Vulnerability Search Top

Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

Vulnerability Information Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":May 23, 2026, 6 p.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
240311	5	警告	paul smith computer services	-	Paul Smith Computer Service vCAP におけるディレクトリトラバーサルの脆弱性	-	CVE-2006-5034	2012-09-25 15:36	2006-09-27	Show	GitHub Exploit DB Packet Storm

240312	5	警告	paul smith computer services	-	Paul Smith Computer Services vCAP の StoresAndCalendarsList.cgi におけるサービス運用妨害 (Dos) の脆弱性	-	CVE-2006-5033	2012-09-25 15:36	2006-09-27	Show	GitHub Exploit DB Packet Storm

240313	5	警告	jeroen vennegoor	-	Jeroen Vennegoor JevonCMS における重要な情報を取得される脆弱性	-	CVE-2006-5027	2012-09-25 15:36	2006-09-27	Show	GitHub Exploit DB Packet Storm

240314	10	危険	paisterist	-	Paisterist sHTTPScanner における脆弱性	-	CVE-2006-5026	2012-09-25 15:36	2006-09-27	Show	GitHub Exploit DB Packet Storm

240315	10	危険	paisterist	-	Paisterist sHTTPScanner における脆弱性	-	CVE-2006-5025	2012-09-25 15:36	2006-09-27	Show	GitHub Exploit DB Packet Storm

240316	10	危険	paisterist	-	Paisterist sHTTPScanner における脆弱性	-	CVE-2006-5024	2012-09-25 15:36	2006-09-27	Show	GitHub Exploit DB Packet Storm

240317	7.5	危険	kietu	-	Kietu の hit.php における PHP リモートファイルインクルージョンの脆弱性	-	CVE-2006-5015	2012-09-25 15:36	2006-09-26	Show	GitHub Exploit DB Packet Storm

240318	5	警告	Ipswitch, Inc.	-	WS_FTP Server の log analyzer における Files などのタブに特定の重要情報の表示を妨害される脆弱性	CWE-DesignError CWE-noinfo	CVE-2006-5001	2012-09-25 15:36	2006-09-26	Show	GitHub Exploit DB Packet Storm

240319	6.5	警告	Ipswitch, Inc.	-	WS_FTP Server におけるバッファオーバーフローの脆弱性	-	CVE-2006-5000	2012-09-25 15:36	2006-09-14	Show	GitHub Exploit DB Packet Storm

240320	10	危険	Joomla!	-	Joomla! 用の JoomlaLib における脆弱性	-	CVE-2006-4996	2012-09-25 15:36	2006-07-18	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:May 23, 2026, 4:08 a.m.

No	CVSS	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
285531	-	edinburghtour	edinburgh_by_bus	The Edinburgh by Bus application for Android, when Adobe PhoneGap 2.9.0 or earlier is used, allows remote attackers to execute arbitrary JavaScript code, and consequently access external-storage reso…	CWE-264 Permissions, Privileges, and Access Controls	CVE-2014-1886	2024-11-21 11:05	2014-03-3	Show	GitHub Exploit DB Packet Storm

285532	-	hsgroup	forzearmate	The ForzeArmate application for Android, when Adobe PhoneGap 2.9.0 or earlier is used, allows remote attackers to execute arbitrary JavaScript code, and consequently obtain write access to external-s…	CWE-264 Permissions, Privileges, and Access Controls	CVE-2014-1885	2024-11-21 11:05	2014-03-3	Show	GitHub Exploit DB Packet Storm

285533	-	apache adobe	cordova phonegap	Apache Cordova 3.3.0 and earlier and Adobe PhoneGap 2.9.0 and earlier on Windows Phone 7 and 8 do not properly restrict navigation events, which allows remote attackers to bypass intended device-reso…	CWE-264 Permissions, Privileges, and Access Controls	CVE-2014-1884	2024-11-21 11:05	2014-03-3	Show	GitHub Exploit DB Packet Storm

285534	-	adobe	phonegap	Adobe PhoneGap before 2.6.0 on Android uses the shouldOverrideUrlLoading callback instead of the proper shouldInterceptRequest callback, which allows remote attackers to bypass intended device-resour…	CWE-264 Permissions, Privileges, and Access Controls	CVE-2014-1883	2024-11-21 11:05	2014-03-3	Show	GitHub Exploit DB Packet Storm

285535	-	adobe apache	phonegap cordova	Apache Cordova 3.3.0 and earlier and Adobe PhoneGap 2.9.0 and earlier allow remote attackers to bypass intended device-resource restrictions of an event-based bridge via a crafted library clone that …	CWE-264 Permissions, Privileges, and Access Controls	CVE-2014-1882	2024-11-21 11:05	2014-03-3	Show	GitHub Exploit DB Packet Storm

285536	-	apache adobe	cordova phonegap	Apache Cordova 3.3.0 and earlier and Adobe PhoneGap 2.9.0 and earlier allow remote attackers to bypass intended device-resource restrictions of an event-based bridge via a crafted library clone that …	CWE-264 Permissions, Privileges, and Access Controls	CVE-2014-1881	2024-11-21 11:05	2014-03-3	Show	GitHub Exploit DB Packet Storm

285537	-	synology	diskstation_manager	The OpenVPN module in Synology DiskStation Manager (DSM) 4.3-3810 update 1 has a hardcoded root password of synopass, which makes it easier for remote attackers to obtain access via a VPN session.	CWE-255 CWE-200 Credentials Management Information Exposure	CVE-2014-2264	2024-11-21 11:05	2014-03-3	Show	GitHub Exploit DB Packet Storm

285538	-	cmsmadesimple	cms_made_simple	Cross-site scripting (XSS) vulnerability in lib/filemanager/ImageManager/editorFrame.php in CMS Made Simple 1.11.10 allows remote attackers to inject arbitrary web script or HTML via the action param…	CWE-79 Cross-site Scripting	CVE-2014-2092	2024-11-21 11:05	2014-03-3	Show	GitHub Exploit DB Packet Storm

285539	-	atutor	atutor	Cross-site scripting (XSS) vulnerability in mods/_standard/forums/admin/forum_add.php in ATutor 2.1.1 allows remote authenticated administrators to inject arbitrary web script or HTML via the title p…	CWE-79 Cross-site Scripting	CVE-2014-2091	2024-11-21 11:05	2014-03-3	Show	GitHub Exploit DB Packet Storm

285540	-	ilias	ilias	Multiple cross-site scripting (XSS) vulnerabilities in ilias.php in ILIAS 4.4.1 allow remote authenticated users to inject arbitrary web script or HTML via the (1) tar, (2) tar_val, or (3) title para…	CWE-79 Cross-site Scripting	CVE-2014-2090	2024-11-21 11:05	2014-03-3	Show	GitHub Exploit DB Packet Storm