Vulnerability Search Top

Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

Vulnerability Information Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":Feb. 9, 2026, 12:59 p.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
242751	7.5	危険	der dirigent	-	DeDi における PHP リモートファイルインクルージョンの脆弱性	CWE-94 コード・インジェクション	CVE-2006-5507	2012-06-26 15:37	2006-10-25	Show	GitHub Exploit DB Packet Storm

242752	7.5	危険	ben3w	-	2BGal における PHP リモートファイルインクルージョンの脆弱性	-	CVE-2006-5505	2012-06-26 15:37	2006-10-25	Show	GitHub Exploit DB Packet Storm

242753	7.5	危険	AOL	-	AOL Security Edition の YGPPicDownload.dll におけるヒープベースのバッファオーバーフローの脆弱性	-	CVE-2006-5502	2012-06-26 15:37	2006-10-25	Show	GitHub Exploit DB Packet Storm

242754	7.5	危険	AOL	-	AOL Security Edition の YGPPicDownload.dll におけるバッファオーバーフローの脆弱性	-	CVE-2006-5501	2012-06-26 15:37	2006-10-25	Show	GitHub Exploit DB Packet Storm

242755	7.5	危険	digitalhive	-	DigitalHive の template/purpletech/base_include.php における PHP リモートファイルインクルージョンの脆弱性	-	CVE-2006-5493	2012-06-26 15:37	2006-10-25	Show	GitHub Exploit DB Packet Storm

242756	7.5	危険	ceary	-	UltraCMS の include/index.php における SQL インジェクションの脆弱性	-	CVE-2006-5491	2012-06-26 15:37	2006-10-25	Show	GitHub Exploit DB Packet Storm

242757	2.1	注意	FreeBSD	-	FreeBSD の p1003_1b.c における不特定のサービス運用妨害 (DoS) の脆弱性	-	CVE-2006-5483	2012-06-26 15:37	2006-05-20	Show	GitHub Exploit DB Packet Storm

242758	2.1	注意	FreeBSD	-	FreeBSD の ufs_vnops.c におけるサービス運用妨害 (DoS) の脆弱性	-	CVE-2006-5482	2012-06-26 15:37	2006-05-31	Show	GitHub Exploit DB Packet Storm

242759	7.5	危険	Castor Project	-	2le.net Castor PHP Web Builder における PHP リモートファイルインクルージョンの脆弱性	CWE-94 コード・インジェクション	CVE-2006-5481	2012-06-26 15:37	2006-10-24	Show	GitHub Exploit DB Packet Storm

242760	5.1	警告	Castor Project	-	2le.net Castor PHP Web Builder の lib/rs.php における PHP リモートファイルインクルージョンの脆弱性	CWE-94 コード・インジェクション	CVE-2006-5480	2012-06-26 15:37	2006-10-24	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:April 26, 2026, 4:08 a.m.

No	CVSS	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
288351	-	bea	weblogic_server	Multiple cross-site scripting (XSS) vulnerabilities in BEA WebLogic Server and WebLogic Express 9.0, 8.1 SP4 and earlier, 7.0 SP6 and earlier, and 6.1 SP7 and earlier allow remote attackers to inject…	NVD-CWE-Other	CVE-2005-4751	2018-09-28 06:39	2005-12-31	Show	GitHub Exploit DB Packet Storm

288352	-	bea	weblogic_server	BEA WebLogic Server and WebLogic Express 8.1 SP4 and earlier, and 7.0 SP6 and earlier, might allow local users to gain privileges by using the run-as deployment descriptor element to change the privi…	NVD-CWE-Other	CVE-2005-4752	2018-09-28 06:39	2005-12-31	Show	GitHub Exploit DB Packet Storm

288353	-	bea	weblogic_server	BEA WebLogic Server and WebLogic Express 8.1 SP4 and earlier, and 7.0 SP6 and earlier, in certain "heavy usage" scenarios, report incorrect severity levels for an audit event, which might allow attac…	NVD-CWE-Other	CVE-2005-4753	2018-09-28 06:39	2005-12-31	Show	GitHub Exploit DB Packet Storm

288354	-	bea	weblogic_server	BEA WebLogic Server and WebLogic Express 8.1 SP3 and earlier allow remote attackers to obtain sensitive information (intranet IP addresses) via unknown attack vectors involving "network address trans…	NVD-CWE-Other	CVE-2005-4754	2018-09-28 06:38	2005-12-31	Show	GitHub Exploit DB Packet Storm

288355	-	bea	weblogic_server	BEA WebLogic Server and WebLogic Express 8.1 SP3 and earlier (1) stores the private key passphrase (CustomTrustKeyStorePassPhrase) in cleartext in nodemanager.config; or, during domain creation with …	NVD-CWE-Other	CVE-2005-4755	2018-09-28 06:38	2005-12-31	Show	GitHub Exploit DB Packet Storm

288356	-	bea	weblogic_server	BEA WebLogic Server and WebLogic Express 8.1 SP4 and earlier, and 7.0 SP5 and earlier, do not properly validate derived Principals with multiple PrincipalValidators, which might allow attackers to ga…	NVD-CWE-Other	CVE-2005-4756	2018-09-28 06:38	2005-12-31	Show	GitHub Exploit DB Packet Storm

288357	-	bea	weblogic_server	BEA WebLogic Server and WebLogic Express 8.1 SP3 and earlier, and 7.0 SP5 and earlier, do not properly "constrain" a "/" (slash) servlet root URL pattern, which might allow remote attackers to bypass…	NVD-CWE-Other	CVE-2005-4757	2018-09-28 06:38	2005-12-31	Show	GitHub Exploit DB Packet Storm

288358	-	bea	weblogic_server	Unspecified vulnerability in the Administration server in BEA WebLogic Server and WebLogic Express 8.1 SP3 and earlier allows remote authenticated Admin users to read arbitrary files via unknown atta…	NVD-CWE-Other	CVE-2005-4758	2018-09-28 06:38	2005-12-31	Show	GitHub Exploit DB Packet Storm

288359	-	bea	weblogic_server	BEA WebLogic Server and WebLogic Express 8.1 SP3 and earlier, and 7.0 SP5 and earlier, when fullyDelegatedAuthorization is enabled for a servlet, does not cause servlet deployment to fail when failur…	NVD-CWE-Other	CVE-2005-4760	2018-09-28 06:38	2005-12-31	Show	GitHub Exploit DB Packet Storm

288360	-	ez	ez_publish	The siteaccess URIMatching implementation in eZ publish 3.5 through 3.8 before 20050812 converts all non-alphanumeric characters in a URI to '_' (underscore), which allows remote attackers to bypass …	CWE-264 Permissions, Privileges, and Access Controls	CVE-2005-4852	2018-09-28 06:38	2005-12-31	Show	GitHub Exploit DB Packet Storm