Vulnerability Search Top

Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

Vulnerability Information Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":May 23, 2026, 6 p.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
251681	7.5	危険	W-Agora	-	W-Agora の search.php3 におけるディレクトリトラバーサルの脆弱性	CWE-22 パス・トラバーサル	CVE-2010-4867	2012-02-9 11:10	2011-10-5	Show	GitHub Exploit DB Packet Storm

251682	7.5	危険	Chipmunk Scripts	-	Chipmunk Board の index.php における SQL インジェクションの脆弱性	CWE-89 SQLインジェクション	CVE-2010-4866	2012-02-9 11:09	2011-10-5	Show	GitHub Exploit DB Packet Storm

251683	7.5	危険	Jextensions	-	Joomla! 用 JE Guestbook (com_jeguestbook) コンポーネントにおける SQL インジェクションの脆弱性	CWE-89 SQLインジェクション	CVE-2010-4865	2012-02-9 11:08	2011-10-5	Show	GitHub Exploit DB Packet Storm

251684	7.5	危険	Daniel James Scott	-	Joomla! 用 Club Manager (com_clubmanager) コンポーネントにおける SQL インジェクションの脆弱性	CWE-89 SQLインジェクション	CVE-2010-4864	2012-02-9 11:08	2011-10-5	Show	GitHub Exploit DB Packet Storm

251685	4.3	警告	The GetSimple Team	-	GetSimple CMS の admin/changedata.php におけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2010-4863	2012-02-9 11:07	2011-10-5	Show	GitHub Exploit DB Packet Storm

251686	7.5	危険	Joomla! Jextensions	-	Joomla! 用 JExtensions JE Director コンポーネントにおける SQL インジェクションの脆弱性	CWE-89 SQLインジェクション	CVE-2010-4862	2012-02-9 11:07	2011-10-5	Show	GitHub Exploit DB Packet Storm

251687	7.5	危険	webSPELL	-	webSPELL の asearch.php における SQL インジェクションの脆弱性	CWE-89 SQLインジェクション	CVE-2010-4861	2012-02-9 11:06	2011-10-5	Show	GitHub Exploit DB Packet Storm

251688	7.5	危険	Galaxyscriptz	-	MyPhpAuction の product_desc.php における SQL インジェクションの脆弱性	CWE-89 SQLインジェクション	CVE-2010-4860	2012-02-9 11:05	2011-10-5	Show	GitHub Exploit DB Packet Storm

251689	7.5	危険	WebAsyst	-	WebAsyst Shop-Script の index.php における SQL インジェクションの脆弱性	CWE-89 SQLインジェクション	CVE-2010-4859	2012-02-9 11:05	2011-10-5	Show	GitHub Exploit DB Packet Storm

251690	5	警告	Joerg Risse	-	DNET Live-Stats の team.rc5-72.php におけるディレクトリトラバーサルの脆弱性	CWE-22 パス・トラバーサル	CVE-2010-4858	2012-02-9 11:04	2011-10-5	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:May 24, 2026, 4:05 a.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
258281	9.8	CRITICAL Network	rarlab	unrar	libunrar.a in UnRAR before 5.5.7 has an out-of-bounds read in the EncodeFileName::Decode call within the Archive::ReadHeader15 function.	CWE-125 Out-of-bounds Read	CVE-2017-12940	2024-11-21 12:10	2017-08-18	Show	GitHub Exploit DB Packet Storm

258282	9.8	CRITICAL Network	unity3d	unity_editor	A Remote Code Execution vulnerability was identified in all Windows versions of Unity Editor, e.g., before 5.3.8p2, 5.4.x before 5.4.5p5, 5.5.x before 5.5.4p3, 5.6.x before 5.6.3p1, and 2017.x before…	CWE-20 Improper Input Validation	CVE-2017-12939	2024-11-21 12:10	2017-08-18	Show	GitHub Exploit DB Packet Storm

258283	7.5	HIGH Network	rarlab	unrar	UnRAR before 5.5.7 allows remote attackers to bypass a directory-traversal protection mechanism via vectors involving a symlink to the . directory, a symlink to the .. directory, and a regular file.	CWE-22 Path Traversal	CVE-2017-12938	2024-11-21 12:10	2017-08-18	Show	GitHub Exploit DB Packet Storm

258284	8.8	HIGH Network	graphicsmagick debian	graphicsmagick debian_linux	The ReadSUNImage function in coders/sun.c in GraphicsMagick 1.3.26 has a colormap heap-based buffer over-read.	CWE-125 Out-of-bounds Read	CVE-2017-12937	2024-11-21 12:10	2017-08-18	Show	GitHub Exploit DB Packet Storm

258285	8.8	HIGH Network	graphicsmagick debian	graphicsmagick debian_linux	The ReadWMFImage function in coders/wmf.c in GraphicsMagick 1.3.26 has a use-after-free issue for data associated with exception reporting.	CWE-416 Use After Free	CVE-2017-12936	2024-11-21 12:10	2017-08-18	Show	GitHub Exploit DB Packet Storm

258286	8.8	HIGH Network	graphicsmagick debian	graphicsmagick debian_linux	The ReadMNGImage function in coders/png.c in GraphicsMagick 1.3.26 mishandles large MNG images, leading to an invalid memory read in the SetImageColorCallBack function in magick/image.c.	CWE-125 Out-of-bounds Read	CVE-2017-12935	2024-11-21 12:10	2017-08-18	Show	GitHub Exploit DB Packet Storm

258287	7.5	HIGH Network	php	php	ext/standard/var_unserializer.re in PHP 7.0.x before 7.0.21 and 7.1.x before 7.1.7 is prone to a heap use after free while unserializing untrusted data, related to the zval_get_type function in Zend/…	CWE-416 Use After Free	CVE-2017-12934	2024-11-21 12:10	2017-08-18	Show	GitHub Exploit DB Packet Storm

258288	9.8	CRITICAL Network	php	php	The finish_nested_data function in ext/standard/var_unserializer.re in PHP before 5.6.31, 7.0.x before 7.0.21, and 7.1.x before 7.1.7 is prone to a buffer over-read while unserializing untrusted data…	CWE-125 Out-of-bounds Read	CVE-2017-12933	2024-11-21 12:10	2017-08-18	Show	GitHub Exploit DB Packet Storm

258289	9.8	CRITICAL Network	php	php	ext/standard/var_unserializer.re in PHP 7.0.x through 7.0.22 and 7.1.x through 7.1.8 is prone to a heap use after free while unserializing untrusted data, related to improper use of the hash API for …	CWE-416 Use After Free	CVE-2017-12932	2024-11-21 12:10	2017-08-18	Show	GitHub Exploit DB Packet Storm

258290	6.1	MEDIUM Network	cacti	cacti	A cross-site scripting vulnerability exists in Cacti 1.1.17 in the method parameter in spikekill.php.	CWE-79 Cross-site Scripting	CVE-2017-12927	2024-11-21 12:10	2017-08-18	Show	GitHub Exploit DB Packet Storm