Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":May 24, 2026, 2 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
240511 2.6 注意 jake olefsky - Fotopholder の index.php におけるディレクトリトラバーサルの脆弱性 - CVE-2006-4259 2012-09-25 15:35 2006-08-21 Show GitHub Exploit DB Packet Storm
240512 4 警告 john hanna - ASSP の get 機能における絶対パストラバーサルの脆弱性 - CVE-2006-4258 2012-09-25 15:35 2006-08-21 Show GitHub Exploit DB Packet Storm
240513 4 警告 IBM - IBM DB2 UDB におけるサービス運用妨害 (DoS) の脆弱性 CWE-399
リソース管理の問題 		CVE-2006-4257 2012-09-25 15:35 2006-08-21 Show GitHub Exploit DB Packet Storm
240514 4.3 警告 Horde - Horde Application Framework における他のサイトから Web ページをインクルードされる脆弱性 - CVE-2006-4256 2012-09-25 15:35 2006-08-21 Show GitHub Exploit DB Packet Storm
240515 4.3 警告 Horde - Horde IMP H3 の horde/imp/search.php におけるクロスサイトスクリプティングの脆弱性 - CVE-2006-4255 2012-09-25 15:35 2006-08-21 Show GitHub Exploit DB Packet Storm
240516 5.1 警告 Joomla! - Joomla または Mambo 用の JIM コンポーネントにおける PHP リモートファイルインクルージョンの脆弱性 - CVE-2006-4242 2012-09-25 15:35 2006-08-21 Show GitHub Exploit DB Packet Storm
240517 7.5 危険 mamboxchange - Reporter Mambo コンポーネントにおける PHP リモートファイルインクルージョンの脆弱性 - CVE-2006-4241 2012-09-25 15:35 2006-08-21 Show GitHub Exploit DB Packet Storm
240518 7.5 危険 outreach project tool - OPT Max の include/urights.php における PHP リモートファイルインクルージョンの脆弱性 - CVE-2006-4239 2012-09-25 15:35 2006-08-21 Show GitHub Exploit DB Packet Storm
240519 7.5 危険 invisionix systems - IRSR の pageheaderdefault.inc.php における PHP リモートファイルインクルージョンの脆弱性 - CVE-2006-4237 2012-09-25 15:35 2006-08-21 Show GitHub Exploit DB Packet Storm
240520 2.6 注意 Irfan Skiljan - プラグインを持つ IrfanView におけるサービス運用妨害 (DoS) の脆弱性 - CVE-2006-4231 2012-09-25 15:35 2006-08-18 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:May 24, 2026, 4:05 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
268441 8.8 HIGH
Network 		google chrome The Extensions subsystem in Google Chrome before 49.0.2623.75 does not properly maintain own properties, which allows remote attackers to bypass intended access restrictions via crafted JavaScript co… CWE-264
Permissions, Privileges, and Access Controls 		CVE-2016-1632 2024-11-21 11:46 2016-03-6 Show GitHub Exploit DB Packet Storm
268442 8.8 HIGH
Network 		google chrome The PPB_Flash_MessageLoop_Impl::InternalRun function in content/renderer/pepper/ppb_flash_message_loop_impl.cc in the Pepper plugin in Google Chrome before 49.0.2623.75 mishandles nested message loop… CWE-264
Permissions, Privileges, and Access Controls 		CVE-2016-1631 2024-11-21 11:46 2016-03-6 Show GitHub Exploit DB Packet Storm
268443 8.8 HIGH
Network 		google chrome The ContainerNode::parserRemoveChild function in WebKit/Source/core/dom/ContainerNode.cpp in Blink, as used in Google Chrome before 49.0.2623.75, mishandles widget updates, which makes it easier for … CWE-264
Permissions, Privileges, and Access Controls 		CVE-2016-1630 2024-11-21 11:46 2016-03-6 Show GitHub Exploit DB Packet Storm
268444 8.8 HIGH
Network 		cisco prime_infrastructure Cisco Prime Infrastructure 3.0 allows remote authenticated users to execute arbitrary code via a crafted HTTP request that is mishandled during viewing of a log file, aka Bug ID CSCuw81494. CWE-20
 Improper Input Validation  		CVE-2016-1359 2024-11-21 11:46 2016-03-4 Show GitHub Exploit DB Packet Storm
268445 6.4 MEDIUM
Network 		cisco prime_infrastructure Cisco Prime Infrastructure 2.2, 3.0, and 3.1(0.0) allows remote authenticated users to read arbitrary files or cause a denial of service via an XML document containing an external entity declaration … CWE-119
Incorrect Access of Indexable Resource ('Range Error')  		CVE-2016-1358 2024-11-21 11:46 2016-03-4 Show GitHub Exploit DB Packet Storm
268446 5.3 MEDIUM
Network 		cisco cisco_policy_suite The password-management administration component in Cisco Policy Suite (CPS) 7.0.1.3, 7.0.2, 7.0.2-att, 7.0.3-att, 7.0.4-att, and 7.5.0 allows remote attackers to bypass intended RBAC restrictions an… CWE-200
Information Exposure 		CVE-2016-1357 2024-11-21 11:46 2016-03-4 Show GitHub Exploit DB Packet Storm
268447 3.7 LOW
Network 		cisco firesight_system_software Cisco FireSIGHT System Software 6.1.0 does not use a constant-time algorithm for verifying credentials, which makes it easier for remote attackers to enumerate valid usernames by measuring timing dif… CWE-287
CWE-255
Improper Authentication
Credentials Management 		CVE-2016-1356 2024-11-21 11:46 2016-03-4 Show GitHub Exploit DB Packet Storm
268448 5.3 MEDIUM
Network 		cisco web_security_appliance The HTTPS Proxy feature in Cisco AsyncOS before 8.5.3-051 and 9.x before 9.0.0-485 on Web Security Appliance (WSA) devices allows remote attackers to cause a denial of service (service outage) by lev… CWE-20
 Improper Input Validation  		CVE-2016-1288 2024-11-21 11:46 2016-03-4 Show GitHub Exploit DB Packet Storm
268449 6.1 MEDIUM
Network 		cisco firesight_system_software Cross-site scripting (XSS) vulnerability in the Device Management UI in the management interface in Cisco FireSIGHT System Software 6.1.0 allows remote attackers to inject arbitrary web script or HTM… CWE-79
Cross-site Scripting 		CVE-2016-1355 2024-11-21 11:46 2016-03-4 Show GitHub Exploit DB Packet Storm
268450 6.1 MEDIUM
Network 		cisco unified_communications_domain_manager Cross-site scripting (XSS) vulnerability in Cisco Unified Communications Domain Manager (UCDM) 8.x before 8.1.1 allows remote attackers to inject arbitrary web script or HTML via crafted markup data,… CWE-79
Cross-site Scripting 		CVE-2016-1354 2024-11-21 11:46 2016-03-4 Show GitHub Exploit DB Packet Storm