NVD Vulnerability Information Top

Show Search Menu

Vendor Name
プロダクト・サービス名
Title
CVE
CRITICAL
HIGH
MEDIUM
LOW
CWE
In descending order of publication date
In descending order of update date
Number of items displayed

NVD Vulnerability Information Top

You can search the list of vulnerabilities managed by the NVD (National Vulnerability Database).
Since vulnerability information is often updated before JVN (Japan Vulnerability Note), vulnerabilities that are not listed in JVN may be updated.

If there is a vulnerability related to JVN (Japan Vulnerability Note), the information will be displayed on the detail page.

To search by CWE, please refer to the CWE Overview and check the CWE number.

CRITICAL
HIGH
MEDIUM
LOW

Update Date:June 13, 2026, 4:20 a.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
343301	7.5	HIGH	mozilla	firefox seamonkey thunderbird	The Javascript engine in Mozilla Firefox before 1.5.0.5, Thunderbird before 1.5.0.5, and SeaMonkey before 1.0.3 might allow remote attackers to execute arbitrary code via vectors involving garbage co…	NVD-CWE-Other	CVE-2006-3805	2018-10-18 06:30	2006-07-28	Show	GitHub Exploit DB Packet Storm

343302	7.5	HIGH	mozilla	firefox seamonkey thunderbird	Multiple integer overflows in the Javascript engine in Mozilla Firefox before 1.5.0.5, Thunderbird before 1.5.0.5, and SeaMonkey before 1.0.3 might allow remote attackers to execute arbitrary code vi…	CWE-189 Numeric Errors	CVE-2006-3806	2018-10-18 06:30	2006-07-28	Show	GitHub Exploit DB Packet Storm

343303	7.5	HIGH	mozilla	firefox seamonkey thunderbird	Mozilla Firefox before 1.5.0.5, Thunderbird before 1.5.0.5, and SeaMonkey before 1.0.3 allows remote attackers to execute arbitrary code via script that changes the standard Object() constructor to r…	NVD-CWE-Other	CVE-2006-3807	2018-10-18 06:30	2006-07-28	Show	GitHub Exploit DB Packet Storm

343304	10.0	HIGH	oracle	enterprise_manager	Multiple unspecified vulnerabilities in Oracle Management Service for Oracle Enterprise Manager 10.1.0.5 and 10.2.0.1 have unknown impact and attack vectors, aka Oracle Vuln# EM03 and EM04.	NVD-CWE-Other	CVE-2006-3721	2018-10-18 06:29	2006-07-21	Show	GitHub Exploit DB Packet Storm

343305	10.0	HIGH	oracle	peoplesoft_enterprise	Unspecified vulnerability in PeopleSoft Enterprise Portal for Oracle PeopleSoft Enterprise Portal 8.4 Bundle #16, 8.8 Bundle #10, and 8.9 Bundle #3 has unknown impact and attack vectors, aka Oracle V…	NVD-CWE-Other	CVE-2006-3722	2018-10-18 06:29	2006-07-21	Show	GitHub Exploit DB Packet Storm

343306	10.0	HIGH	oracle	peoplesoft_enterprise	Unspecified vulnerability in PeopleSoft Enterprise Portal for Oracle PeopleSoft Enterprise Portal 8.8 with Enforcer Portal Pack Bundle #10 and 8.9 Bundle #3 has unknown impact and attack vectors, aka…	NVD-CWE-Other	CVE-2006-3723	2018-10-18 06:29	2006-07-21	Show	GitHub Exploit DB Packet Storm

343307	10.0	HIGH	oracle	enterpriseone	Unspecified vulnerability in JD Edwards HTML Server for Oracle OneWorld Tools EnterpriseOne Tools 8.95 and 8.96 has unknown impact and attack vectors, aka Oracle Vuln# JDE01.	NVD-CWE-Other	CVE-2006-3724	2018-10-18 06:29	2006-07-21	Show	GitHub Exploit DB Packet Storm

343308	2.1	LOW	symantec	norton_personal_firewall	Norton Personal Firewall 2006 9.1.0.33 allows local users to cause a denial of service (crash) via certain RegSaveKey, RegRestoreKey and RegDeleteKey operations on the (1) HKLM\SYSTEM\CurrentControlS…	NVD-CWE-Other	CVE-2006-3725	2018-10-18 06:29	2006-07-21	Show	GitHub Exploit DB Packet Storm

343309	2.6	LOW	mozilla	firefox	Mozilla Firefox 1.5.0.4 and earlier allows remote user-assisted attackers to cause a denial of service (crash) via a form with a multipart/form-data encoding and a user-uploaded file. NOTE: a third …	NVD-CWE-Other	CVE-2006-3731	2018-10-18 06:29	2006-07-21	Show	GitHub Exploit DB Packet Storm

343310	7.5	HIGH	cisco	security_monitoring_analysis_and_response_system	jmx-console/HtmlAdaptor in the jmx-console in the JBoss web application server, as shipped with Cisco Security Monitoring, Analysis and Response System (CS-MARS) before 4.2.1, allows remote attackers…	CWE-264 Permissions, Privileges, and Access Controls	CVE-2006-3733	2018-10-18 06:29	2006-07-21	Show	GitHub Exploit DB Packet Storm

343311	4.3	MEDIUM	swsoft	plesk_control_panel	Cross-site scripting (XSS) vulnerability in filemanager/filemanager.php in the control panel in SWsoft Plesk 8.0 and earlier allows remote authenticated users to inject arbitrary web script or HTML v…	NVD-CWE-Other	CVE-2006-3737	2018-10-18 06:29	2006-07-21	Show	GitHub Exploit DB Packet Storm

343312	7.2	HIGH	x.org xfree86_project	x.org xfree86_x	Integer overflow in the CIDAFM function in X.Org 6.8.2 and XFree86 X server allows local users to execute arbitrary code via crafted Adobe Font Metrics (AFM) files with a modified number of character…	NVD-CWE-Other	CVE-2006-3739	2018-10-18 06:29	2006-09-13	Show	GitHub Exploit DB Packet Storm

343313	7.2	HIGH	x.org xfree86_project	x.org xfree86_x	Integer overflow in the scan_cidfont function in X.Org 6.8.2 and XFree86 X server allows local users to execute arbitrary code via crafted (1) CMap and (2) CIDFont font data with modified item counts…	NVD-CWE-Other	CVE-2006-3740	2018-10-18 06:29	2006-09-13	Show	GitHub Exploit DB Packet Storm

343314	7.2	HIGH	linux	linux_kernel	Unspecified vulnerability in the sctp_make_abort_user function in the SCTP implementation in Linux 2.6.x before 2.6.17.10 and 2.4.23 up to 2.4.33 allows local users to cause a denial of service (pani…	NVD-CWE-noinfo	CVE-2006-3745	2018-10-18 06:29	2006-08-24	Show	GitHub Exploit DB Packet Storm

343315	7.5	HIGH	professional_home_page_tools	professional_home_page_tools_guestbook	Multiple SQL injection vulnerabilities in class.php in Professional Home Page Tools Guestbook allow remote attackers to execute arbitrary SQL commands via the (1) hidemail, (2) name, (3) mail, (4) ip…	NVD-CWE-Other	CVE-2006-3752	2018-10-18 06:29	2006-07-21	Show	GitHub Exploit DB Packet Storm

343316	6.4	MEDIUM	professional_home_page_tools	professional_home_page_tools_guestbook	setcookie.php for the administration login in Professional Home Page Tools Guestbook records the hash of the administrator password in a cookie, which allows attackers to conduct brute force password…	NVD-CWE-Other	CVE-2006-3753	2018-10-18 06:29	2006-07-21	Show	GitHub Exploit DB Packet Storm

343317	5.0	MEDIUM	zen_cart	zen_cart	index.php in Zen Cart 1.3.0.2 allows remote attackers to obtain sensitive information via empty (1) _GET[], (2) _SESSION[], (3) _POST[], (4) _COOKIE[], or (5) _SESSION[] array parameters, which revea…	NVD-CWE-Other	CVE-2006-3757	2018-10-18 06:29	2006-07-21	Show	GitHub Exploit DB Packet Storm

343318	4.3	MEDIUM	mybulletinboard	mybulletinboard	Cross-site scripting (XSS) vulnerability in inc/functions_post.php in MyBB (aka MyBulletinBoard) 1.0 RC2 through 1.1.4 allows remote attackers to inject arbitrary web script or HTML via a javascript …	CWE-79 Cross-site Scripting	CVE-2006-3761	2018-10-18 06:29	2006-07-21	Show	GitHub Exploit DB Packet Storm

343319	4.3	MEDIUM	mybulletinboard	mybulletinboard	This vulnerability is addressed in the following product release: MyBulletinBoard, MyBulletinBoard, 1.1.5	CWE-79 Cross-site Scripting	CVE-2006-3761	2018-10-18 06:29	2006-07-21	Show	GitHub Exploit DB Packet Storm

343320	7.5	HIGH	touch_control	activex_control	The Touch Control ActiveX control 2.0.0.55 allows remote attackers to read and possibly execute arbitrary files via a "file///" URI in the sPath parameter to the Execute function.	NVD-CWE-Other	CVE-2006-3762	2018-10-18 06:29	2006-07-21	Show	GitHub Exploit DB Packet Storm

343321	7.5	HIGH	dieselscripts	diesel_joke_site	SQL injection vulnerability in category.php in Diesel Joke Site allows remote attackers to execute arbitrary SQL commands via the id parameter.	NVD-CWE-Other	CVE-2006-3763	2018-10-18 06:29	2006-07-21	Show	GitHub Exploit DB Packet Storm

343322	5.0	MEDIUM	till_gerken	phppolls	Till Gerken phpPolls 1.0.3 allows remote attackers to create a new poll via a direct request to phpPollAdmin.php3 with the poll_action parameter set to create.	NVD-CWE-Other	CVE-2006-3764	2018-10-18 06:29	2006-07-21	Show	GitHub Exploit DB Packet Storm

343323	4.3	MEDIUM	huttenlocher_webdesign	hwdeguest	Multiple cross-site scripting (XSS) vulnerabilities in Huttenlocher Webdesign hwdeGUEST 2.1.1 and earlier allow remote attackers to inject arbitrary web script or HTML via unspecified vectors, as dem…	NVD-CWE-Other	CVE-2006-3765	2018-10-18 06:29	2006-07-21	Show	GitHub Exploit DB Packet Storm

343324	5.0	MEDIUM	darrens_5-dollar_script_archive	osdate	Darren's $5 Script Archive osDate 1.1.7 and earlier allows users to boost their own ratings via a txtrating parameter with a score greater than the intended maximum of 10.	NVD-CWE-Other	CVE-2006-3766	2018-10-18 06:29	2006-07-21	Show	GitHub Exploit DB Packet Storm

343325	6.8	MEDIUM	darrens_5-dollar_script_archive	osdate	Cross-site scripting (XSS) vulnerability in showprofile.php in Darren's $5 Script Archive osDate 1.1.7 and earlier allows remote attackers to inject arbitrary web script or HTML via the onerror attri…	NVD-CWE-Other	CVE-2006-3767	2018-10-18 06:29	2006-07-21	Show	GitHub Exploit DB Packet Storm

343326	4.9	MEDIUM	linux canonical debian	linux_kernel ubuntu_linux debian_linux	Linux kernel 2.x.6 before 2.6.17.9 and 2.4.x before 2.4.33.1 on PowerPC PPC970 systems allows local users to cause a denial of service (crash) related to the "HID0 attention enable on PPC970 at boot …	NVD-CWE-Other	CVE-2006-4093	2018-10-18 02:00	2006-08-22	Show	GitHub Exploit DB Packet Storm

343327	4.9	MEDIUM	linux canonical debian	linux_kernel ubuntu_linux debian_linux	Upgrade to Linux Kernel version 2.4.33.1	NVD-CWE-Other	CVE-2006-4093	2018-10-18 02:00	2006-08-22	Show	GitHub Exploit DB Packet Storm

343328	4.3	MEDIUM	novell	groupwise_webaccess	Cross-site scripting (XSS) vulnerability in the login page in Novell GroupWise WebAccess 6.5 before 20060721 and WebAccess 7 before 20060727 allows remote attackers to inject arbitrary web script or …	NVD-CWE-Other	CVE-2006-3818	2018-10-18 01:58	2006-08-11	Show	GitHub Exploit DB Packet Storm

343329	4.3	MEDIUM	novell	groupwise_webaccess	This has been fixed in any build of GroupWise 7 WebAccess dated after July 27, 2006. This has been fixed in any build of GroupWise 6.5 WebAccess dated after July 21, 2006.	NVD-CWE-Other	CVE-2006-3818	2018-10-18 01:58	2006-08-11	Show	GitHub Exploit DB Packet Storm

343330	6.8	MEDIUM	jbmc_software	directadmin	Cross-site scripting (XSS) vulnerability in JBMC Software DirectAdmin before 1.293 does not properly display log files, which allows remote authenticated users to inject arbitrary web script or HTML …	NVD-CWE-Other	CVE-2007-1926	2018-10-17 01:41	2007-04-11	Show	GitHub Exploit DB Packet Storm

343331	4.3	MEDIUM	jbmc_software	directadmin	Cross-site scripting (XSS) vulnerability in CMD_USER_STATS in DirectAdmin allows remote attackers to inject arbitrary web script or HTML via the RESULT parameter, a different vector than CVE-2006-598…	NVD-CWE-Other	CVE-2007-1508	2018-10-17 01:38	2007-03-20	Show	GitHub Exploit DB Packet Storm

343332	5.6	MEDIUM Local	freebsd redhat sco sun ubuntu	freebsd enterprise_linux enterprise_linux_desktop fedora_core openserver unixware solaris ubuntu_linux	Hyper-Threading technology, as used in FreeBSD and other operating systems that are run on Intel Pentium and other processors, allows local users to use a malicious thread to create covert channels, …	NVD-CWE-Other	CVE-2005-0109	2018-10-16 21:06	2005-03-5	Show	GitHub Exploit DB Packet Storm

343333	9.3	HIGH	info-zip	unzip	The NEEDBITS macro in the inflate_dynamic function in inflate.c for unzip can be invoked using invalid buffers, which allows remote attackers to cause a denial of service (crash) and possibly execute…	CWE-119 Incorrect Access of Indexable Resource ('Range Error')	CVE-2008-0888	2018-10-16 07:03	2008-03-18	Show	GitHub Exploit DB Packet Storm

343334	10.0	HIGH	microsoft	data_access_components index_server internet_information_server site_server	The Remote Data Service (RDS) DataFactory component of Microsoft Data Access Components (MDAC) in IIS 3.x and 4.x exposes unsafe methods, which allows remote attackers to execute arbitrary commands.	CWE-264 Permissions, Privileges, and Access Controls	CVE-1999-1011	2018-10-16 03:29	1999-07-19	Show	GitHub Exploit DB Packet Storm

343335	9.3	HIGH	microsoft	visual_basic_for_applications visual_basic_sdk office	VBE6.DLL in Microsoft Office XP SP3, Office 2003 SP3, 2007 Microsoft Office System SP1 and SP2, Visual Basic for Applications (VBA), and VBA SDK 6.3 through 6.5 does not properly search for ActiveX c…	CWE-94 Code Injection	CVE-2010-0815	2018-10-13 06:57	2010-05-12	Show	GitHub Exploit DB Packet Storm

343336	4.3	MEDIUM	microsoft	sharepoint_server sharepoint_services	Cross-site scripting (XSS) vulnerability in _layouts/help.aspx in Microsoft SharePoint Server 2007 12.0.0.6421 and possibly earlier, and SharePoint Services 3.0 SP1 and SP2, versions, allows remote a…	CWE-79 Cross-site Scripting	CVE-2010-0817	2018-10-13 06:57	2010-04-30	Show	GitHub Exploit DB Packet Storm

343337	9.3	HIGH	microsoft	excel office open_xml_file_format_converter office_compatibility_pack office_excel_viewer	Unspecified vulnerability in Microsoft Office Excel 2002 SP3, 2003 SP3, 2007 SP1 and SP2; Office 2004 for mac; Office 2008 for Mac; Open XML File Format Converter for Mac; Office Excel Viewer SP1 and…	CWE-94 Code Injection	CVE-2010-0821	2018-10-13 06:57	2010-06-9	Show	GitHub Exploit DB Packet Storm

343338	9.3	HIGH	microsoft	excel office open_xml_file_format_converter	Stack-based buffer overflow in Microsoft Office Excel 2002 SP3, Office 2004 for Mac, Office 2008 for Mac, and Open XML File Format Converter for Mac allows remote attackers to execute arbitrary code …	CWE-94 Code Injection	CVE-2010-0822	2018-10-13 06:57	2010-06-9	Show	GitHub Exploit DB Packet Storm

343339	9.3	HIGH	microsoft	excel office open_xml_file_format_converter office_compatibility_pack office_excel_viewer	Unspecified vulnerability in Microsoft Office Excel 2002 SP3, 2003 SP3, 2007 SP1 and SP2; Office 2004 for mac; Office 2008 for Mac; Open XML File Format Converter for Mac; Office Excel Viewer SP1 and…	CWE-94 Code Injection	CVE-2010-0823	2018-10-13 06:57	2010-06-9	Show	GitHub Exploit DB Packet Storm

343340	9.3	HIGH	microsoft	excel office	Unspecified vulnerability in Microsoft Office Excel 2002 SP3 and Office 2004 for Mac allows remote attackers to execute arbitrary code via an Excel file with a malformed WOPT (0x80B) record, aka "Exc…	CWE-94 Code Injection	CVE-2010-0824	2018-10-13 06:57	2010-06-9	Show	GitHub Exploit DB Packet Storm

343341	9.3	HIGH	microsoft	excel office open_xml_file_format_converter	Unspecified vulnerability in Microsoft Office Excel 2002 SP3, Office 2004 for Mac, Office 2008 for Mac, and Open XML File Format Converter for Mac allows remote attackers to execute arbitrary code vi…	CWE-94 Code Injection	CVE-2010-1245	2018-10-13 06:57	2010-06-9	Show	GitHub Exploit DB Packet Storm

343342	9.3	HIGH	microsoft	excel	Stack-based buffer overflow in Microsoft Office Excel 2002 SP3 allows remote attackers to execute arbitrary code via an Excel file with a malformed RTD (0x813) record, aka "Excel RTD Memory Corruptio…	CWE-94 Code Injection	CVE-2010-1246	2018-10-13 06:57	2010-06-9	Show	GitHub Exploit DB Packet Storm

343343	9.3	HIGH	microsoft	excel	Unspecified vulnerability in Microsoft Office Excel 2002 SP3 allows remote attackers to execute arbitrary code via an Excel file with a malformed RTD (0x813) record that triggers heap corruption, aka…	CWE-94 Code Injection	CVE-2010-1247	2018-10-13 06:57	2010-06-9	Show	GitHub Exploit DB Packet Storm

343344	9.3	HIGH	microsoft	excel office	Buffer overflow in Microsoft Office Excel 2002 SP3 and Office 2004 for Mac allows remote attackers to execute arbitrary code via an Excel file with a malformed HFPicture (0x866) record, aka "Excel HF…	CWE-94 Code Injection	CVE-2010-1248	2018-10-13 06:57	2010-06-9	Show	GitHub Exploit DB Packet Storm

343345	9.3	HIGH	microsoft	excel office open_xml_file_format_converter	Buffer overflow in Microsoft Office Excel 2002 SP3, Office 2004 for Mac, Office 2008 for Mac, and Open XML File Format Converter for Mac allows remote attackers to execute arbitrary code via an Excel…	CWE-94 Code Injection	CVE-2010-1249	2018-10-13 06:57	2010-06-9	Show	GitHub Exploit DB Packet Storm

343346	9.3	HIGH	microsoft	excel office open_xml_file_format_converter	Heap-based buffer overflow in Microsoft Office Excel 2002 SP3, Office 2004 for Mac, Office 2008 for Mac, and Open XML File Format Converter for Mac allows remote attackers to execute arbitrary code v…	CWE-94 Code Injection	CVE-2010-1250	2018-10-13 06:57	2010-06-9	Show	GitHub Exploit DB Packet Storm

343347	9.3	HIGH	microsoft	excel office	Unspecified vulnerability in Microsoft Office Excel 2002 SP3 and Office 2004 for Mac allows remote attackers to execute arbitrary code via a crafted Excel file, aka "Excel Record Stack Corruption Vul…	CWE-94 Code Injection	CVE-2010-1251	2018-10-13 06:57	2010-06-9	Show	GitHub Exploit DB Packet Storm

343348	9.3	HIGH	microsoft	excel office	Unspecified vulnerability in Microsoft Office Excel 2002 SP3 and Office 2004 for Mac allows remote attackers to execute arbitrary code via a crafted Excel file, aka "Excel String Variable Vulnerabili…	CWE-94 Code Injection	CVE-2010-1252	2018-10-13 06:57	2010-06-9	Show	GitHub Exploit DB Packet Storm

343349	9.3	HIGH	microsoft	excel office open_xml_file_format_converter office_compatibility_pack	Microsoft Office Excel 2002 SP3, 2007 SP1, and SP2; Office 2004 for mac; Office 2008 for Mac; Open XML File Format Converter for Mac; and Office Compatibility Pack for Word, Excel, and PowerPoint 200…	CWE-94 Code Injection	CVE-2010-1253	2018-10-13 06:57	2010-06-9	Show	GitHub Exploit DB Packet Storm

343350	6.9	MEDIUM	microsoft	open_xml_file_format_converter	The installation for Microsoft Open XML File Format Converter for Mac sets insecure ACLs for the /Applications folder, which allows local users to execute arbitrary code by replacing the executable w…	CWE-264 Permissions, Privileges, and Access Controls	CVE-2010-1254	2018-10-13 06:57	2010-06-9	Show	GitHub Exploit DB Packet Storm