit DB Packet Storm
240118 5 警告 mcgallery - McGallery の download.php におけるスクリプトソースコードを取得される脆弱性 CWE-20
不適切な入力確認 		CVE-2007-1478 2012-09-25 16:47 2007-03-16 Show GitHub Exploit DB Packet Storm
240119 5.4 警告 The PHP Group - PHP の interbase エクステンションにおけるバッファオーバーフローの脆弱性 - CVE-2007-1475 2012-09-25 16:47 2007-03-16 Show GitHub Exploit DB Packet Storm
240120 6.8 警告 Horde - Horde Project Horde における任意のファイルを削除される脆弱性 - CVE-2007-1474 2012-09-25 16:47 2007-03-14 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:June 3, 2026, 4:18 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
268271 4.3 MEDIUM
Network 		mozilla firefox Mozilla Firefox before 48.0 allows remote attackers to spoof the location bar via crafted characters in the media type of a data: URL. CWE-20
 Improper Input Validation  		CVE-2016-5251 2024-11-21 11:53 2016-08-5 Show GitHub Exploit DB Packet Storm
268272 4.3 MEDIUM
Network 		mozilla firefox Mozilla Firefox before 48.0, Firefox ESR < 45.4 and Thunderbird < 45.4 allow remote attackers to obtain sensitive information about the previously retrieved page via Resource Timing API calls. CWE-200
Information Exposure 		CVE-2016-5250 2024-11-21 11:53 2016-08-5 Show GitHub Exploit DB Packet Storm
268273 6.1 MEDIUM
Network 		nofollow_links_project nofollow_links Cross-site scripting (XSS) vulnerability in the Nofollow Links plugin before 1.0.11 for WordPress allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. CWE-79
Cross-site Scripting 		CVE-2016-4833 2024-11-21 11:53 2016-08-3 Show GitHub Exploit DB Packet Storm
268274 9.8 CRITICAL
Network 		atlassian bamboo Atlassian Bamboo before 5.11.4.1 and 5.12.x before 5.12.3.1 does not properly restrict permitted deserialized classes, which allows remote attackers to execute arbitrary code via vectors related to X… CWE-284
Improper Access Control 		CVE-2016-5229 2024-11-21 11:53 2016-08-3 Show GitHub Exploit DB Packet Storm
268275 8.8 HIGH
Network 		google chrome Integer overflow in the kbasep_vinstr_attach_client function in midgard/mali_kbase_vinstr.c in Google Chrome before 52.0.2743.85 allows remote attackers to cause a denial of service (heap-based buffe… CWE-190
 Integer Overflow or Wraparound 		CVE-2016-5138 2024-11-21 11:53 2016-08-1 Show GitHub Exploit DB Packet Storm
268276 9.8 CRITICAL
Network 		ec-cube discount_coupon SQL injection vulnerability in the Seed Coupon plugin before 1.6 for EC-CUBE allows remote attackers to execute arbitrary SQL commands via unspecified vectors. CWE-89
SQL Injection 		CVE-2016-4837 2024-11-21 11:53 2016-08-1 Show GitHub Exploit DB Packet Storm
268277 8.1 HIGH
Network 		vtiger vtiger_crm modules/Users/actions/Save.php in Vtiger CRM 6.4.0 and earlier does not properly restrict user-save actions, which allows remote authenticated users to create or modify user accounts via unspecified … CWE-264
Permissions, Privileges, and Access Controls 		CVE-2016-4834 2024-11-21 11:53 2016-08-1 Show GitHub Exploit DB Packet Storm
268278 4.8 MEDIUM
Network 		apache archiva Cross-site scripting (XSS) vulnerability in Apache Archiva 1.3.9 and earlier allows remote authenticated administrators to inject arbitrary web script or HTML via the connector.sourceRepoId parameter… CWE-79
Cross-site Scripting 		CVE-2016-5005 2024-11-21 11:53 2016-07-29 Show GitHub Exploit DB Packet Storm
268279 8.8 HIGH
Network 		google chrome Use-after-free vulnerability in extensions/renderer/user_script_injector.cc in the Extensions subsystem in Google Chrome before 52.0.2743.82 allows remote attackers to cause a denial of service or po… CWE-416
 Use After Free 		CVE-2016-5136 2024-11-21 11:53 2016-07-24 Show GitHub Exploit DB Packet Storm
268280 4.3 MEDIUM
Network 		google chrome The CSPSource::schemeMatches function in WebKit/Source/core/frame/csp/CSPSource.cpp in the Content Security Policy (CSP) implementation in Blink, as used in Google Chrome before 52.0.2743.82, does no… CWE-200
Information Exposure 		CVE-2016-5137 2024-11-21 11:53 2016-07-24 Show GitHub Exploit DB Packet Storm