Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":July 1, 2026, 6 p.m.

No CVSS Level
Attach Vector
Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show
Exploit
PoC
Search
244991 2.1 注意 Invision Power Services, Inc - IPB の action_admin/member.php におけるクロスサイトスクリプティングの脆弱性 - CVE-2006-5204 2012-09-25 15:36 2006-10-5 Show GitHub Exploit DB Packet Storm
244992 5.1 警告 Invision Power Services, Inc - IPB における SQL コマンドを実行される脆弱性 - CVE-2006-5203 2012-09-25 15:36 2006-10-10 Show GitHub Exploit DB Packet Storm
244993 5 警告 シスコシステムズ (Linksys) - Linksys WRT54g における任意の設定を変更される脆弱性 - CVE-2006-5202 2012-09-25 15:36 2006-10-10 Show GitHub Exploit DB Packet Storm
244994 5 警告 pdshoppro - PDshopPro におけるデータベースをダウンロードされる脆弱性 - CVE-2006-5197 2012-09-25 15:36 2006-10-10 Show GitHub Exploit DB Packet Storm
244995 7.8 危険 Motorola Solutions, Inc - Motorola SURFboard SB4200 Cable Modem におけるサービス運用妨害 (DoS) の脆弱性 - CVE-2006-5196 2012-09-25 15:36 2006-10-10 Show GitHub Exploit DB Packet Storm
244996 4.3 警告 net2ftp - net2ftp の index.php におけるクロスサイトスクリプティングの脆弱性 - CVE-2006-5194 2012-09-25 15:36 2006-10-10 Show GitHub Exploit DB Packet Storm
244997 4.3 警告 osCommerce - osCommerce Milestone におけるクロスサイトスクリプティングの脆弱性 - CVE-2006-5190 2012-09-25 15:36 2006-10-10 Show GitHub Exploit DB Packet Storm
244998 7.5 危険 klinza - klinza professional cms における PHP リモートファイルインクルージョンの脆弱性 - CVE-2006-5189 2012-09-25 15:36 2006-10-10 Show GitHub Exploit DB Packet Storm
244999 7.5 危険 hamweather - HAMweather の Template.php における任意のコードを実行される脆弱性 - CVE-2006-5185 2012-09-25 15:36 2006-10-10 Show GitHub Exploit DB Packet Storm
245000 7.5 危険 joshua muheim - Joshua Muheim phpMyWebmin における PHP リモートファイルインクルージョンの脆弱性 - CVE-2006-5181 2012-09-25 15:36 2006-10-10 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:July 1, 2026, 4:27 a.m.

No CVSS Level
Attach Vector
Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
252761 6.1 MEDIUM
Network
javamelody_project javamelody JavaMelody through 1.60.0 has XSS via the counter parameter in a clear_counter action to the /monitoring URI. CWE-79
Cross-site Scripting
CVE-2018-12432 2024-11-21 12:45 2018-06-15 Show GitHub Exploit DB Packet Storm
252762 4.8 MEDIUM
Network
seacms seacms SeaCMS V6.61 has XSS via the site name parameter on an adm1n/admin_config.php page (aka a system management page). CWE-79
Cross-site Scripting
CVE-2018-12431 2024-11-21 12:45 2018-06-15 Show GitHub Exploit DB Packet Storm
252763 9.8 CRITICAL
Network
simple_password_store_project simple_password_store An issue was discovered in password-store.sh in pass in Simple Password Store 1.7.x before 1.7.2. The signature verification routine parses the output of GnuPG with an incomplete regular expression, … CWE-347
 Improper Verification of Cryptographic Signature
CVE-2018-12356 2024-11-21 12:45 2018-06-15 Show GitHub Exploit DB Packet Storm
252764 7.5 HIGH
Network
matrix synapse In Synapse before 0.31.2, unauthorised users can hijack rooms when there is no m.room.power_levels event in force. NVD-CWE-noinfo
CVE-2018-12423 2024-11-21 12:45 2018-06-15 Show GitHub Exploit DB Packet Storm
252765 7.5 HIGH
Network
icehrm icehrm IceHrm before 23.0.1.OS has a risky usage of a hashed password in a request. CWE-327
 Use of a Broken or Risky Cryptographic Algorithm
CVE-2018-12420 2024-11-21 12:45 2018-06-15 Show GitHub Exploit DB Packet Storm
252766 9.8 CRITICAL
Network
ltb-project ldap_tool_box_self_service_password LTB (aka LDAP Tool Box) Self Service Password before 1.3 allows a change to a user password (without knowing the old password) via a crafted POST request, because the ldap_bind return value is mishan… CWE-640
 Weak Password Recovery Mechanism for Forgotten Password
CVE-2018-12421 2024-11-21 12:45 2018-06-15 Show GitHub Exploit DB Packet Storm
252767 5.5 MEDIUM
Local
junrar_project junrar Archive.java in Junrar before 1.0.1, as used in Apache Tika and other products, is affected by a denial of service vulnerability due to an infinite loop when handling corrupt RAR files. CWE-835
 Loop with Unreachable Exit Condition ('Infinite Loop')
CVE-2018-12418 2024-11-21 12:45 2018-06-15 Show GitHub Exploit DB Packet Storm
252768 6.1 MEDIUM
Network
eng knowage Knowage (formerly SpagoBI) 6.1.1 allows XSS via the name or description field to the "Olap Schemas' Catalogue" catalogue. CWE-79
Cross-site Scripting
CVE-2018-12355 2024-11-21 12:45 2018-06-14 Show GitHub Exploit DB Packet Storm
252769 8.8 HIGH
Network
knowage-suite knowage Knowage (formerly SpagoBI) 6.1.1 allows CSRF via every form, as demonstrated by a /knowage/restful-services/2.0/analyticalDrivers/ POST request. CWE-352
 Origin Validation Error
CVE-2018-12354 2024-11-21 12:45 2018-06-14 Show GitHub Exploit DB Packet Storm
252770 6.1 MEDIUM
Network
knowage-suite knowage Knowage (formerly SpagoBI) 6.1.1 allows XSS via the name field to the "Business Model's Catalogue" catalogue. CWE-79
Cross-site Scripting
CVE-2018-12353 2024-11-21 12:45 2018-06-14 Show GitHub Exploit DB Packet Storm