Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":July 1, 2026, 4:01 p.m.

No CVSS Level
Attach Vector
Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show
Exploit
PoC
Search
244571 5.8 警告 mkportal - MKPortal の urlobox におけるクロスサイトリクエストフォージェリの脆弱性 CWE-352
同一生成元ポリシー違反
CVE-2006-6741 2012-09-25 15:36 2006-12-26 Show GitHub Exploit DB Packet Storm
244572 7.5 危険 paristemi - Paristemi の buycd.php における PHP リモートファイルインクルージョンの脆弱性 CWE-94
コード・インジェクション
CVE-2006-6739 2012-09-25 15:36 2006-12-26 Show GitHub Exploit DB Packet Storm
244573 5 警告 obie website - Minh Nguyen Duong Obie Website Mini Web Shop における重要な情報を取得される脆弱性 CWE-200
情報漏えい
CVE-2006-6735 2012-09-25 15:36 2006-12-26 Show GitHub Exploit DB Packet Storm
244574 4.3 警告 obie website - Minh Nguyen Duong Obie Website Mini Web Shop におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS)
CVE-2006-6734 2012-09-25 15:36 2006-12-26 Show GitHub Exploit DB Packet Storm
244575 4.3 警告 osTicket - Support Cards 1 (osTicket) の support/view.php におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS)
CVE-2006-6733 2012-09-25 15:36 2006-12-26 Show GitHub Exploit DB Packet Storm
244576 6.6 警告 OpenBSD
NetBSD
- OpenBSD などにおけるセキュリティレベルを落とされる脆弱性 - CVE-2006-6730 2012-09-25 15:36 2006-12-26 Show GitHub Exploit DB Packet Storm
244577 6.4 警告 Qualia Digital Solutions - LAN Messenger の info リクエストメカニズムにおけるサービス運用妨害 (DoS) の脆弱性 - CVE-2006-6728 2012-09-25 15:36 2006-12-26 Show GitHub Exploit DB Packet Storm
244578 7.5 危険 inertianews - inertianews の inertianews_class.php における PHP リモートファイルインクルージョンの脆弱性 CWE-94
コード・インジェクション
CVE-2006-6727 2012-09-25 15:36 2006-12-26 Show GitHub Exploit DB Packet Storm
244579 7.5 危険 inertianews - inertianews の inertianews_main.php における PHP リモートファイルインクルージョンの脆弱性 CWE-94
コード・インジェクション
CVE-2006-6726 2012-09-25 15:36 2006-12-26 Show GitHub Exploit DB Packet Storm
244580 7.8 危険 マイクロソフト - Microsoft Windows 2000 SP4 などの Workstation サービスにおけるサービス運用妨害 (DoS) の脆弱性 CWE-399
リソース管理の問題
CVE-2006-6723 2012-09-25 15:36 2006-12-26 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:July 1, 2026, 4:27 a.m.

No CVSS Level
Attach Vector
Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
253101 7.0 HIGH
Local
phusion
debian
passenger
debian_linux
A race condition in the nginx module in Phusion Passenger 3.x through 5.x before 5.3.2 allows local escalation of privileges when a non-standard passenger_instance_registry_dir with insufficiently st… CWE-362
Race Condition
CVE-2018-12029 2024-11-21 12:44 2018-06-18 Show GitHub Exploit DB Packet Storm
253102 7.8 HIGH
Local
phusion passenger An Incorrect Access Control vulnerability in SpawningKit in Phusion Passenger 5.3.x before 5.3.2 allows a Passenger-managed malicious application, upon spawning a child process, to report an arbitrar… CWE-732
 Incorrect Permission Assignment for Critical Resource
CVE-2018-12028 2024-11-21 12:44 2018-06-18 Show GitHub Exploit DB Packet Storm
253103 8.8 HIGH
Network
phusion passenger An Insecure Permissions vulnerability in SpawningKit in Phusion Passenger 5.3.x before 5.3.2 causes information disclosure in the following situation: given a Passenger-spawned application process th… CWE-200
CWE-732
Information Exposure
 Incorrect Permission Assignment for Critical Resource
CVE-2018-12027 2024-11-21 12:44 2018-06-18 Show GitHub Exploit DB Packet Storm
253104 9.8 CRITICAL
Network
phusion passenger During the spawning of a malicious Passenger-managed application, SpawningKit in Phusion Passenger 5.3.x before 5.3.2 allows such applications to replace key files or directories in the spawning comm… CWE-59
Link Following
CVE-2018-12026 2024-11-21 12:44 2018-06-18 Show GitHub Exploit DB Packet Storm
253105 8.4 HIGH
Local
redislabs redis Buffer overflow in redis-cli of Redis before 4.0.10 and 5.x before 5.0 RC3 allows an attacker to achieve code execution and escalate to higher privileges via a crafted command line. NOTE: It is uncle… CWE-119
Incorrect Access of Indexable Resource ('Range Error') 
CVE-2018-12326 2024-11-21 12:44 2018-06-17 Show GitHub Exploit DB Packet Storm
253106 7.8 HIGH
Local
virustotal yara In YARA 3.7.1 and prior, parsing a specially crafted compiled rule file can cause an out of bounds write vulnerability in yr_execute_code in libyara/exec.c. CWE-787
 Out-of-bounds Write
CVE-2018-12035 2024-11-21 12:44 2018-06-16 Show GitHub Exploit DB Packet Storm
253107 7.8 HIGH
Local
virustotal yara In YARA 3.7.1 and prior, parsing a specially crafted compiled rule file can cause an out of bounds read vulnerability in yr_execute_code in libyara/exec.c. CWE-125
Out-of-bounds Read
CVE-2018-12034 2024-11-21 12:44 2018-06-16 Show GitHub Exploit DB Packet Storm
253108 5.4 MEDIUM
Network
chevereto chevereto Chevereto Free before 1.0.13 has XSS. CWE-79
Cross-site Scripting
CVE-2018-12030 2024-11-21 12:44 2018-06-16 Show GitHub Exploit DB Packet Storm
253109 8.8 HIGH
Network
maccms maccms Maccms 10 allows CSRF via admin.php/admin/admin/info.html to add user accounts. CWE-352
 Origin Validation Error
CVE-2018-12114 2024-11-21 12:44 2018-06-15 Show GitHub Exploit DB Packet Storm
253110 6.4 MEDIUM
Physics
dropbox dropbox An issue was discovered in the com.getdropbox.Dropbox app 100.2 for iOS. The LAContext class for Biometric (TouchID) validation allows authentication bypass by overriding the LAContext return Boolean… CWE-287
Improper Authentication
CVE-2018-12271 2024-11-21 12:44 2018-06-14 Show GitHub Exploit DB Packet Storm