Vulnerability Search Top

Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

Vulnerability Information Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":May 30, 2026, 6 p.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
240431	7.5	危険	The PHP Group	-	BLOG:CMS の admin/plugins/NP_UserSharing.php における PHP リモートファイルインクルージョンの脆弱性	-	CVE-2006-6552	2012-09-25 15:36	2006-12-14	Show	GitHub Exploit DB Packet Storm

240432	4.3	警告	mlipod	-	Winamp iPod プラグインの read_aa.cpp におけるバッファオーバーフローの脆弱性	-	CVE-2006-6547	2012-09-25 15:36	2006-12-14	Show	GitHub Exploit DB Packet Storm

240433	7.5	危険	The PHP Group	-	mxBB 用の ErrorDocs における PHP リモートファイルインクルージョンの脆弱性	-	CVE-2006-6545	2012-09-25 15:36	2006-12-13	Show	GitHub Exploit DB Packet Storm

240434	7.5	危険	IBM	-	IBM WebSphere Host On-Demand における認証を回避される脆弱性	-	CVE-2006-6537	2012-09-25 15:36	2006-12-13	Show	GitHub Exploit DB Packet Storm

240435	4.3	警告	osCommerce	-	osCommerce におけるクロスサイトスクリプティングの脆弱性	-	CVE-2006-6534	2012-09-25 15:36	2006-12-13	Show	GitHub Exploit DB Packet Storm

240436	7.5	危険	osCommerce	-	osCommerce の admin/templates_boxes_layout.php におけるディレクトリトラバーサルの脆弱性	-	CVE-2006-6533	2012-09-25 15:36	2006-12-13	Show	GitHub Exploit DB Packet Storm

240437	6.8	警告	kdpics	-	KDPics におけるクロスサイトスクリプティングの脆弱性	-	CVE-2006-6517	2012-09-25 15:36	2006-12-13	Show	GitHub Exploit DB Packet Storm

240438	7.5	危険	kdpics	-	KDPics における PHP リモートファイルインクルージョンの脆弱性	-	CVE-2006-6516	2012-09-25 15:36	2006-12-13	Show	GitHub Exploit DB Packet Storm

240439	10	危険	Mantis	-	Mantis における脆弱性	-	CVE-2006-6515	2012-09-25 15:36	2006-12-13	Show	GitHub Exploit DB Packet Storm

240440	5.1	警告	OpenLDAP Foundation	-	OpenLDAP の servers/slapd/kerberos.c におけるバッファオーバーフローの脆弱性	-	CVE-2006-6493	2012-09-25 15:36	2006-12-12	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:May 30, 2026, 4:16 a.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
266671	7.5	HIGH Network	ibm	security_privileged_identity_manager_virtual_appliance	IBM Security Privileged Identity Manager (ISPIM) Virtual Appliance 2.x before 2.0.2 FP8 allows remote attackers to defeat cryptographic protection mechanisms and obtain sensitive information by lever…	CWE-310 Cryptographic Issues	CVE-2016-5957	2024-11-21 11:55	2016-09-26	Show	GitHub Exploit DB Packet Storm

266672	5.7	MEDIUM Network	ibm	tivoli_storage_productivity_center spectrum_control	IBM Spectrum Control (formerly Tivoli Storage Productivity Center) 5.2.x before 5.2.11 allows remote authenticated users to conduct clickjacking attacks via a crafted web site.	CWE-20 Improper Input Validation	CVE-2016-5947	2024-11-21 11:55	2016-09-26	Show	GitHub Exploit DB Packet Storm

266673	6.5	MEDIUM Network	ibm	spectrum_control tivoli_storage_productivity_center	Directory traversal vulnerability in IBM Spectrum Control (formerly Tivoli Storage Productivity Center) 5.2.x before 5.2.11 allows remote authenticated users to read arbitrary files via a .. (dot dot…	CWE-200 Information Exposure	CVE-2016-5946	2024-11-21 11:55	2016-09-26	Show	GitHub Exploit DB Packet Storm

266674	4.3	MEDIUM Network	ibm	spectrum_control tivoli_storage_productivity_center	IBM Spectrum Control (formerly Tivoli Storage Productivity Center) 5.2.x before 5.2.11 allows remote authenticated users to upload non-executable files via a crafted HTTP request.	CWE-284 Improper Access Control	CVE-2016-5945	2024-11-21 11:55	2016-09-26	Show	GitHub Exploit DB Packet Storm

266675	5.4	MEDIUM Network	ibm	spectrum_control tivoli_storage_productivity_center	Cross-site scripting (XSS) vulnerability in the Web UI in IBM Spectrum Control (formerly Tivoli Storage Productivity Center) 5.2.x before 5.2.11 allows remote authenticated users to inject arbitrary …	CWE-79 Cross-site Scripting	CVE-2016-5944	2024-11-21 11:55	2016-09-26	Show	GitHub Exploit DB Packet Storm

266676	5.4	MEDIUM Network	ibm	spectrum_control	IBM Spectrum Control (formerly Tivoli Storage Productivity Center) 5.2.x before 5.2.11 allows remote authenticated users to bypass intended access restrictions, and read task details or edit properti…	CWE-284 Improper Access Control	CVE-2016-5943	2024-11-21 11:55	2016-09-26	Show	GitHub Exploit DB Packet Storm

266677	8.8	HIGH Local	moxa	active_opc_server	Unquoted Windows search path vulnerability in Moxa Active OPC Server before 2.4.19 allows local users to gain privileges via a Trojan horse executable file in the %SYSTEMDRIVE% directory.	CWE-428 Unquoted Search Path or Element	CVE-2016-5793	2024-11-21 11:55	2016-09-24	Show	GitHub Exploit DB Packet Storm

266678	8.4	HIGH Local	redhat	quickstart_cloud_installer	The kickstart file in Red Hat QuickStart Cloud Installer (QCI) forces use of MD5 passwords on deployed systems, which makes it easier for attackers to determine cleartext passwords via a brute-force …	CWE-254 7PK - Security Features	CVE-2016-6340	2024-11-21 11:55	2016-09-23	Show	GitHub Exploit DB Packet Storm

266679	8.4	HIGH Local	redhat	quickstart_cloud_installer	Red Hat QuickStart Cloud Installer (QCI) uses world-readable permissions for /etc/qci/answers, which allows local users to obtain the root password for the deployed system by reading the file.	CWE-264 Permissions, Privileges, and Access Controls	CVE-2016-6322	2024-11-21 11:55	2016-09-23	Show	GitHub Exploit DB Packet Storm

266680	5.5	MEDIUM Local	artifex opensuse	mupdf leap opensuse	Use-after-free vulnerability in the pdf_load_xref function in pdf/pdf-xref.c in MuPDF allows remote attackers to cause a denial of service (crash) via a crafted PDF file.	CWE-416 Use After Free	CVE-2016-6265	2024-11-21 11:55	2016-09-23	Show	GitHub Exploit DB Packet Storm