Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":May 31, 2026, 6 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
240231 7.5 危険 kubix - Kubix の includes/functions.php における SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2006-7116 2012-09-25 15:36 2007-03-5 Show GitHub Exploit DB Packet Storm
240232 6 警告 MAXDev - MD-Pro の error.php におけるディレクトリトラバーサルの脆弱性 CWE-22
パス・トラバーサル 		CVE-2006-7112 2012-09-25 15:36 2007-03-5 Show GitHub Exploit DB Packet Storm
240233 7.5 危険 Mambo Foundation - Mambo 用の MOStlyCE コンポーネントの htmltemplate.php における PHP リモートファイルインクルージョンの脆弱性 CWE-94
コード・インジェクション 		CVE-2006-7104 2012-09-25 15:36 2007-03-3 Show GitHub Exploit DB Packet Storm
240234 7.5 危険 matthias dietrich - phpBurningPortal quiz-modul における PHP リモートファイルインクルージョンの脆弱性 CWE-94
コード・インジェクション 		CVE-2006-7102 2012-09-25 15:36 2007-03-3 Show GitHub Exploit DB Packet Storm
240235 10 危険 klink - dim3 の host.c におけるバッファオーバーフローの脆弱性 - CVE-2006-7096 2012-09-25 15:36 2007-03-2 Show GitHub Exploit DB Packet Storm
240236 10 危険 klink - dim3 の socket.c における整数符号エラーの脆弱性 - CVE-2006-7095 2012-09-25 15:36 2007-03-2 Show GitHub Exploit DB Packet Storm
240237 5.8 警告 mamboxchange - Mambo LaiThai Security Patch におけるクロスサイトスクリプティングの脆弱性 - CVE-2006-7093 2012-09-25 15:36 2007-03-2 Show GitHub Exploit DB Packet Storm
240238 7.5 危険 mamboxchange - Mambo LaiThai の includes/mambo.php における SQL インジェクションの脆弱性 - CVE-2006-7092 2012-09-25 15:36 2007-03-2 Show GitHub Exploit DB Packet Storm
240239 7.5 危険 hinton design - phpht Topsites FREE における PHP リモートファイルインクルージョンの脆弱性 - CVE-2006-7091 2012-09-25 15:36 2007-03-2 Show GitHub Exploit DB Packet Storm
240240 4.3 警告 hot links - Hot Links の dlback.php スクリプトにおける重要な情報を取得される脆弱性 - CVE-2006-7086 2012-09-25 15:36 2007-03-2 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:June 1, 2026, 4:12 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
267071 9.8 CRITICAL
Network 		oracle
imagemagick 		solaris
imagemagick 		The DCM reader in ImageMagick before 6.9.4-5 and 7.x before 7.0.1-7 allows remote attackers to have unspecified impact by leveraging lack of validation of (1) pixel.red, (2) pixel.green, and (3) pixe… CWE-20
 Improper Input Validation  		CVE-2016-5691 2024-11-21 11:54 2016-12-14 Show GitHub Exploit DB Packet Storm
267072 9.8 CRITICAL
Network 		oracle
imagemagick 		solaris
imagemagick 		The ReadDCMImage function in DCM reader in ImageMagick before 6.9.4-5 and 7.x before 7.0.1-7 allows remote attackers to have unspecified impact via vectors involving the for statement in computing th… CWE-476
 NULL Pointer Dereference 		CVE-2016-5690 2024-11-21 11:54 2016-12-14 Show GitHub Exploit DB Packet Storm
267073 9.8 CRITICAL
Network 		oracle
imagemagick 		solaris
imagemagick 		The DCM reader in ImageMagick before 6.9.4-5 and 7.x before 7.0.1-7 allows remote attackers to have unspecified impact by leveraging lack of NULL pointer checks. CWE-476
 NULL Pointer Dereference 		CVE-2016-5689 2024-11-21 11:54 2016-12-14 Show GitHub Exploit DB Packet Storm
267074 8.1 HIGH
Network 		oracle
imagemagick 		solaris
imagemagick 		The WPG parser in ImageMagick before 6.9.4-4 and 7.x before 7.0.1-5, when a memory limit is set, allows remote attackers to have unspecified impact via vectors related to the SetImageExtent return-va… CWE-119
Incorrect Access of Indexable Resource ('Range Error')  		CVE-2016-5688 2024-11-21 11:54 2016-12-14 Show GitHub Exploit DB Packet Storm
267075 9.8 CRITICAL
Network 		imagemagick
oracle 		imagemagick
solaris 		The VerticalFilter function in the DDS coder in ImageMagick before 6.9.4-3 and 7.x before 7.0.1-4 allows remote attackers to have unspecified impact via a crafted DDS file, which triggers an out-of-b… CWE-125
Out-of-bounds Read 		CVE-2016-5687 2024-11-21 11:54 2016-12-14 Show GitHub Exploit DB Packet Storm
267076 7.1 HIGH
Network 		debian
postgresql 		debian_linux
postgresql 		PostgreSQL before 9.1.23, 9.2.x before 9.2.18, 9.3.x before 9.3.14, 9.4.x before 9.4.9, and 9.5.x before 9.5.4 might allow remote authenticated users with the CREATEDB or CREATEROLE role to gain supe… CWE-94
Code Injection 		CVE-2016-5424 2024-11-21 11:54 2016-12-10 Show GitHub Exploit DB Packet Storm
267077 8.3 HIGH
Network 		debian
postgresql 		debian_linux
postgresql 		PostgreSQL before 9.1.23, 9.2.x before 9.2.18, 9.3.x before 9.3.14, 9.4.x before 9.4.9, and 9.5.x before 9.5.4 allow remote authenticated users to cause a denial of service (NULL pointer dereference … CWE-476
 NULL Pointer Dereference 		CVE-2016-5423 2024-11-21 11:54 2016-12-10 Show GitHub Exploit DB Packet Storm
267078 5.9 MEDIUM
Network 		google android The GPS component in Android before 2016-12-05 allows man-in-the-middle attackers to cause a denial of service (GPS signal-acquisition delay) via an incorrect xtra.bin or xtra2.bin file on a spoofed … CWE-284
Improper Access Control 		CVE-2016-5341 2024-11-21 11:54 2016-12-6 Show GitHub Exploit DB Packet Storm
267079 8.8 HIGH
Network 		dell idrac7_firmware
idrac8_firmware 		Dell iDRAC7 and iDRAC8 devices with firmware before 2.40.40.40 allow authenticated users to gain Bash shell access through a string injection. CWE-74
Injection 		CVE-2016-5685 2024-11-21 11:54 2016-11-30 Show GitHub Exploit DB Packet Storm
267080 8.8 HIGH
Network 		apache hadoop In Apache Hadoop 2.6.x before 2.6.5 and 2.7.x before 2.7.3, a remote user who can authenticate with the HDFS NameNode can possibly run arbitrary commands with the same privileges as the HDFS service. CWE-284
Improper Access Control 		CVE-2016-5393 2024-11-21 11:54 2016-11-29 Show GitHub Exploit DB Packet Storm