Vulnerability Search Top

Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

Vulnerability Information Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":May 22, 2026, 6 p.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
240511	2.6	注意	jake olefsky	-	Fotopholder の index.php におけるディレクトリトラバーサルの脆弱性	-	CVE-2006-4259	2012-09-25 15:35	2006-08-21	Show	GitHub Exploit DB Packet Storm

240512	4	警告	john hanna	-	ASSP の get 機能における絶対パストラバーサルの脆弱性	-	CVE-2006-4258	2012-09-25 15:35	2006-08-21	Show	GitHub Exploit DB Packet Storm

240513	4	警告	IBM	-	IBM DB2 UDB におけるサービス運用妨害 (DoS) の脆弱性	CWE-399 リソース管理の問題	CVE-2006-4257	2012-09-25 15:35	2006-08-21	Show	GitHub Exploit DB Packet Storm

240514	4.3	警告	Horde	-	Horde Application Framework における他のサイトから Web ページをインクルードされる脆弱性	-	CVE-2006-4256	2012-09-25 15:35	2006-08-21	Show	GitHub Exploit DB Packet Storm

240515	4.3	警告	Horde	-	Horde IMP H3 の horde/imp/search.php におけるクロスサイトスクリプティングの脆弱性	-	CVE-2006-4255	2012-09-25 15:35	2006-08-21	Show	GitHub Exploit DB Packet Storm

240516	5.1	警告	Joomla!	-	Joomla または Mambo 用の JIM コンポーネントにおける PHP リモートファイルインクルージョンの脆弱性	-	CVE-2006-4242	2012-09-25 15:35	2006-08-21	Show	GitHub Exploit DB Packet Storm

240517	7.5	危険	mamboxchange	-	Reporter Mambo コンポーネントにおける PHP リモートファイルインクルージョンの脆弱性	-	CVE-2006-4241	2012-09-25 15:35	2006-08-21	Show	GitHub Exploit DB Packet Storm

240518	7.5	危険	outreach project tool	-	OPT Max の include/urights.php における PHP リモートファイルインクルージョンの脆弱性	-	CVE-2006-4239	2012-09-25 15:35	2006-08-21	Show	GitHub Exploit DB Packet Storm

240519	7.5	危険	invisionix systems	-	IRSR の pageheaderdefault.inc.php における PHP リモートファイルインクルージョンの脆弱性	-	CVE-2006-4237	2012-09-25 15:35	2006-08-21	Show	GitHub Exploit DB Packet Storm

240520	2.6	注意	Irfan Skiljan	-	プラグインを持つ IrfanView におけるサービス運用妨害 (DoS) の脆弱性	-	CVE-2006-4231	2012-09-25 15:35	2006-08-18	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:May 22, 2026, 4:08 a.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
267101	9.8	CRITICAL Network	apache	struts	XSLTResult in Apache Struts 2.x before 2.3.20.2, 2.3.24.x before 2.3.24.2, and 2.3.28.x before 2.3.28.1 allows remote attackers to execute arbitrary code via the stylesheet location parameter.	CWE-20 Improper Input Validation	CVE-2016-3082	2024-11-21 11:49	2016-04-26	Show	GitHub Exploit DB Packet Storm

267102	8.1	HIGH Network	apache oracle	struts siebel_e-billing	Apache Struts 2.3.19 to 2.3.20.2, 2.3.21 to 2.3.24.1, and 2.3.25 to 2.3.28, when Dynamic Method Invocation is enabled, allow remote attackers to execute arbitrary code via method: prefix, related to …	CWE-77 Command Injection	CVE-2016-3081	2024-11-21 11:49	2016-04-26	Show	GitHub Exploit DB Packet Storm

267103	9.8	CRITICAL Network	libgd debian fedoraproject canonical opensuse php	libgd debian_linux fedora ubuntu_linux opensuse php	Integer signedness error in GD Graphics Library 2.1.1 (aka libgd or libgd2) allows remote attackers to cause a denial of service (crash) or potentially execute arbitrary code via crafted compressed g…	CWE-681 Incorrect Conversion between Numeric Types	CVE-2016-3074	2024-11-21 11:49	2016-04-26	Show	GitHub Exploit DB Packet Storm

267104	6.1	MEDIUM Network	blackberry	enterprise_server	Cross-site scripting (XSS) vulnerability in the Management Console in BlackBerry Enterprise Server (BES) 12 before 12.4.1 allows remote attackers to inject arbitrary web script or HTML via a crafted …	CWE-79 Cross-site Scripting	CVE-2016-3126	2024-11-21 11:49	2016-04-23	Show	GitHub Exploit DB Packet Storm

267105	4.6	MEDIUM Physics	lexmark	printer_firmware	Lexmark printers with firmware ATL before ATL.021.063, CB before CB.021.063, PP before PP.021.063, and YK before YK.021.063 mishandle Erase Printer Memory and Erase Hard Disk actions, which allows ph…	CWE-200 Information Exposure	CVE-2016-3145	2024-11-21 11:49	2016-04-22	Show	GitHub Exploit DB Packet Storm

267106	7.5	HIGH Network	opensuse cairographics	opensuse cairo	The fill_xrgb32_lerp_opaque_spans function in cairo-image-compositor.c in cairo before 1.14.2 allows remote attackers to cause a denial of service (out-of-bounds read and application crash) via a neg…	CWE-119 Incorrect Access of Indexable Resource ('Range Error')	CVE-2016-3190	2024-11-21 11:49	2016-04-21	Show	GitHub Exploit DB Packet Storm

267107	6.4	MEDIUM Network	oracle	agile_product_lifecycle_management_framework	Unspecified vulnerability in the Oracle Agile PLM component in Oracle Supply Chain Products Suite 9.3.1.1, 9.3.1.2, 9.3.2, and 9.3.3 allows remote authenticated users to affect confidentiality and in…	NVD-CWE-noinfo	CVE-2016-3431	2024-11-21 11:49	2016-04-21	Show	GitHub Exploit DB Packet Storm

267108	4.5	MEDIUM Physics	oracle	retail_xstore_point_of_service	Unspecified vulnerability in the Oracle Retail Xstore Point of Service component in Oracle Retail Applications 5.0, 5.5, 6.0, 6.5, 7.0, and 7.1 allows remote authenticated users to affect confidentia…	NVD-CWE-noinfo	CVE-2016-3429	2024-11-21 11:49	2016-04-21	Show	GitHub Exploit DB Packet Storm

267109	3.1	LOW Adjacent	oracle	agile_engineering_data_management	Unspecified vulnerability in the Oracle Agile Engineering Data Management component in Oracle Supply Chain Products Suite 6.1.3.0 and 6.2.0.0 allows remote attackers to affect availability via vector…	NVD-CWE-noinfo	CVE-2016-3428	2024-11-21 11:49	2016-04-21	Show	GitHub Exploit DB Packet Storm

267110	3.1	LOW Network	oracle	jdk jre	Unspecified vulnerability in Oracle Java SE 8u77 and Java SE Embedded 8u77 allows remote attackers to affect confidentiality via vectors related to JCE.	NVD-CWE-noinfo	CVE-2016-3426	2024-11-21 11:49	2016-04-21	Show	GitHub Exploit DB Packet Storm