Vulnerability Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":May 23, 2026, 6 p.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
240361	4.3	警告	jupiter cms	-	Jupiter CMS におけるクロスサイトスクリプティングの脆弱性	-	CVE-2006-4874	2012-09-25 15:35	2006-09-19	Show	GitHub Exploit DB Packet Storm

240362	5	警告	jupiter cms	-	Jupiter CMS における重要な情報を取得される脆弱性	-	CVE-2006-4873	2012-09-25 15:35	2006-09-19	Show	GitHub Exploit DB Packet Storm

240363	7.5	危険	keyvan1	-	Keyvan1 ECardPro の search.asp における SQL インジェクションの脆弱性	-	CVE-2006-4872	2012-09-25 15:35	2006-09-19	Show	GitHub Exploit DB Packet Storm

240364	7.5	危険	keyvan1	-	Keyvan1 EShoppingPro の search_run.asp における SQL インジェクションの脆弱性	-	CVE-2006-4871	2012-09-25 15:35	2006-09-19	Show	GitHub Exploit DB Packet Storm

240365	7.5	危険	perlunity	-	phpunity.postcard の phpunity-postcard.php における PHP リモートファイルインクルージョンの脆弱性	CWE-94 コード・インジェクション	CVE-2006-4869	2012-09-25 15:35	2006-09-19	Show	GitHub Exploit DB Packet Storm

240366	7.5	危険	mohammed mehdi panjwani	-	Mohammed Mehdi Panjwani Complain Center の loginprocess.asp における SQL インジェクションの脆弱性	-	CVE-2006-4861	2012-09-25 15:35	2006-09-19	Show	GitHub Exploit DB Packet Storm

240367	10	危険	limbo cms	-	Limbo CMS の index.php などにおける脆弱性	-	CVE-2006-4860	2012-09-25 15:35	2006-09-19	Show	GitHub Exploit DB Packet Storm

240368	7.5	危険	limbo cms	-	Limbo CMS の contact コンポーネントにおける images/contact フォルダへ PHP コードをアップロードされる脆弱性	-	CVE-2006-4859	2012-09-25 15:35	2006-09-19	Show	GitHub Exploit DB Packet Storm

240369	6.8	警告	mamboxchange	-	Mambo 用の serverstat コンポーネントにおける PHP リモートファイルインクルージョンの脆弱性	CWE-94 コード・インジェクション	CVE-2006-4858	2012-09-25 15:35	2006-09-19	Show	GitHub Exploit DB Packet Storm

240370	7.5	危険	haberx	-	Haberx の kategorix.asp における SQL インジェクションの脆弱性	-	CVE-2006-4853	2012-09-25 15:35	2006-09-18	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:May 23, 2026, 4:08 a.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
267591	8.8	HIGH Network	oracle mozilla suse opensuse sil	linux firefox linux_enterprise leap opensuse graphite2	The graphite2::TtfUtil::CmapSubtable12Lookup function in Graphite 2 before 1.3.6, as used in Mozilla Firefox before 45.0 and Firefox ESR 38.x before 38.7, allows remote attackers to cause a denial of…	CWE-119 Incorrect Access of Indexable Resource ('Range Error')	CVE-2016-2797	2024-11-21 11:48	2016-03-14	Show	GitHub Exploit DB Packet Storm

267592	8.8	HIGH Network	sil suse opensuse oracle mozilla	graphite2 linux_enterprise leap opensuse linux firefox	Heap-based buffer overflow in the graphite2::vm::Machine::Code::Code function in Graphite 2 before 1.3.6, as used in Mozilla Firefox before 45.0 and Firefox ESR 38.x before 38.7, allows remote attack…	CWE-119 Incorrect Access of Indexable Resource ('Range Error')	CVE-2016-2796	2024-11-21 11:48	2016-03-14	Show	GitHub Exploit DB Packet Storm

267593	8.8	HIGH Network	suse opensuse oracle mozilla sil	linux_enterprise leap opensuse linux firefox graphite2	The graphite2::FileFace::get_table_fn function in Graphite 2 before 1.3.6, as used in Mozilla Firefox before 45.0 and Firefox ESR 38.x before 38.7, does not initialize memory for an unspecified data …	CWE-19 Data Processing Errors	CVE-2016-2795	2024-11-21 11:48	2016-03-14	Show	GitHub Exploit DB Packet Storm

267594	8.8	HIGH Network	mozilla sil suse opensuse oracle	firefox graphite2 linux_enterprise leap opensuse linux	The graphite2::TtfUtil::CmapSubtable12NextCodepoint function in Graphite 2 before 1.3.6, as used in Mozilla Firefox before 45.0 and Firefox ESR 38.x before 38.7, allows remote attackers to cause a de…	CWE-119 Incorrect Access of Indexable Resource ('Range Error')	CVE-2016-2794	2024-11-21 11:48	2016-03-14	Show	GitHub Exploit DB Packet Storm

267595	8.8	HIGH Network	oracle mozilla sil suse opensuse	linux firefox graphite2 linux_enterprise leap opensuse	CachedCmap.cpp in Graphite 2 before 1.3.6, as used in Mozilla Firefox before 45.0 and Firefox ESR 38.x before 38.7, allows remote attackers to cause a denial of service (buffer over-read) or possibly…	CWE-119 Incorrect Access of Indexable Resource ('Range Error')	CVE-2016-2793	2024-11-21 11:48	2016-03-14	Show	GitHub Exploit DB Packet Storm

267596	8.8	HIGH Network	sil mozilla oracle suse opensuse	graphite2 firefox linux linux_enterprise leap opensuse	The graphite2::Slot::getAttr function in Slot.cpp in Graphite 2 before 1.3.6, as used in Mozilla Firefox before 45.0 and Firefox ESR 38.x before 38.7, allows remote attackers to cause a denial of ser…	CWE-119 Incorrect Access of Indexable Resource ('Range Error')	CVE-2016-2792	2024-11-21 11:48	2016-03-14	Show	GitHub Exploit DB Packet Storm

267597	8.8	HIGH Network	suse opensuse mozilla oracle sil	linux_enterprise leap opensuse firefox linux graphite2	The graphite2::GlyphCache::glyph function in Graphite 2 before 1.3.6, as used in Mozilla Firefox before 45.0 and Firefox ESR 38.x before 38.7, allows remote attackers to cause a denial of service (bu…	CWE-119 Incorrect Access of Indexable Resource ('Range Error')	CVE-2016-2791	2024-11-21 11:48	2016-03-14	Show	GitHub Exploit DB Packet Storm

267598	8.8	HIGH Network	suse opensuse mozilla sil oracle	linux_enterprise leap opensuse firefox graphite2 linux	The graphite2::TtfUtil::GetTableInfo function in Graphite 2 before 1.3.6, as used in Mozilla Firefox before 45.0 and Firefox ESR 38.x before 38.7, does not initialize memory for an unspecified data s…	CWE-19 Data Processing Errors	CVE-2016-2790	2024-11-21 11:48	2016-03-14	Show	GitHub Exploit DB Packet Storm

267599	5.9	MEDIUM Network	isc debian canonical	dhcp debian_linux ubuntu_linux	ISC DHCP 4.1.x before 4.1-ESV-R13 and 4.2.x and 4.3.x before 4.3.4 does not restrict the number of concurrent TCP sessions, which allows remote attackers to cause a denial of service (INSIST assertio…	CWE-20 Improper Input Validation	CVE-2016-2774	2024-11-21 11:48	2016-03-10	Show	GitHub Exploit DB Packet Storm

267600	5.3	MEDIUM Network	google	chrome	The Content Security Policy (CSP) implementation in Blink, as used in Google Chrome before 49.0.2623.75, does not ignore a URL's path component in the case of a ServiceWorker fetch, which allows remo…	CWE-200 Information Exposure	CVE-2016-2845	2024-11-21 11:48	2016-03-6	Show	GitHub Exploit DB Packet Storm

Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed