Vulnerability Search Top

Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

Vulnerability Information Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":May 22, 2026, 6 p.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
240551	5.1	警告	imendio planner	-	Imendio Planner におけるフォーマットストリングの脆弱性	-	CVE-2006-4070	2012-09-25 15:35	2006-08-9	Show	GitHub Exploit DB Packet Storm

240552	4.3	警告	ozjournals	-	Elaine Aquino OZJournals におけるクロスサイトスクリプティングの脆弱性	-	CVE-2006-4069	2012-09-25 15:35	2006-08-9	Show	GitHub Exploit DB Packet Storm

240553	2.6	注意	マイクロソフト	-	Microsoft Windows XP SP2 の gdiplus.dll におけるサービス運用妨害 (DoS) の脆弱性	-	CVE-2006-4066	2012-09-25 15:35	2006-08-9	Show	GitHub Exploit DB Packet Storm

240554	7.5	危険	mitch murray	-	Mitch Murray Eremove の gui.cpp におけるバッファオーバーフローの脆弱性	-	CVE-2006-4057	2012-09-25 15:35	2006-08-9	Show	GitHub Exploit DB Packet Storm

240555	7.5	危険	netious cms	-	Netious CMS における管理セクションへのアクセス権を取得される脆弱性	-	CVE-2006-4048	2012-09-25 15:35	2006-08-9	Show	GitHub Exploit DB Packet Storm

240556	7.5	危険	netious cms	-	Netious CMS の index.php における SQL インジェクションの脆弱性	-	CVE-2006-4047	2012-09-25 15:35	2006-08-9	Show	GitHub Exploit DB Packet Storm

240557	7.5	危険	open cubic player	-	Open Cubic Player におけるスタックベースのバッファオーバーフローの脆弱性	-	CVE-2006-4046	2012-09-25 15:35	2006-08-9	Show	GitHub Exploit DB Packet Storm

240558	5	警告	mywebland	-	myWebland myBloggie の index.php における重要な情報を取得される脆弱性	-	CVE-2006-4043	2012-09-25 15:35	2006-08-9	Show	GitHub Exploit DB Packet Storm

240559	7.5	危険	mywebland	-	myWebland myBloggie の trackback.php における SQL インジェクションの脆弱性	CWE-89 SQLインジェクション	CVE-2006-4042	2012-09-25 15:35	2006-08-9	Show	GitHub Exploit DB Packet Storm

240560	7.5	危険	mywebland	-	myWebland myEvent の myevent.php における PHP リモートファイルインクルージョンの脆弱性	-	CVE-2006-4040	2012-09-25 15:35	2006-08-9	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:May 22, 2026, 4:08 a.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
267101	9.8	CRITICAL Network	apache	struts	XSLTResult in Apache Struts 2.x before 2.3.20.2, 2.3.24.x before 2.3.24.2, and 2.3.28.x before 2.3.28.1 allows remote attackers to execute arbitrary code via the stylesheet location parameter.	CWE-20 Improper Input Validation	CVE-2016-3082	2024-11-21 11:49	2016-04-26	Show	GitHub Exploit DB Packet Storm

267102	8.1	HIGH Network	apache oracle	struts siebel_e-billing	Apache Struts 2.3.19 to 2.3.20.2, 2.3.21 to 2.3.24.1, and 2.3.25 to 2.3.28, when Dynamic Method Invocation is enabled, allow remote attackers to execute arbitrary code via method: prefix, related to …	CWE-77 Command Injection	CVE-2016-3081	2024-11-21 11:49	2016-04-26	Show	GitHub Exploit DB Packet Storm

267103	9.8	CRITICAL Network	libgd debian fedoraproject canonical opensuse php	libgd debian_linux fedora ubuntu_linux opensuse php	Integer signedness error in GD Graphics Library 2.1.1 (aka libgd or libgd2) allows remote attackers to cause a denial of service (crash) or potentially execute arbitrary code via crafted compressed g…	CWE-681 Incorrect Conversion between Numeric Types	CVE-2016-3074	2024-11-21 11:49	2016-04-26	Show	GitHub Exploit DB Packet Storm

267104	6.1	MEDIUM Network	blackberry	enterprise_server	Cross-site scripting (XSS) vulnerability in the Management Console in BlackBerry Enterprise Server (BES) 12 before 12.4.1 allows remote attackers to inject arbitrary web script or HTML via a crafted …	CWE-79 Cross-site Scripting	CVE-2016-3126	2024-11-21 11:49	2016-04-23	Show	GitHub Exploit DB Packet Storm

267105	4.6	MEDIUM Physics	lexmark	printer_firmware	Lexmark printers with firmware ATL before ATL.021.063, CB before CB.021.063, PP before PP.021.063, and YK before YK.021.063 mishandle Erase Printer Memory and Erase Hard Disk actions, which allows ph…	CWE-200 Information Exposure	CVE-2016-3145	2024-11-21 11:49	2016-04-22	Show	GitHub Exploit DB Packet Storm

267106	7.5	HIGH Network	opensuse cairographics	opensuse cairo	The fill_xrgb32_lerp_opaque_spans function in cairo-image-compositor.c in cairo before 1.14.2 allows remote attackers to cause a denial of service (out-of-bounds read and application crash) via a neg…	CWE-119 Incorrect Access of Indexable Resource ('Range Error')	CVE-2016-3190	2024-11-21 11:49	2016-04-21	Show	GitHub Exploit DB Packet Storm

267107	6.4	MEDIUM Network	oracle	agile_product_lifecycle_management_framework	Unspecified vulnerability in the Oracle Agile PLM component in Oracle Supply Chain Products Suite 9.3.1.1, 9.3.1.2, 9.3.2, and 9.3.3 allows remote authenticated users to affect confidentiality and in…	NVD-CWE-noinfo	CVE-2016-3431	2024-11-21 11:49	2016-04-21	Show	GitHub Exploit DB Packet Storm

267108	4.5	MEDIUM Physics	oracle	retail_xstore_point_of_service	Unspecified vulnerability in the Oracle Retail Xstore Point of Service component in Oracle Retail Applications 5.0, 5.5, 6.0, 6.5, 7.0, and 7.1 allows remote authenticated users to affect confidentia…	NVD-CWE-noinfo	CVE-2016-3429	2024-11-21 11:49	2016-04-21	Show	GitHub Exploit DB Packet Storm

267109	3.1	LOW Adjacent	oracle	agile_engineering_data_management	Unspecified vulnerability in the Oracle Agile Engineering Data Management component in Oracle Supply Chain Products Suite 6.1.3.0 and 6.2.0.0 allows remote attackers to affect availability via vector…	NVD-CWE-noinfo	CVE-2016-3428	2024-11-21 11:49	2016-04-21	Show	GitHub Exploit DB Packet Storm

267110	3.1	LOW Network	oracle	jdk jre	Unspecified vulnerability in Oracle Java SE 8u77 and Java SE Embedded 8u77 allows remote attackers to affect confidentiality via vectors related to JCE.	NVD-CWE-noinfo	CVE-2016-3426	2024-11-21 11:49	2016-04-21	Show	GitHub Exploit DB Packet Storm