Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":May 31, 2026, 6 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
241001 2.6 注意 Irfan Skiljan - IrfanView におけるサービス運用妨害 (DoS) の脆弱性 - CVE-2006-4374 2012-09-25 15:35 2006-08-26 Show GitHub Exploit DB Packet Storm
241002 2.6 注意 integramod - IntegraMOD Portal の includes/functions_portal.php における絶対パストラバーサルの脆弱性 - CVE-2006-4369 2012-09-25 15:35 2006-08-26 Show GitHub Exploit DB Packet Storm
241003 7.5 危険 integramod - IntegraMOD Portal における PHP リモートファイルインクルージョンの脆弱性 - CVE-2006-4368 2012-09-25 15:35 2006-08-26 Show GitHub Exploit DB Packet Storm
241004 2.1 注意 MySQL AB - MySQL におけるサービス運用妨害 (DoS) の脆弱性 - CVE-2006-4380 2012-09-25 15:35 2005-06-17 Show GitHub Exploit DB Packet Storm
241005 7.5 危険 phome empire - Phome Empire CMS の e/class/CheckLevel.php における PHP リモートファイルインクルージョンの脆弱性 - CVE-2006-4354 2012-09-25 15:35 2006-08-26 Show GitHub Exploit DB Packet Storm
241006 6.8 警告 OneOrZero - OneOrZero の index.php におけるクロスサイトスクリプティングの脆弱性 - CVE-2006-4351 2012-09-25 15:35 2006-08-24 Show GitHub Exploit DB Packet Storm
241007 7.5 危険 OneOrZero - OneOrZero の index.php における SQL インジェクションの脆弱性 - CVE-2006-4350 2012-09-25 15:35 2006-08-24 Show GitHub Exploit DB Packet Storm
241008 7.5 危険 kochsuite component - Mambo の kochsuite コンポーネントにおける PHP リモートファイルインクルージョンの脆弱性 - CVE-2006-4348 2012-09-25 15:35 2006-08-24 Show GitHub Exploit DB Packet Storm
241009 7.5 危険 jiran - Cool Manager の Cool_CoolD.exe における SQL インジェクションの脆弱性 - CVE-2006-4347 2012-09-25 15:35 2006-08-24 Show GitHub Exploit DB Packet Storm
241010 7.5 危険 ジャストシステム - ジャストシステムの一太郎などの製品におけるスタックベースのバッファオーバーフローの脆弱性 CWE-119
バッファエラー 		CVE-2006-4326 2012-09-25 15:35 2006-08-23 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:May 31, 2026, 4:16 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
285091 - openstack
canonical 		keystone
ubuntu_linux 		The V3 API in OpenStack Identity (Keystone) 2014.1.x before 2014.1.2.1 and Juno before Juno-3 updates the issued_at value for UUID v2 tokens, which allows remote authenticated users to bypass the tok… CWE-255
Credentials Management 		CVE-2014-5252 2024-11-21 11:11 2014-08-25 Show GitHub Exploit DB Packet Storm
285092 - openstack
canonical 		keystone
ubuntu_linux 		The MySQL token driver in OpenStack Identity (Keystone) 2014.1.x before 2014.1.2.1 and Juno before Juno-3 stores timestamps with the incorrect precision, which causes the expiration comparison for to… CWE-255
Credentials Management 		CVE-2014-5251 2024-11-21 11:11 2014-08-25 Show GitHub Exploit DB Packet Storm
285093 - php php gd_ctx.c in the GD component in PHP 5.4.x before 5.4.32 and 5.5.x before 5.5.16 does not ensure that pathnames lack %00 sequences, which might allow remote attackers to overwrite arbitrary files via … CWE-20
 Improper Input Validation  		CVE-2014-5120 2024-11-21 11:11 2014-08-23 Show GitHub Exploit DB Packet Storm
285094 - mediawiki mediawiki MediaWiki before 1.19.18, 1.20.x through 1.22.x before 1.22.9, and 1.23.x before 1.23.2 does not enforce an IFRAME protection mechanism for transcluded pages, which makes it easier for remote attacke… CWE-20
 Improper Input Validation  		CVE-2014-5243 2024-11-21 11:11 2014-08-23 Show GitHub Exploit DB Packet Storm
285095 - mediawiki mediawiki Cross-site scripting (XSS) vulnerability in mediawiki.page.image.pagination.js in MediaWiki 1.22.x before 1.22.9 and 1.23.x before 1.23.2 allows remote attackers to inject arbitrary web script or HTM… CWE-79
Cross-site Scripting 		CVE-2014-5242 2024-11-21 11:11 2014-08-23 Show GitHub Exploit DB Packet Storm
285096 - mediawiki mediawiki The JSONP endpoint in includes/api/ApiFormatJson.php in MediaWiki before 1.19.18, 1.20.x through 1.22.x before 1.22.9, and 1.23.x before 1.23.2 accepts certain long callback values and does not restr… CWE-352
 Origin Validation Error 		CVE-2014-5241 2024-11-21 11:11 2014-08-23 Show GitHub Exploit DB Packet Storm
285097 - schrack technik_microcontrol_firmware
technik_microcontrol 		The web interface in Schrack Technik microControl with firmware before 1.7.0 (937) has a hardcoded password of not for the "user" account, which makes it easier for remote attackers to obtain access … NVD-CWE-Other
CVE-2014-5396 2024-11-21 11:11 2014-08-22 Show GitHub Exploit DB Packet Storm
285098 - wp_content_source_control_project wp_content_source_control Directory traversal vulnerability in the file_get_contents function in downloadfiles/download.php in the WP Content Source Control (wp-source-control) plugin 3.0.0 and earlier for WordPress allows re… CWE-22
Path Traversal 		CVE-2014-5368 2024-11-21 11:11 2014-08-22 Show GitHub Exploit DB Packet Storm
285099 - check_mk_project check_mk Multiple cross-site scripting (XSS) vulnerabilities in the multisite component in Check_MK before 1.2.4p4 and 1.2.5 before 1.2.5i4 allow remote authenticated users to inject arbitrary web script or H… CWE-79
Cross-site Scripting 		CVE-2014-5338 2024-11-21 11:11 2014-08-22 Show GitHub Exploit DB Packet Storm
285100 - cacti cacti SQL injection vulnerability in the graph settings script (graph_settings.php) in Cacti 0.8.8b and earlier allows remote attackers to execute arbitrary SQL commands via unspecified vectors. CWE-89
SQL Injection 		CVE-2014-5262 2024-11-21 11:11 2014-08-22 Show GitHub Exploit DB Packet Storm