Vulnerability Search Top

Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

Vulnerability Information Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":May 28, 2026, 6 p.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
240831	7.5	危険	john andersson	-	ZIXForum の ReplyNew.asp における SQL インジェクションの脆弱性	-	CVE-2006-4612	2012-09-25 15:35	2006-09-6	Show	GitHub Exploit DB Packet Storm

240832	6.8	警告	longino	-	Longino Jacome php-Revista におけるクロスサイトスクリプティングの脆弱性	-	CVE-2006-4608	2012-09-25 15:35	2006-09-6	Show	GitHub Exploit DB Packet Storm

240833	7.5	危険	longino	-	Longino Jacome php-Revista の admin/index.php における認証コントロールを回避される脆弱性	-	CVE-2006-4607	2012-09-25 15:35	2006-09-6	Show	GitHub Exploit DB Packet Storm

240834	7.5	危険	longino	-	Longino Jacome php-Revista における SQL インジェクションの脆弱性	-	CVE-2006-4606	2012-09-25 15:35	2006-09-6	Show	GitHub Exploit DB Packet Storm

240835	7.5	危険	longino	-	Longino Jacome php-Revista の index.php における PHP リモートファイルインクルージョンの脆弱性	-	CVE-2006-4605	2012-09-25 15:35	2006-09-6	Show	GitHub Exploit DB Packet Storm

240836	7.5	危険	lanifex	-	Lanifex DMO の LFXlib/access_manager.php における PHP リモートファイルインクルージョンの脆弱性	-	CVE-2006-4604	2012-09-25 15:35	2006-09-6	Show	GitHub Exploit DB Packet Storm

240837	7.5	危険	NCH Software	-	NCH Swift Sound Web Dictate における認証を回避される脆弱性	-	CVE-2006-4603	2012-09-25 15:35	2006-09-6	Show	GitHub Exploit DB Packet Storm

240838	7.5	危険	icblogger	-	ICBlogger の devam.asp における SQL インジェクションの脆弱性	-	CVE-2006-4597	2012-09-25 15:35	2006-09-6	Show	GitHub Exploit DB Packet Storm

240839	5.1	警告	mybace light	-	MyBace Light Skrip における PHP リモートファイルインクルージョンの脆弱性	-	CVE-2006-4596	2012-09-25 15:35	2006-09-6	Show	GitHub Exploit DB Packet Storm

240840	5	警告	muforum	-	muforum におけるユーザ名など重要な情報を取得される脆弱性	CWE-200 情報漏えい	CVE-2006-4595	2012-09-25 15:35	2006-09-6	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:May 29, 2026, 4:16 a.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
266311	9.8	CRITICAL Network	sap	trex	Directory traversal vulnerability in SAP TREX 7.10 Revision 63 allows remote attackers to read arbitrary files via unspecified vectors, aka SAP Security Note 2203591.	CWE-22 Path Traversal	CVE-2016-6138	2024-11-21 11:55	2016-08-5	Show	GitHub Exploit DB Packet Storm

266312	6.2	MEDIUM Local	xen citrix	xen xenserver	Xen 4.5.x through 4.7.x do not implement Supervisor Mode Access Prevention (SMAP) whitelisting in 32-bit exception and event delivery, which allows local 32-bit PV guest OS kernels to cause a denial …	CWE-20 Improper Input Validation	CVE-2016-6259	2024-11-21 11:55	2016-08-3	Show	GitHub Exploit DB Packet Storm

266313	8.8	HIGH Local	xen citrix	xen xenserver	The PV pagetable code in arch/x86/mm.c in Xen 4.7.x and earlier allows local 32-bit PV guest OS administrators to gain host OS privileges by leveraging fast-paths for updating pagetable entries.	CWE-284 Improper Access Control	CVE-2016-6258	2024-11-21 11:55	2016-08-3	Show	GitHub Exploit DB Packet Storm

266314	7.5	HIGH Network	canonical kde	ubuntu_linux karchives	Directory traversal vulnerability in KArchive before 5.24, as used in KDE Frameworks, allows remote attackers to write to arbitrary files via a ../ (dot dot slash) in a filename in an archive file, r…	CWE-22 Path Traversal	CVE-2016-6232	2024-11-21 11:55	2016-08-3	Show	GitHub Exploit DB Packet Storm

266315	7.8	HIGH Local	huawei	p8_smartphone_firmware	Buffer overflow in the Wi-Fi driver in Huawei P8 smartphones with software before GRA-CL00C92B363 allows attackers to cause a denial of service (system crash) or gain privileges via a crafted applica…	CWE-264 NVD-CWE-noinfo Permissions, Privileges, and Access Controls	CVE-2016-6193	2024-11-21 11:55	2016-08-3	Show	GitHub Exploit DB Packet Storm

266316	7.3	HIGH Local	huawei	p8_smartphone_firmware	Buffer overflow in the Wi-Fi driver in Huawei P8 smartphones with software before GRA-CL00C92B363 allows attackers to cause a denial of service (system crash) or gain privileges via a crafted applica…	CWE-264 Permissions, Privileges, and Access Controls	CVE-2016-6192	2024-11-21 11:55	2016-08-3	Show	GitHub Exploit DB Packet Storm

266317	9.8	CRITICAL Network	huawei	ne5000e_firmware cloudengine_12800_firmware ptn_6900-2-m8_firmware cx600_firmware ne40e_firmware	Huawei NE40E and CX600 devices with software before V800R007SPH017; PTN 6900-2-M8 devices with software before V800R007SPH019; NE5000E devices with software before V800R006SPH018; and CloudEngine dev…	CWE-20 Improper Input Validation	CVE-2016-6178	2024-11-21 11:55	2016-08-3	Show	GitHub Exploit DB Packet Storm

266318	6.5	MEDIUM Adjacent	amazonbasics dell logitech lenovo	firmware km714_firmware km632_firmware unifying_firmware ultraslim_firmware	The firmware in Lenovo Ultraslim dongles, as used with Lenovo Liteon SK-8861, Ultraslim Wireless, and Silver Silk keyboards and Liteon ZTM600 and Ultraslim Wireless mice, does not enforce incrementin…	CWE-310 Cryptographic Issues	CVE-2016-6257	2024-11-21 11:55	2016-08-2	Show	GitHub Exploit DB Packet Storm

266319	7.8	HIGH Local	perl fedoraproject debian oracle canonical	perl fedora debian_linux solaris ubuntu_linux	The XSLoader::load method in XSLoader in Perl does not properly locate .so files when called in a string eval, which might allow local users to execute arbitrary code via a Trojan horse library under…	NVD-CWE-noinfo	CVE-2016-6185	2024-11-21 11:55	2016-08-2	Show	GitHub Exploit DB Packet Storm

266320	8.8	HIGH Network	ca broadcom	ehealth	CA eHealth 6.2.x and 6.3.x before 6.3.2.13 allows remote authenticated users to cause a denial of service or possibly execute arbitrary commands via unspecified vectors.	NVD-CWE-noinfo	CVE-2016-6152	2024-11-21 11:55	2016-07-26	Show	GitHub Exploit DB Packet Storm