Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":May 27, 2026, 6 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
240171 10 危険 Neocrome - Neocrome LDU の system/core/profile/profile.inc.php における SQL インジェクションの脆弱性 - CVE-2006-6268 2012-09-25 15:36 2006-12-4 Show GitHub Exploit DB Packet Storm
240172 6.8 警告 マイクロソフト - Teredo クライアントにおける第三者へパケットを送信する脆弱性 - CVE-2006-6266 2012-09-25 15:36 2006-12-4 Show GitHub Exploit DB Packet Storm
240173 5.8 警告 マイクロソフト - Teredo クライアントにおけるインバウンド接続を確立される脆弱性 - CVE-2006-6265 2012-09-25 15:36 2006-12-4 Show GitHub Exploit DB Packet Storm
240174 7.5 危険 マイクロソフト - Teredo におけるイントラネットのホストへ IPv4 トラフィックを送信される脆弱性 - CVE-2006-6264 2012-09-25 15:36 2006-12-4 Show GitHub Exploit DB Packet Storm
240175 6.8 警告 マイクロソフト - Teredo クライアントにおける特定のインターネットゲートウェイのポリシーを回避される脆弱性 - CVE-2006-6263 2012-09-25 15:36 2006-12-4 Show GitHub Exploit DB Packet Storm
240176 7.5 危険 nukeai - NukeAI モジュールの util.php における任意の PHP コードをアップロードされる脆弱性 - CVE-2006-6255 2012-09-25 15:36 2006-12-4 Show GitHub Exploit DB Packet Storm
240177 4.3 警告 マイクロソフト - Microsoft Windows Live Messenger におけるサービス運用妨害 (DoS) の脆弱性 - CVE-2006-6252 2012-09-25 15:36 2006-12-4 Show GitHub Exploit DB Packet Storm
240178 7.5 危険 photo organizer - Photo Organizer における許可されないアクセス権を取得される脆弱性 - CVE-2006-6246 2012-09-25 15:36 2006-12-4 Show GitHub Exploit DB Packet Storm
240179 7.5 危険 photo organizer - Photo Organizer における SQL インジェクションの脆弱性 - CVE-2006-6245 2012-09-25 15:36 2006-12-4 Show GitHub Exploit DB Packet Storm
240180 7.5 危険 MailEnable - MailEnbale NetWebAdmin の Webadmin における空のパスワードを認証される脆弱性 CWE-255
証明書・パスワード管理 		CVE-2006-6239 2012-09-25 15:36 2006-12-3 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:May 27, 2026, 4:52 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
286741 7.5 HIGH
Network 		wp-db-backup_project wp-db-backup The wp-db-backup plugin 2.2.4 for WordPress relies on a five-character string for access control, which makes it easier for remote attackers to read backup archives via a brute-force attack. CWE-200
Information Exposure 		CVE-2014-10076 2024-11-21 11:03 2018-10-5 Show GitHub Exploit DB Packet Storm
286742 9.8 CRITICAL
Network 		karo_project karo The karo gem 2.3.8 for Ruby allows Remote command injection via the host field. CWE-77
Command Injection 		CVE-2014-10075 2024-11-21 11:03 2018-10-5 Show GitHub Exploit DB Packet Storm
286743 9.8 CRITICAL
Network 		umbraco umbraco_cms Umbraco before 7.2.0 has a remote PHP code execution vulnerability because Umbraco.Web.UI/config/umbracoSettings.Release.config does not block the upload of .php files. CWE-434
 Unrestricted Upload of File with Dangerous Type  		CVE-2014-10074 2024-11-21 11:03 2018-08-27 Show GitHub Exploit DB Packet Storm
286744 7.5 HIGH
Network 		fancy-server_project fancy-server Versions less than 0.1.4 of the static file server module fancy-server are vulnerable to directory traversal. An attacker can provide input such as `../` to read files outside of the served directory. CWE-22
Path Traversal 		CVE-2014-10066 2024-11-21 11:03 2018-06-1 Show GitHub Exploit DB Packet Storm
286745 6.1 MEDIUM
Network 		remarkable_project remarkable Certain input when passed into remarkable before 1.4.1 will bypass the bad protocol check that disallows the javascript: scheme allowing for javascript: url's to be injected into the rendered content. CWE-79
Cross-site Scripting 		CVE-2014-10065 2024-11-21 11:03 2018-06-1 Show GitHub Exploit DB Packet Storm
286746 7.5 HIGH
Network 		qs_project qs The qs module before 1.0.0 does not have an option or default for specifying object depth and when parsing a string representing a deeply nested object will block the event loop for long periods of t… CWE-399
 Resource Management Errors 		CVE-2014-10064 2024-11-21 11:03 2018-06-1 Show GitHub Exploit DB Packet Storm
286747 7.5 HIGH
Network 		hapi inert The inert directory handler in inert node module before 1.1.1 always allows files in hidden directories to be served, even when `showHidden` is false. CWE-22
Path Traversal 		CVE-2014-10068 2024-11-21 11:03 2018-05-30 Show GitHub Exploit DB Packet Storm
286748 5.9 MEDIUM
Network 		paypal-ipn_project paypal-ipn paypal-ipn before 3.0.0 uses the `test_ipn` parameter (which is set by the PayPal IPN simulator) to determine if it should use the production PayPal site or the sandbox. With a bit of time, an attack… CWE-287
Improper Authentication 		CVE-2014-10067 2024-11-21 11:03 2018-05-30 Show GitHub Exploit DB Packet Storm
286749 7.1 HIGH
Network 		ibm rational_clearquest Multiple XML external entity (XXE) vulnerabilities in (1) CQWeb / CM Server, (2) ClearQuest Native client, (3) ClearQuest Eclipse client, and (4) ClearQuest Eclipse Designer components in IBM Rationa… CWE-611
XXE 		CVE-2014-0950 2024-11-21 11:03 2018-04-21 Show GitHub Exploit DB Packet Storm
286750 9.1 CRITICAL
Network 		ibm rational_clearcase Multiple XML external entity (XXE) vulnerabilities in the (1) CCRC WAN Server / CM Server, (2) Perl CC/CQ integration trigger scripts, (3) CMAPI Java interface, (4) ClearCase remote client, and (5) C… CWE-611
XXE 		CVE-2014-0931 2024-11-21 11:03 2018-04-21 Show GitHub Exploit DB Packet Storm