Vulnerability Search Top

Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

Vulnerability Information Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":June 27, 2026, 6 p.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
5151	8.8	重要 Network	マイクロソフト	Microsoft SharePoint Server	Microsoft SharePoint Server のリモートでコードが実行される脆弱性	CWE-502 信頼性のないデータのデシリアライゼーション	CVE-2026-35439	2026-05-15 11:02	2026-05-12	Show	GitHub Exploit DB Packet Storm

5152	5.9	警告 Network	IBM	IBM WebSphere Application Server	IBMのIBM WebSphere Application Serverにおける権限管理に関する脆弱性	CWE-269 CWE-noinfo	CVE-2026-3621	2026-05-15 11:02	2026-04-23	Show	GitHub Exploit DB Packet Storm

5153	5.9	警告 Local	The Go Project	Go	The Go ProjectのGoにおける境界外書き込みに関する脆弱性	CWE-787 境界外書き込み	CVE-2026-39817	2026-05-15 11:01	2026-05-7	Show	GitHub Exploit DB Packet Storm

5154	5.3	警告 Local	The Go Project	Go	The Go ProjectのGoにおけるリンク解釈に関する脆弱性	CWE-59 リンク解釈の問題	CVE-2026-39819	2026-05-15 11:01	2026-05-7	Show	GitHub Exploit DB Packet Storm

5155	7.5	重要 Network	The Go Project	Go	The Go ProjectのGoにおける制限またはスロットリング無しのリソースの割り当てに関する脆弱性	CWE-770 制限またはスロットリング無しのリソースの割り当て	CVE-2026-39820	2026-05-15 11:01	2026-05-7	Show	GitHub Exploit DB Packet Storm

5156	6.1	警告 Network	The Go Project	Go	The Go ProjectのGoにおけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2026-39823	2026-05-15 11:01	2026-05-7	Show	GitHub Exploit DB Packet Storm

5157	5.3	警告 Network	The Go Project	Go	The Go ProjectのGoにおける不特定の脆弱性	CWE-noinfo 情報不足	CVE-2026-39825	2026-05-15 11:01	2026-05-7	Show	GitHub Exploit DB Packet Storm

5158	6.1	警告 Network	The Go Project	Go	The Go ProjectのGoにおけるエンコードおよびエスケープに関する脆弱性	CWE-116 不適切なエンコード、または出力のエスケープ	CVE-2026-39826	2026-05-15 11:01	2026-05-7	Show	GitHub Exploit DB Packet Storm

5159	7.5	重要 Network	The Go Project	Go	The Go ProjectのGoにおけるNULL ポインタデリファレンスに関する脆弱性	CWE-476 NULL ポインタデリファレンス	CVE-2026-39836	2026-05-15 11:01	2026-05-7	Show	GitHub Exploit DB Packet Storm

5160	4.3	警告 Network	アップル	tvOS iOS watchOS visionos iPadOS	アップルのiPadOS等の複数製品における古典的バッファオーバーフローの脆弱性	CWE-120 古典的バッファオーバーフロー	CVE-2026-39869	2026-05-15 11:01	2026-05-11	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:June 28, 2026, 4:01 a.m.

No	CVSS	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
345641	-	longino	jacome_php-revista	PHP remote file inclusion vulnerability in index.php in Longino Jacome php-Revista 1.1.2 allows remote attackers to execute arbitrary PHP code via the adodb parameter.	NVD-CWE-Other	CVE-2006-4605	2018-10-18 06:38	2006-09-7	Show	GitHub Exploit DB Packet Storm

345642	-	longino	jacome_php-revista	Multiple SQL injection vulnerabilities in Longino Jacome php-Revista 1.1.2 allow remote attackers to execute arbitrary SQL commands via the (1) id_temas parameter in busqueda_tema.php, the (2) cadena…	NVD-CWE-Other	CVE-2006-4606	2018-10-18 06:38	2006-09-7	Show	GitHub Exploit DB Packet Storm

345643	-	longino	jacome_php-revista	admin/index.php in Longino Jacome php-Revista 1.1.2 allows remote attackers to bypass authentication controls by setting the ID_ADMIN and SUPER_ADMIN parameters to 1.	NVD-CWE-Other	CVE-2006-4607	2018-10-18 06:38	2006-09-7	Show	GitHub Exploit DB Packet Storm

345644	-	longino	jacome_php-revista	Multiple cross-site scripting (XSS) vulnerabilities in Longino Jacome php-Revista 1.1.2 allow remote attackers to inject arbitrary web script or HTML via the (1) cadena parameter in busqueda.php and …	NVD-CWE-Other	CVE-2006-4608	2018-10-18 06:38	2006-09-7	Show	GitHub Exploit DB Packet Storm

345645	-	graphiks	grapagenda	PHP remote file inclusion vulnerability in index.php in GrapAgenda 0.11 and earlier, when register_globals is enabled, allows remote attackers to execute arbitrary PHP code via the page parameter.	NVD-CWE-Other	CVE-2006-4610	2018-10-18 06:38	2006-09-7	Show	GitHub Exploit DB Packet Storm

345646	-	dsocks	dsocks	Buffer overflow in the _tor_resolve function in dsocks.c in dsocks before 1.4 allows remote attackers to execute arbitrary code via unspecified vectors, possibly involving a long node name.	NVD-CWE-Other	CVE-2006-4611	2018-10-18 06:38	2006-09-7	Show	GitHub Exploit DB Packet Storm

345647	-	dsocks	dsocks	This vulnerability is addressed in the following product release: Dsocks, Dsocks, 1.4	NVD-CWE-Other	CVE-2006-4611	2018-10-18 06:38	2006-09-7	Show	GitHub Exploit DB Packet Storm

345648	-	john_andersson	zixforum	SQL injection vulnerability in ReplyNew.asp in ZIXForum 1.12 allows remote attackers to execute arbitrary SQL commands via the RepId parameter.	NVD-CWE-Other	CVE-2006-4612	2018-10-18 06:38	2006-09-7	Show	GitHub Exploit DB Packet Storm

345649	-	pocket_pc	pocket_pc	PDAapps Verichat for Pocket PC 1.30bh stores usernames and passwords in plaintext in the Windows Mobile registry, which allows local users to obtain sensitive information via keys under \HKEY_CURRENT…	NVD-CWE-Other	CVE-2006-4614	2018-10-18 06:38	2006-09-7	Show	GitHub Exploit DB Packet Storm

345650	-	shape_services	im\+_mobile_instant_messenger	Shape Services IM+ Mobile Instant Messenger for Pocket PC 3.10 stores usernames and passwords in plaintext in %PROGRAMFILES%\IMPlus\implus.cfg, which allows local users to obtain sensitive informatio…	NVD-CWE-Other	CVE-2006-4615	2018-10-18 06:38	2006-09-7	Show	GitHub Exploit DB Packet Storm