Vulnerability Search Top

Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

Vulnerability Information Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":May 24, 2026, 6 p.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
240381	5	警告	hotplug cms	-	HotPlug CMS における管理者用パスワードを読まれる脆弱性	-	CVE-2006-4772	2012-09-25 15:35	2006-09-13	Show	GitHub Exploit DB Packet Storm

240382	4.3	警告	jbc	-	ForumJBC の haut.php におけるクロスサイトスクリプティングの脆弱性	-	CVE-2006-4771	2012-09-25 15:35	2006-09-13	Show	GitHub Exploit DB Packet Storm

240383	7.5	危険	miniportal	-	MiniPort@l の menu.php における PHP リモートファイルインクルージョンの脆弱性	-	CVE-2006-4770	2012-09-25 15:35	2006-09-13	Show	GitHub Exploit DB Packet Storm

240384	5	警告	ネットギア	-	NETGEAR DG834GT Wireless ADSL ルータにおけるサービス運用妨害 (DoS) の脆弱性	-	CVE-2006-4765	2012-09-25 15:35	2006-09-13	Show	GitHub Exploit DB Packet Storm

240385	7.5	危険	openbb	-	Open Bulletin Board (OpenBB) における PHP リモートファイルインクルージョンの脆弱性	-	CVE-2006-4722	2012-09-25 15:35	2006-09-12	Show	GitHub Exploit DB Packet Storm

240386	7.5	危険	mcgallery	-	mcGalleryPRO の random2.php における PHP リモートファイルインクルージョンの脆弱性	-	CVE-2006-4720	2012-09-25 15:35	2006-09-12	Show	GitHub Exploit DB Packet Storm

240387	5.1	警告	myabracadaweb	-	MyABraCaDaWeb における PHP リモートファイルインクルージョンの脆弱性	-	CVE-2006-4719	2012-09-25 15:35	2006-09-12	Show	GitHub Exploit DB Packet Storm

240388	6.8	警告	korviblog	-	KorviBlog の livre_or.php におけるクロスサイトスクリプティングの脆弱性	-	CVE-2006-4718	2012-09-25 15:35	2006-09-12	Show	GitHub Exploit DB Packet Storm

240389	4.3	警告	NewsGator Technologies, Inc.	-	NewsGator FeedDemon におけるクロスサイトスクリプティングの脆弱性	-	CVE-2006-4710	2012-09-25 15:35	2006-09-12	Show	GitHub Exploit DB Packet Storm

240390	6.8	警告	mybulletinboard	-	MyBB の admin/global.php におけるクロスサイトスクリプティングの脆弱性	-	CVE-2006-4707	2012-09-25 15:35	2006-09-12	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:May 25, 2026, 4:01 a.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
267441	9.8	CRITICAL Network	php	php	Stack-based buffer overflow in ext/phar/tar.c in PHP before 5.5.32, 5.6.x before 5.6.18, and 7.x before 7.0.3 allows remote attackers to cause a denial of service (application crash) or possibly have…	CWE-119 Incorrect Access of Indexable Resource ('Range Error')	CVE-2016-2554	2024-11-21 11:48	2016-05-16	Show	GitHub Exploit DB Packet Storm

267442	9.8	CRITICAL Network	meteocontrol	web\'log_pro web\'log_pro_unlimited web\'log_basic_100 web\'log_light	Meteocontrol WEB'log Basic 100, Light, Pro, and Pro Unlimited allows remote attackers to obtain sensitive cleartext information via unspecified vectors.	CWE-200 Information Exposure	CVE-2016-2298	2024-11-21 11:48	2016-05-15	Show	GitHub Exploit DB Packet Storm

267443	9.4	CRITICAL Network	meteocontrol	web\'log_pro web\'log_pro_unlimited web\'log_basic_100 web\'log_light	Meteocontrol WEB'log Basic 100, Light, Pro, and Pro Unlimited allows remote attackers to execute arbitrary commands via an "access command shell-like feature."	NVD-CWE-noinfo	CVE-2016-2297	2024-11-21 11:48	2016-05-15	Show	GitHub Exploit DB Packet Storm

267444	9.4	CRITICAL Network	meteocontrol	web\'log_pro web\'log_pro_unlimited web\'log_basic_100 web\'log_light	Meteocontrol WEB'log Basic 100, Light, Pro, and Pro Unlimited does not require authentication for "post-admin" login pages, which allows remote attackers to obtain sensitive information or modify dat…	CWE-254 7PK - Security Features	CVE-2016-2296	2024-11-21 11:48	2016-05-15	Show	GitHub Exploit DB Packet Storm

267445	6.5	MEDIUM Network	openafs debian	openafs debian_linux	The newEntry function in ptserver/ptprocs.c in OpenAFS before 1.6.17 allows remote authenticated users from foreign Kerberos realms to bypass intended access restrictions and create arbitrary groups …	CWE-284 Improper Access Control	CVE-2016-2860	2024-11-21 11:48	2016-05-14	Show	GitHub Exploit DB Packet Storm

267446	7.5	HIGH Network	fedoraproject botan_project	fedora botan	Botan 1.11.x before 1.11.29 does not enforce TLS policy for (1) signature algorithms and (2) ECC curves, which allows remote attackers to conduct downgrade attacks via unspecified vectors.	CWE-20 Improper Input Validation	CVE-2016-2850	2024-11-21 11:48	2016-05-13	Show	GitHub Exploit DB Packet Storm

267447	7.5	HIGH Network	debian fedoraproject botan_project	debian_linux fedora botan	Botan before 1.10.13 and 1.11.x before 1.11.29 do not use a constant-time algorithm to perform a modular inverse on the signature nonce k, which might allow remote attackers to obtain ECDSA secret ke…	CWE-200 Information Exposure	CVE-2016-2849	2024-11-21 11:48	2016-05-13	Show	GitHub Exploit DB Packet Storm

267448	9.8	CRITICAL Network	botan_project	botan	Heap-based buffer overflow in the P-521 reduction function in Botan 1.11.x before 1.11.27 allows remote attackers to cause a denial of service (memory overwrite and crash) or execute arbitrary code v…	CWE-119 Incorrect Access of Indexable Resource ('Range Error')	CVE-2016-2196	2024-11-21 11:48	2016-05-13	Show	GitHub Exploit DB Packet Storm

267449	9.8	CRITICAL Network	botan_project debian	botan debian_linux	Integer overflow in the PointGFp constructor in Botan before 1.10.11 and 1.11.x before 1.11.27 allows remote attackers to overwrite memory and possibly execute arbitrary code via a crafted ECC point,…	CWE-119 Incorrect Access of Indexable Resource ('Range Error')	CVE-2016-2195	2024-11-21 11:48	2016-05-13	Show	GitHub Exploit DB Packet Storm

267450	7.5	HIGH Network	debian botan_project	debian_linux botan	The ressol function in Botan before 1.10.11 and 1.11.x before 1.11.27 allows remote attackers to cause a denial of service (infinite loop) via unspecified input to the OS2ECP function, related to a c…	CWE-20 Improper Input Validation	CVE-2016-2194	2024-11-21 11:48	2016-05-13	Show	GitHub Exploit DB Packet Storm