Vulnerability Search Top

Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

Vulnerability Information Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":June 3, 2026, 6:08 p.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
240581	6.8	警告	pensacola web designs	-	Xtreme ASP Photo Gallery におけるクロスサイトスクリプティングの脆弱性	-	CVE-2006-6936	2012-09-25 15:36	2007-01-16	Show	GitHub Exploit DB Packet Storm

240582	7.5	危険	image gallery with access database	-	Access Database を持つ Image Gallery における SQL インジェクションの脆弱性	-	CVE-2006-6932	2012-09-25 15:36	2007-01-16	Show	GitHub Exploit DB Packet Storm

240583	5	警告	Mozilla Foundation	-	Mozilla Firefox におけるフィッシングの保護メカニズムを回避される脆弱性	CWE-20 不適切な入力確認	CVE-2006-6971	2012-09-25 15:36	2006-10-11	Show	GitHub Exploit DB Packet Storm

240584	10	危険	karl dahlke	-	Karl Dahlke Edbrowse の http.c におけるスタックベースのバッファオーバーフローの脆弱性	-	CVE-2006-6909	2012-09-25 15:36	2006-12-31	Show	GitHub Exploit DB Packet Storm

240585	10	危険	マイクロソフト	-	Microsoft Windows Mobile Pocket PC edition の Bluetooth スタックにおける管理者のアクセス権限を取得される脆弱性	-	CVE-2006-6902	2012-09-25 15:36	2006-12-31	Show	GitHub Exploit DB Packet Storm

240586	4.3	警告	Opera Software ASA	-	Opera におけるサービス運用妨害 (DoS) の脆弱性	CWE-20 不適切な入力確認	CVE-2006-6955	2012-09-25 15:36	2004-04-6	Show	GitHub Exploit DB Packet Storm

240587	10	危険	マイクロソフト	-	Microsoft Windows の Bluetooth スタックにおける管理者のアクセス権限を取得される脆弱性	-	CVE-2006-6901	2012-09-25 15:36	2006-12-31	Show	GitHub Exploit DB Packet Storm

240588	6.8	警告	jonathon freeman	-	Jonathon J. Freeman OvBB の online.php の GetLocation 関数におけるクロスサイトスクリプティングの脆弱性	-	CVE-2006-6892	2012-09-25 15:36	2006-12-31	Show	GitHub Exploit DB Packet Storm

240589	6.8	警告	logahead	-	logahead UNU における任意の PHP コードを実行される脆弱性	CWE-94 コード・インジェクション	CVE-2006-6887	2012-09-25 15:36	2006-12-31	Show	GitHub Exploit DB Packet Storm

240590	4.3	警告	macromedia	-	Macromedia Shockwave の SwDir.dll におけるサービス運用妨害 (DoS) の脆弱性	-	CVE-2006-6885	2012-09-25 15:36	2006-12-31	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:June 3, 2026, 4:18 a.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
269151	8.8	HIGH Network	kallithea-scm	kallithea	Routes in Kallithea before 0.3.2 allows remote attackers to bypass the CSRF protection by using the GET HTTP request method.	CWE-352 Origin Validation Error	CVE-2016-3691	2024-11-21 11:50	2017-04-25	Show	GitHub Exploit DB Packet Storm

269152	5.3	MEDIUM Network	redhat	cloudforms_management_engine	Padding oracle flaw in CloudForms Management Engine (aka CFME) 5 allows remote attackers to obtain sensitive cleartext information.	CWE-200 Information Exposure	CVE-2016-3702	2024-11-21 11:50	2017-04-22	Show	GitHub Exploit DB Packet Storm

269153	8.8	HIGH Network	moodle	moodle	Cross-site request forgery (CSRF) vulnerability in markposts.php in Moodle 3.0 through 3.0.3, 2.9 through 2.9.5, 2.8 through 2.8.11, 2.7 through 2.7.13 and earlier allows remote attackers to hijack t…	CWE-352 Origin Validation Error	CVE-2016-3734	2024-11-21 11:50	2017-04-21	Show	GitHub Exploit DB Packet Storm

269154	4.3	MEDIUM Network	moodle	moodle	The "restore teacher" feature in Moodle 3.0 through 3.0.3, 2.9 through 2.9.5, 2.8 through 2.8.11, 2.7 through 2.7.13, and earlier allows remote authenticated users to overwrite the course idnumber.	CWE-284 Improper Access Control	CVE-2016-3733	2024-11-21 11:50	2017-04-21	Show	GitHub Exploit DB Packet Storm

269155	4.3	MEDIUM Network	moodle	moodle	The capability check to access other badges in Moodle 3.0 through 3.0.3, 2.9 through 2.9.5, 2.8 through 2.8.11, 2.7 through 2.7.13, and earlier allows remote authenticated users to read the badges of…	CWE-200 Information Exposure	CVE-2016-3732	2024-11-21 11:50	2017-04-21	Show	GitHub Exploit DB Packet Storm

269156	5.3	MEDIUM Network	moodle	moodle	Moodle 3.0 through 3.0.3, 2.9 through 2.9.5, and 2.8 through 2.8.11 allows remote attackers to obtain the names of hidden forums and forum discussions.	CWE-200 Information Exposure	CVE-2016-3731	2024-11-21 11:50	2017-04-21	Show	GitHub Exploit DB Packet Storm

269157	6.5	MEDIUM Network	moodle	moodle	The user editing form in Moodle 3.0 through 3.0.3, 2.9 through 2.9.5, 2.8 through 2.8.11, 2.7 through 2.7.13, and earlier allows remote authenticated users to edit profile fields locked by the admini…	CWE-284 Improper Access Control	CVE-2016-3729	2024-11-21 11:50	2017-04-21	Show	GitHub Exploit DB Packet Storm

269158	7.8	HIGH Local	foxitsoftware	foxit_reader	Heap-based buffer overflow in the CreateFXPDFConvertor function in ConvertToPdf_x86.dll in Foxit Reader 7.3.4.311 allows remote attackers to execute arbitrary code via a large SamplesPerPixel value i…	CWE-119 Incorrect Access of Indexable Resource ('Range Error')	CVE-2016-3740	2024-11-21 11:50	2017-04-5	Show	GitHub Exploit DB Packet Storm

269159	9.8	CRITICAL Network	modified	ecommerce_shopsoftware	Multiple SQL injection vulnerabilities in modified eCommerce Shopsoftware 2.0.0.0 revision 9678, when the easybill-module is not installed, allow remote attackers to execute arbitrary SQL commands vi…	CWE-89 SQL Injection	CVE-2016-3694	2024-11-21 11:50	2017-02-16	Show	GitHub Exploit DB Packet Storm

269160	8.8	HIGH Network	libjpeg-turbo redhat debian canonical	libjpeg-turbo enterprise_linux debian_linux ubuntu_linux	The cjpeg utility in libjpeg allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) or execute arbitrary code via a crafted file.	CWE-476 NULL Pointer Dereference	CVE-2016-3616	2024-11-21 11:50	2017-02-14	Show	GitHub Exploit DB Packet Storm