Vulnerability Search Top

Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

Vulnerability Information Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":June 2, 2026, 6 p.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
240651	2.1	注意	pam extern	-	PAM_extern におけるパスワードを取得される脆弱性	-	CVE-2006-5659	2012-09-25 15:36	2006-11-2	Show	GitHub Exploit DB Packet Storm

240652	7.5	危険	Free Document Management Software	-	OpenDocMan の index.php における SQL インジェクションの脆弱性	-	CVE-2006-5655	2012-09-25 15:36	2006-11-2	Show	GitHub Exploit DB Packet Storm

240653	10	危険	nmnlogger	-	NmnLogger における脆弱性	-	CVE-2006-5642	2012-09-25 15:36	2006-10-31	Show	GitHub Exploit DB Packet Storm

240654	7.5	危険	openwbem	-	Web Based Enterprise Management の乱数のジェネレータにおける権限を取得される脆弱性	-	CVE-2006-5639	2012-09-25 15:36	2006-10-31	Show	GitHub Exploit DB Packet Storm

240655	5	警告	Mozilla Foundation	-	Firefox などにおけるサービス運用妨害 (DoS) の脆弱性	-	CVE-2006-5633	2012-09-25 15:36	2006-10-30	Show	GitHub Exploit DB Packet Storm

240656	6.8	警告	ig shop	-	iG Shop の change_pass.php におけるクロスサイトスクリプティングの脆弱性	-	CVE-2006-5632	2012-09-25 15:36	2006-10-31	Show	GitHub Exploit DB Packet Storm

240657	6.8	警告	ig shop	-	iG Shop の change_pass.php におけるクロスサイトスクリプティングの脆弱性	-	CVE-2006-5631	2012-09-25 15:36	2006-10-31	Show	GitHub Exploit DB Packet Storm

240658	7.5	危険	hosting controller	-	Hosting Controller におけるサイトの仮想ディレクトリを削除される脆弱性	-	CVE-2006-5630	2012-09-25 15:36	2006-10-31	Show	GitHub Exploit DB Packet Storm

240659	7.5	危険	hosting controller	-	Hosting Controller における SQL インジェクションの脆弱性	CWE-89 SQLインジェクション	CVE-2006-5629	2012-09-25 15:36	2006-10-31	Show	GitHub Exploit DB Packet Storm

240660	5.1	警告	nx	-	N/X 2002 Professional Edition WCMS における PHP リモートファイルインクルージョンの脆弱性	-	CVE-2006-5625	2012-09-25 15:36	2006-10-31	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:June 2, 2026, 4:18 a.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
266301	9.8	CRITICAL Network	dlink	dir-823_firmware dir-822_firmware dir-818l\(w\)_firmware dir-895l_firmware dir-890l_firmware dir-885l_firmware dir-880l_firmware dir-868l_firmware dir-850l_firmware	Processing malformed SOAP messages when performing the HNAP Login action causes a buffer overflow in the stack in some D-Link DIR routers. The vulnerable XML fields within the SOAP body are: Action, …	CWE-119 Incorrect Access of Indexable Resource ('Range Error')	CVE-2016-6563	2024-11-21 11:56	2018-07-14	Show	GitHub Exploit DB Packet Storm

266302	9.8	CRITICAL Network	freebsd	freebsd	Improper bounds checking of the obuf variable in the link_ntoa() function in linkaddr.c of the BSD libc library may allow an attacker to read or write from memory. The full impact and severity depend…	CWE-119 Incorrect Access of Indexable Resource ('Range Error')	CVE-2016-6559	2024-11-21 11:56	2018-07-14	Show	GitHub Exploit DB Packet Storm

266303	9.8	CRITICAL Network	asus	rp-ac52_firmware ea-n66_firmware rp-n12_firmware rp-n14_firmware rp-n53_firmware rp-ac56_firmware wmp-n12_firmware	A command injection vulnerability exists in apply.cgi on the ASUS RP-AC52 access point, firmware version 1.0.1.1s and possibly earlier, web interface specifically in the action_script parameter. The …	CWE-77 Command Injection	CVE-2016-6558	2024-11-21 11:56	2018-07-14	Show	GitHub Exploit DB Packet Storm

266304	8.8	HIGH Network	asus	rp-ac52_firmware ea-n66_firmware rp-n12_firmware rp-n14_firmware rp-n53_firmware rp-ac56_firmware wmp-n12_firmware	In ASUS RP-AC52 access points with firmware version 1.0.1.1s and possibly earlier, the web interface, the web interface does not sufficiently verify whether a valid request was intentionally provided…	CWE-352 Origin Validation Error	CVE-2016-6557	2024-11-21 11:56	2018-07-14	Show	GitHub Exploit DB Packet Storm

266305	8.8	HIGH Adjacent	thetrackr	trackr_bravo_firmware	TrackR Bravo device allows unauthenticated pairing, which enables unauthenticated connected applications to write to various device attributes. Updated apps, version 5.1.6 for iOS and 2.2.5 for Andro…	CWE-287 Improper Authentication	CVE-2016-6541	2024-11-21 11:56	2018-07-7	Show	GitHub Exploit DB Packet Storm

266306	6.5	MEDIUM Adjacent	thetrackr	trackr_bravo_firmware	Unauthenticated access to the cloud-based service maintained by TrackR Bravo is allowed for querying or sending GPS data for any Trackr device by using the tracker ID number which can be discovered a…	CWE-200 Information Exposure	CVE-2016-6540	2024-11-21 11:56	2018-07-7	Show	GitHub Exploit DB Packet Storm

266307	8.8	HIGH Adjacent	thetrackr	trackr_bravo_firmware	The TrackR Bravo mobile app stores the account password used to authenticate to the cloud API in cleartext in the cache.db file. Updated apps, version 5.1.6 for iOS and 2.2.5 for Android, have been r…	CWE-255 CWE-200 Credentials Management Information Exposure	CVE-2016-6538	2024-11-21 11:56	2018-07-7	Show	GitHub Exploit DB Packet Storm

266308	3.5	LOW Adjacent	thetrackr	trackr_firmware	The Trackr device ID is constructed of a manufacturer identifier of four zeroes followed by the BLE MAC address in reverse. The MAC address can be obtained by being in close proximity to the Bluetoot…	CWE-200 Information Exposure	CVE-2016-6539	2024-11-21 11:56	2018-07-7	Show	GitHub Exploit DB Packet Storm

266309	9.6	CRITICAL Network	cloudfoundry pivotal_software	cf-release cloud_foundry_elastic_runtime	Applications in cf-release before 245 can be configured and pushed with a user-provided custom buildpack using a URL pointing to the buildpack. Although it is not recommended, a user can specify a cr…	CWE-200 Information Exposure	CVE-2016-6658	2024-11-21 11:56	2018-03-30	Show	GitHub Exploit DB Packet Storm

266310	9.8	CRITICAL Network	apache	cloudstack	Apache CloudStack 4.1 to 4.8.1.0 and 4.9.0.0 contain an API call designed to allow a user to register for the developer API. If a malicious user is able to determine the ID of another (non-"root") Cl…	NVD-CWE-noinfo	CVE-2016-6813	2024-11-21 11:56	2018-02-6	Show	GitHub Exploit DB Packet Storm