Vulnerability Search Top

Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

Vulnerability Information Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":Feb. 9, 2026, 12:59 p.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
227561	5	警告	walter beschmout	-	Walter Beschmout PhpQuiz の back/upload_img.php などにおける任意の PHP コードをアップロードされる脆弱性	-	CVE-2006-4977	2012-12-20 18:02	2006-09-24	Show	GitHub Exploit DB Packet Storm

227562	2.6	注意	Yahoo!	-	WAP 用の Yahoo! Messenger における任意の Web スクリプトまたは HTML を挿入される脆弱性	-	CVE-2006-4975	2012-12-20 18:02	2006-09-24	Show	GitHub Exploit DB Packet Storm

227563	7.5	危険	wahm e-commerce	-	WAHM E-Commerce Pie Cart Pro の enc/content.php における PHP リモートファイルインクルージョンの脆弱性	-	CVE-2006-4970	2012-12-20 18:02	2006-09-24	Show	GitHub Exploit DB Packet Storm

227564	7.5	危険	wahm e-commerce	-	WAHM E-Commerce Pie Cart Pro における PHP リモートファイルインクルージョンの脆弱性	-	CVE-2006-4969	2012-12-20 18:02	2006-09-24	Show	GitHub Exploit DB Packet Storm

227565	7.5	危険	postnuke software foundation	-	PNphpBB の includes/functions_admin.php における PHP リモートファイルインクルージョンの脆弱性	-	CVE-2006-4968	2012-12-20 18:02	2006-09-24	Show	GitHub Exploit DB Packet Storm

227566	5	警告	サン・マイクロシステムズ	-	SSGD におけるホスト名などを含む重要な情報を取得される脆弱性	-	CVE-2006-4959	2012-12-20 18:02	2006-09-23	Show	GitHub Exploit DB Packet Storm

227567	6.8	警告	サン・マイクロシステムズ	-	SSGD におけるクロスサイトスクリプティングの脆弱性	-	CVE-2006-4958	2012-12-20 18:02	2006-09-23	Show	GitHub Exploit DB Packet Storm

227568	7.5	危険	the myreview system	-	MyReview の functions.php における SQL インジェクションの脆弱性	-	CVE-2006-4957	2012-12-20 18:02	2006-09-23	Show	GitHub Exploit DB Packet Storm

227569	7.5	危険	prosysinfo	-	ProSysInfo TFTP Server TFTPDWIN の tftpd.exe におけるスタックベースのバッファオーバーフローの脆弱性	-	CVE-2006-4948	2012-12-20 18:02	2006-09-22	Show	GitHub Exploit DB Packet Storm

227570	4.6	警告	シマンテック	-	Symantec AntiVirus などの製品で使用される NAVENG などのデバイスドライバにおける権限を取得される脆弱性	-	CVE-2006-4927	2012-12-20 18:02	2006-10-4	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:April 25, 2026, 4:08 a.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
211771	5.9	MEDIUM Network	php	php	main/php_open_temporary_file.c in PHP before 5.5.28 and 5.6.x before 5.6.12 does not ensure thread safety, which allows remote attackers to cause a denial of service (race condition and heap memory c…	CWE-119 CWE-362 Incorrect Access of Indexable Resource ('Range Error') Race Condition	CVE-2015-8878	2024-11-21 11:39	2016-05-22	Show	GitHub Exploit DB Packet Storm

211772	7.5	HIGH Network	libgd php	libgd php	The gdImageScaleTwoPass function in gd_interpolation.c in the GD Graphics Library (aka libgd) before 2.2.0, as used in PHP before 5.6.12, uses inconsistent allocate and free approaches, which allows …	CWE-399 Resource Management Errors	CVE-2015-8877	2024-11-21 11:39	2016-05-22	Show	GitHub Exploit DB Packet Storm

211773	9.8	CRITICAL Network	php	php	Zend/zend_exceptions.c in PHP before 5.4.44, 5.5.x before 5.5.28, and 5.6.x before 5.6.12 does not validate certain Exception objects, which allows remote attackers to cause a denial of service (NULL…	NVD-CWE-Other	CVE-2015-8876	2024-11-21 11:39	2016-05-22	Show	GitHub Exploit DB Packet Storm

211774	7.5	HIGH Network	php canonical	php ubuntu_linux	The openssl_random_pseudo_bytes function in ext/openssl/openssl.c in PHP before 5.4.44, 5.5.x before 5.5.28, and 5.6.x before 5.6.12 incorrectly relies on the deprecated RAND_pseudo_bytes function, w…	CWE-310 Cryptographic Issues	CVE-2015-8867	2024-11-21 11:39	2016-05-22	Show	GitHub Exploit DB Packet Storm

211775	9.6	CRITICAL Network	php canonical suse opensuse	php ubuntu_linux linux_enterprise_software_development_kit linux_enterprise_module_for_web_scripting leap opensuse	ext/libxml/libxml.c in PHP before 5.5.22 and 5.6.x before 5.6.6, when PHP-FPM is used, does not isolate each thread from libxml_disable_entity_loader changes in other threads, which allows remote att…	CWE-611 XXE	CVE-2015-8866	2024-11-21 11:39	2016-05-22	Show	GitHub Exploit DB Packet Storm

211776	6.1	MEDIUM Network	wordpress	wordpress	Cross-site scripting (XSS) vulnerability in wp-includes/wp-db.php in WordPress before 4.2.2 allows remote attackers to inject arbitrary web script or HTML via a long comment that is improperly stored…	CWE-79 Cross-site Scripting	CVE-2015-8834	2024-11-21 11:39	2016-05-22	Show	GitHub Exploit DB Packet Storm

211777	7.3	HIGH Local	php apple	php mac_os_x	The file_check_mem function in funcs.c in file before 5.23, as used in the Fileinfo component in PHP before 5.5.34, 5.6.x before 5.6.20, and 7.x before 7.0.5, mishandles continuation-level jumps, whi…	CWE-119 Incorrect Access of Indexable Resource ('Range Error')	CVE-2015-8865	2024-11-21 11:39	2016-05-20	Show	GitHub Exploit DB Packet Storm

211778	7.5	HIGH Network	opensuse php	leap php	Stack consumption vulnerability in GD in PHP before 5.6.12 allows remote attackers to cause a denial of service via a crafted imagefilltoborder call.	CWE-119 Incorrect Access of Indexable Resource ('Range Error')	CVE-2015-8874	2024-11-21 11:39	2016-05-16	Show	GitHub Exploit DB Packet Storm

211779	7.5	HIGH Network	php opensuse	php leap	Stack consumption vulnerability in Zend/zend_exceptions.c in PHP before 5.4.44, 5.5.x before 5.5.28, and 5.6.x before 5.6.12 allows remote attackers to cause a denial of service (segmentation fault) …	CWE-20 Improper Input Validation	CVE-2015-8873	2024-11-21 11:39	2016-05-16	Show	GitHub Exploit DB Packet Storm

211780	5.9	MEDIUM Network	php	php	ext/mysqlnd/mysqlnd.c in PHP before 5.4.43, 5.5.x before 5.5.27, and 5.6.x before 5.6.11 uses a client SSL option to mean that SSL is optional, which allows man-in-the-middle attackers to spoof serve…	CWE-284 Improper Access Control	CVE-2015-8838	2024-11-21 11:39	2016-05-16	Show	GitHub Exploit DB Packet Storm