Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":July 1, 2026, 4:01 p.m.

No CVSS Level
Attach Vector
Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show
Exploit
PoC
Search
245241 5.1 警告 phlymail - PHlyMail Lite の handlers/email/mod.listmail.php における PHP リモートファイルインクルージョンの脆弱性 - CVE-2006-4291 2012-09-25 15:35 2006-08-22 Show GitHub Exploit DB Packet Storm
245242 6.8 警告 Mambo Foundation - Mambo の a6mambocredits コンポーネントにおける PHP リモートファイルインクルージョンの脆弱性 CWE-94
コード・インジェクション
CVE-2006-4288 2012-09-25 15:35 2006-08-22 Show GitHub Exploit DB Packet Storm
245243 7.5 危険 nes game - NES Game などの製品における PHP リモートファイルインクルージョンの脆弱性 - CVE-2006-4287 2012-09-25 15:35 2006-08-22 Show GitHub Exploit DB Packet Storm
245244 7.5 危険 lblog - LBlog の comments.asp における SQL インジェクションの脆弱性 - CVE-2006-4284 2012-09-25 15:35 2006-08-22 Show GitHub Exploit DB Packet Storm
245245 7.5 危険 mamboxchange - Mambo 用の mambowiki コンポーネントにおける PHP リモートファイルインクルージョンの脆弱性 - CVE-2006-4282 2012-09-25 15:35 2006-08-22 Show GitHub Exploit DB Packet Storm
245246 7.5 危険 Mambo Foundation - Mambo の catalogshop コンポーネントにおける PHP リモートファイルインクルージョンの脆弱性 - CVE-2006-4275 2012-09-25 15:35 2006-08-21 Show GitHub Exploit DB Packet Storm
245247 6.8 警告 vBulletin Solutions, Inc. - Jelsoft vBulletin におけるクロスサイトスクリプティングの脆弱性 - CVE-2006-4273 2012-09-25 15:35 2006-08-3 Show GitHub Exploit DB Packet Storm
245248 6.8 警告 Mambo Foundation - Mambo 用の mambelfish コンポーネントにおける PHP リモートファイルインクルージョンの脆弱性 CWE-94
コード・インジェクション
CVE-2006-4270 2012-09-25 15:35 2006-08-21 Show GitHub Exploit DB Packet Storm
245249 5 警告 カスペルスキー - Kaspersky Anti-Hacker における ICMP へのレスポンスを取得される脆弱性 - CVE-2006-4265 2012-09-25 15:35 2006-08-21 Show GitHub Exploit DB Packet Storm
245250 5 警告 jake olefsky - Fotopholder の index.php におけるディレクトリトラバーサルの脆弱性 - CVE-2006-4260 2012-09-25 15:35 2006-08-21 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:July 1, 2026, 4:27 a.m.

No CVSS Level
Attach Vector
Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
252561 6.1 MEDIUM
Network
german_spelling_dictionary_project german_spelling_dictionary A cross-site scripting (XSS) vulnerability was found in valeuraddons German Spelling Dictionary v1.3 (an Opera Browser add-on). Instead of providing text for a spelling check, remote attackers may in… CWE-79
Cross-site Scripting
CVE-2018-12587 2024-11-21 12:45 2018-08-14 Show GitHub Exploit DB Packet Storm
252562 7.5 HIGH
Network
tibco activematrix_businessworks
activematrix_businessworks_distribution_for_tibco_silver_fabric
The BusinessWorks engine component of TIBCO Software Inc.'s TIBCO ActiveMatrix BusinessWorks, TIBCO ActiveMatrix BusinessWorks for z/Linux, and TIBCO ActiveMatrix BusinessWorks Distribution for TIBCO… CWE-611
XXE
CVE-2018-12408 2024-11-21 12:45 2018-08-8 Show GitHub Exploit DB Packet Storm
252563 8.8 HIGH
Network
ocsinventory-ng ocsinventory_ng OCS Inventory 2.4.1 is prone to a remote command-execution vulnerability. Specifically, this issue occurs because the content of the ipdiscover_analyser rzo GET parameter is concatenated to a string … CWE-78
OS Command 
CVE-2018-12483 2024-11-21 12:45 2018-08-4 Show GitHub Exploit DB Packet Storm
252564 8.8 HIGH
Network
ocsinventory-ng ocsinventory_ng OCS Inventory 2.4.1 contains multiple SQL injections in the search engine. Authentication is needed in order to exploit the issues. CWE-89
SQL Injection
CVE-2018-12482 2024-11-21 12:45 2018-08-4 Show GitHub Exploit DB Packet Storm
252565 5.4 MEDIUM
Network
gitlab gitlab An issue was discovered in GitLab Community Edition and Enterprise Edition before 10.7.6, 10.8.x before 10.8.5, and 11.x before 11.0.1. The charts feature contained a persistent XSS issue due to a la… CWE-79
Cross-site Scripting
CVE-2018-12607 2024-11-21 12:45 2018-08-4 Show GitHub Exploit DB Packet Storm
252566 5.4 MEDIUM
Network
gitlab gitlab An issue was discovered in GitLab Community Edition and Enterprise Edition before 10.7.6, 10.8.x before 10.8.5, and 11.x before 11.0.1. The wiki contains a persistent XSS issue due to a lack of outpu… CWE-79
Cross-site Scripting
CVE-2018-12606 2024-11-21 12:45 2018-08-4 Show GitHub Exploit DB Packet Storm
252567 5.4 MEDIUM
Network
gitlab gitlab An issue was discovered in GitLab Community Edition and Enterprise Edition 10.7.x before 10.7.6. The usage of 'url_for' contained a XSS issue due to it allowing arbitrary protocols as a parameter. CWE-79
Cross-site Scripting
CVE-2018-12605 2024-11-21 12:45 2018-08-4 Show GitHub Exploit DB Packet Storm
252568 5.3 MEDIUM
Network
navercorp whale Whale Browser before 1.3.48.4 displays no URL information but only a title of a web page on the browser's address bar when visiting a non-http page, which allows an attacker to display a malicious we… CWE-20
 Improper Input Validation 
CVE-2018-12448 2024-11-21 12:45 2018-08-2 Show GitHub Exploit DB Packet Storm
252569 7.2 HIGH
Network
microfocus groupwise A vulnerability in the administration console of Micro Focus GroupWise prior to version 18.0.2 may allow a remote attacker authenticated as an administrator to upload files to an arbitrary path on th… CWE-434
 Unrestricted Upload of File with Dangerous Type 
CVE-2018-12468 2024-11-21 12:45 2018-08-2 Show GitHub Exploit DB Packet Storm
252570 6.5 MEDIUM
Network
opensuse open_build_service Authorized users of the openbuildservice before 2.9.4 could delete packages by using a malicious request against projects having the OBS:InitializeDevelPackage attribute, a similar issue to CVE-2018-… CWE-732
 Incorrect Permission Assignment for Critical Resource
CVE-2018-12467 2024-11-21 12:45 2018-08-2 Show GitHub Exploit DB Packet Storm