Vulnerability Search Top

Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

Vulnerability Information Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":May 26, 2026, 6 p.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
240501	5	警告	patrick michaelis	-	Patrick Michaelis Wili-CMS における重要な情報を取得される脆弱性	-	CVE-2006-4989	2012-09-25 15:36	2006-09-25	Show	GitHub Exploit DB Packet Storm

240502	4.3	警告	patrick michaelis	-	Patrick Michaelis Wili-CMS におけるクロスサイトスクリプティングの脆弱性	-	CVE-2006-4988	2012-09-25 15:36	2006-09-25	Show	GitHub Exploit DB Packet Storm

240503	7.5	危険	patrick michaelis	-	Patrick Michaelis Wili-CMS における PHP リモートファイルインクルージョンの脆弱性	-	CVE-2006-4987	2012-09-25 15:36	2006-09-25	Show	GitHub Exploit DB Packet Storm

240504	5	警告	John Lim	-	PHP 用の John Lim ADOdb Library 内の Date Library における重要な情報を取得される脆弱性	-	CVE-2006-4976	2012-09-25 15:36	2006-09-24	Show	GitHub Exploit DB Packet Storm

240505	7.5	危険	Ipswitch, Inc.	-	Ipswitch WS_FTP LE におけるバッファオーバーフローの脆弱性	-	CVE-2006-4974	2012-09-25 15:36	2006-09-24	Show	GitHub Exploit DB Packet Storm

240506	5.1	警告	mybulletinboard	-	MyBB の archive/index.php/forum-4.html におけるクロスサイトスクリプティングの脆弱性	-	CVE-2006-4972	2012-09-25 15:36	2006-09-24	Show	GitHub Exploit DB Packet Storm

240507	5	警告	mybulletinboard	-	MyBB における重要な情報を取得される脆弱性	-	CVE-2006-4971	2012-09-25 15:36	2006-09-24	Show	GitHub Exploit DB Packet Storm

240508	6.8	警告	nextage	-	NextAge Cart におけるクロスサイトスクリプティングの脆弱性	-	CVE-2006-4967	2012-09-25 15:36	2006-09-24	Show	GitHub Exploit DB Packet Storm

240509	6.8	警告	neosys	-	Java 用の Neon WebMail におけるクロスサイトスクリプティングの脆弱性	-	CVE-2006-4956	2012-09-25 15:36	2006-09-23	Show	GitHub Exploit DB Packet Storm

240510	5	警告	neosys	-	Java 用の Neon WebMail におけるディレクトリトラバーサルの脆弱性	-	CVE-2006-4955	2012-09-25 15:36	2006-09-23	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:May 26, 2026, 4:05 a.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
268781	8.8	HIGH Network	add_from_server_project	add_from_server	The add-from-server plugin before 3.3.2 for WordPress has CSRF for importing a large file.	CWE-352 Origin Validation Error	CVE-2016-10914	2024-11-21 11:45	2019-08-21	Show	GitHub Exploit DB Packet Storm

268782	6.1	MEDIUM Network	joomunited	wp_latest_posts	The wp-latest-posts plugin before 3.7.5 for WordPress has XSS.	CWE-79 Cross-site Scripting	CVE-2016-10913	2024-11-21 11:45	2019-08-21	Show	GitHub Exploit DB Packet Storm

268783	6.1	MEDIUM Network	crayon_syntax_highlighter_project	crayon_syntax_highlighter	The crayon-syntax-highlighter plugin before 2.8.4 for WordPress has multiple XSS issues via AJAX requests.	CWE-79 Cross-site Scripting	CVE-2016-10893	2024-11-21 11:45	2019-08-21	Show	GitHub Exploit DB Packet Storm

268784	7.8	HIGH Local	linux	linux_kernel	An issue was discovered in drivers/iio/dac/ad5755.c in the Linux kernel before 4.8.6. There is an out of bounds write in the function ad5755_parse_dt.	CWE-787 Out-of-bounds Write	CVE-2016-10907	2024-11-21 11:45	2019-08-19	Show	GitHub Exploit DB Packet Storm

268785	7.0	HIGH Local	linux	linux_kernel	An issue was discovered in drivers/net/ethernet/arc/emac_main.c in the Linux kernel before 4.5. A use-after-free is caused by a race condition between the functions arc_emac_tx and arc_emac_tx_clean.	CWE-362 CWE-416 Race Condition Use After Free	CVE-2016-10906	2024-11-21 11:45	2019-08-19	Show	GitHub Exploit DB Packet Storm

268786	7.8	HIGH Local	linux	linux_kernel	An issue was discovered in fs/gfs2/rgrp.c in the Linux kernel before 4.8. A use-after-free is caused by the functions gfs2_clear_rgrpd and read_rindex_entry.	CWE-416 Use After Free	CVE-2016-10905	2024-11-21 11:45	2019-08-19	Show	GitHub Exploit DB Packet Storm

268787	9.8	CRITICAL Network	olimometer_project	olimometer	The olimometer plugin before 2.57 for WordPress has SQL injection.	CWE-89 SQL Injection	CVE-2016-10904	2024-11-21 11:45	2019-08-16	Show	GitHub Exploit DB Packet Storm

268788	4.6	MEDIUM Physics	xtrlock_project debian	xtrlock debian_linux	xtrlock through 2.10 does not block multitouch events. Consequently, an attacker at a locked screen can send input to (and thus control) various programs such as Chromium via events such as pan scrol…	CWE-254 7PK - Security Features	CVE-2016-10894	2024-11-21 11:45	2019-08-16	Show	GitHub Exploit DB Packet Storm

268789	5.9	MEDIUM Network	jetstar	jetstar	Jetstar App for iOS before 3.0.0 does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certific…	CWE-295 Improper Certificate Validation	CVE-2016-1221	2024-11-21 11:45	2017-04-22	Show	GitHub Exploit DB Packet Storm

268790	5.9	MEDIUM Network	the_hyakugo_bank	105_bank	The 105 BANK app 1.0 and 1.1 for Android and 1.0 for iOS does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive informatio…	CWE-295 Improper Certificate Validation	CVE-2016-1210	2024-11-21 11:45	2017-04-22	Show	GitHub Exploit DB Packet Storm